babylontoolbarsrv.exe
Babylon Toolbar by Babylon Ltd. (Signed)
Warning 14 antivirus scanners has detected malware in various versions of babylontoolbarsrv.exe.
Overview
There are 6 versions of babylontoolbarsrv.exe in the wild, the latest version being 1.8.11.0. babylontoolbarsrv.exe is run as a standard windows process with the logged in user's account privileges. During installation, a run registry key for all users is added that will cause the program to run each time any user logs on to Windows. The average file size is about 352.95 KB. The file is a digitally signed and issued to Babylon Ltd. by Thawte. Numerous variations of babylontoolbarsrv.exe have been installed with both Babylon toolbar and Babylon toolbar on IE. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 1.95 MB with the maximum memory reaching around 3.95 MB and typical read I/O operations are around 40 Bytes per minute.
What is babylontoolbarsrv.exe?
Babylon Toolbar is a web browser add-on that allows you to get quick translations and definitions directly from your web browser. Babylon Toolbar and web search are the core features of this program. Babylon Toolbar toolbar comes bundled with other software, usually shareware. or can be downloaded from the official Babylon website. It also comes bundled with CNET's software downloader and there are several other popular download sites that distribute this toolbar through bundled installations.
About babylontoolbarsrv.exe (from Babylon Ltd.)
“Babylon is the world's leading provider of language solutions, such as online and offline dictionary and translation software in over 75 languages in one simple click and is being used by millions of ”
 Details
|
| File name: | babylontoolbarsrv.exe |
| Publisher: | Babylon Ltd. |
| Product name: | Babylon Toolbar |
| Typical file path: | C:\Program Files\babylontoolbar\babylontoolbar\1.6.4.6\babylontoolbarsrv.exe |
| Certificate |
| Issued to: | Babylon Ltd. |
| Authority (CA): | Thawte |
| Expiration date: | Wednesday, September 3, 2014 |
Programs installed in
(Note, the programs listed below are for all versions of Babylon Toolbar.)
Babylon Toolbar from Babylon Ltd is a web browser plugin that allows you to get language translations and definitions through an installed web browser toolbar. Typically, the Babylon Toolbar comes bun...
Babylon Toolbar from Babylon Ltd is a web browser plugin that allows you to get language translations and definitions through an installed web browser toolbar. Typically, the Babylon Toolbar comes bun...
Behaviors
(Note, the behaviors below are for all versions of babylontoolbarsrv.exe, select a unique version for details.)
Startup files (all users) run
Runs under the registry key 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'BabylonToolbar' → "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe" /md I
Malware detections
Based on 40+ industry antivirus scanners, 14 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| CAT Quick Heal |
4.13.12.00 |
(Suspicious) - DNAScan |
1.8.0.0 |
| ESET NOD32 |
7.7505 |
probably a variant of Win32/Toolbar.Babylon |
1.6.3.0 |
| ESET NOD32 |
7.7870 |
probably a variant of Win32/Toolbar.Babylon |
1.6.9.0 |
| ESET NOD32 |
7.7780 |
probably a variant of Win32/Toolbar.Babylon |
1.8.3.0 |
| ESET NOD32 |
7.9045 |
a variant of Win32/Toolbar.Montiera.A |
1.4.15.0 |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.BabylonToolBar.A |
1.4.15.0 |
| SUPERAntiSpyware |
5.50.0.1016 |
PUP.BabylonToolbar |
1.6.3.0 |
| SUPERAntiSpyware |
5.6.0.1008 |
PUP.BabylonToolbar |
1.6.9.0 |
| SUPERAntiSpyware |
5.6.0.1008 |
PUP.BabylonToolbar |
1.8.3.0 |
| SUPERAntiSpyware |
5.6.0.1008 |
PUP.BabylonToolbar |
1.8.11.0 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0808 |
1.6.3.0 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0824 |
1.6.9.0 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V1017 |
1.8.3.0 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0826 |
1.4.15.0 |
All file variations of babylontoolbarsrv.exe
