home

utorrentcontrol2autoupdatehelper.exe

ToolbarH Application

Conduit Ltd.

The file belongs to the Conduit API platform, a utility that bundles and monetizes search toolbars and web browser extensions. The application utorrentcontrol2autoupdatehelper.exe, “ToolbarH Application” by Conduit has been detected as a potentially unwanted program by 3 anti-malware scanners. Additionally, the file is typically installed by a number of programs including uTorrentBar Toolbar by Conduit Ltd. and FileConverter 1.3 Toolbar by Conduit Ltd., both potentially unwanted software.
Publisher:
Conduit Ltd.  (signed and verified)

Product:
ToolbarH Application

Description:
ToolbarH Application

Version:
1, 0, 1, 0

MD5:
da11d78d765e4b8fa4cfa5a37e8a94ff

SHA-1:
e5ad99ce7c7362ca566156033ecb0f04f9437ca7

SHA-256:
e152f6b71f0ea5825e243910d2f12f7493cb358833aa3be83c8502f1f17a9b30

Scanner detections:
3 / 68

Status:
Potentially unwanted

Explanation:
This component is distributed and installed with the Conduit Toolbar platform.

Analysis date:
11/30/2024 6:59:50 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Toolbar.Conduit
8.9281

Panda Antivirus
Adware/Conduit
14.01.21.10

Reason Heuristics
PUP.ToolbarHApplication.Conduit.a
14.8.7.22

File size:
64.3 KB (65,832 bytes)

Product version:
1, 0, 1, 0

Copyright:
Copyright (C) 2009

Original file name:
ToolbarH.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Application data\conduit\ct3072253\utorrentcontrol2autoupdatehelper.exe

Digital Signature
Signed by:
Conduit Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/17/2010 3:00:00 AM

Valid to:
3/30/2013 2:59:59 AM

Subject:
CN=Conduit Ltd., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Conduit Ltd., S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3736DA15AF647632CCE61CD41B6577DD

File PE Metadata
Compilation timestamp:
1/9/2011 2:17:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
9.0

CTPH (ssdeep):
768:MFlitnd/W0NhQPQVbv+zBe8Tcr+BR2xSS4Tf9GwTryQunOQS5wOROLh6bCg/ib:8i37VbvT8Tcr3VwSnOQSqOROgCg/ib

Entry address:
0x1AAB

Entry point:
E8, 09, 40, 00, 00, E9, A4, FE, FF, FF, 2D, A4, 03, 00, 00, 74, 22, 83, E8, 04, 74, 17, 83, E8, 0D, 74, 0C, 48, 74, 03, 33, C0, C3, B8, 04, 04, 00, 00, C3, B8, 12, 04, 00, 00, C3, B8, 04, 08, 00, 00, C3, B8, 11, 04, 00, 00, C3, 8B, FF, 56, 57, 8B, F0, 68, 01, 01, 00, 00, 33, FF, 8D, 46, 1C, 57, 50, E8, 55, 40, 00, 00, 33, C0, 0F, B7, C8, 8B, C1, 89, 7E, 04, 89, 7E, 08, 89, 7E, 0C, C1, E1, 10, 0B, C1, 8D, 7E, 10, AB, AB, AB, B9, 10, F0, 40, 00, 83, C4, 0C, 8D, 46, 1C, 2B, CE, BF, 01, 01, 00, 00, 8A, 14, 01...
 
[+]

Entropy:
6.3965

Code size:
40.5 KB (41,472 bytes)

The file utorrentcontrol2autoupdatehelper.exe has been discovered within the following programs.

appbario2 Toolbar  by Conduit Ltd.
Installs a Conduit toolbar in your Web browser that collects and stores information about your web browsing habits and sends this information to Conduit so they can suggest services or provide ads via the toolbar.
appbario2.Toolbar.fm
83% remove it
Ashampoo US Toolbar  by Ashampoo GmbH & Co. KG
Publisher's description - “Test your internet connection speed with this unique app. Free Anti-Malware system scan to protect our computer. Customize your news feeds into one with this amazing news app.”
AshampooUS.OurToolbar.com
75% remove it
DVDVideoSoftTB Toolbar  by DVDVideoSoft Ltd.
The DVDVideoSoftTB Toolbar for Intenet Explorer and Firefox is a Conduit OurToolbar Community smartbar.
DVDVideoSoftTB.OurToolbar.com
71% remove it
express-files Toolbar  by express-files
Installs a Conduit OurToolbar, a browser toolbar in a users Web browser (IE, Chrome and Firefox) that collects and stores information about your web browsing and sends this information to OurToolbar so they can suggest services or provide ads via the toolbar.
expressfiles.OurToolbar.com
66% remove it
FileConverter 1.3 Toolbar  by Conduit Ltd.
FileConverter 1.3 Toolbar is a Conduit powered OurToolbar for Internet Explorer, Chrome and Firefox web browsers.
FileConverter13.OurToolbar.com
64% remove it
Live TV Toolbar  by Live TV
Live TV Toolbar is a web browser plugin and toolbar for Internet Explorer, Firefox and Chrome which provides generic toolbar functionality such as search as well as allows for searching for and finding streaming TV stations online.
LiveTVToolbar.Media-Toolbar.com
61% remove it
Softonic-Austria_ Toolbar  by Softonic International S.L.
Softonic toolbar on IE and Chrome is a web browser toolbar specificaly for Internet Explorer and Google Chrome that provides generic toolbar functionality including search features (to a Softonic branded affiliate search result page) and various social media integration features.
SoftonicAustriaToolbar.OurToolbar.com
64% remove it
TV Bar 2 Toolbar  by Conduit Ltd.
TV Bar 2 Toolbar is a Conduit powered OurToolbar in within Internet Explorer, Chrome or the Firefox Web browsers.
TVBar2.Toolbar.fm
68% remove it
uTorrentBar Toolbar  by Conduit Ltd.
This toolbar is typiclaly bundled with the installation of the uTorrent during the initial install. uTorrentBar Toolbar is a Conduit toolbar (OurToolbar Community) for Intenet Explorer and Firefox.
uTorrentBar.OurToolbar.com
88% remove it
WiseConvert 1.5 Toolbar  by WiseConvert
Installation of this occures during the install process of WiseConvert and the toolbar is a Conduit toolbar (OurToolbar Community) for Intenet Explorer and Firefox.
WiseConvert15.OurToolbar.com
67% remove it
 
Latest 20 of 11 programs
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to a72-246-97-16.deploy.akamaitechnologies.com  (72.246.97.16:80)

TCP (HTTP):
Connects to a92-123-180-10.deploy.akamaitechnologies.com  (92.123.180.10:80)

TCP (HTTP):
Connects to a23-15-4-17.deploy.static.akamaitechnologies.com  (23.15.4.17:80)

TCP (HTTP):
Connects to 154.120.216.8.liquidtelecom.net  (154.120.216.8:80)

Remove utorrentcontrol2autoupdatehelper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.