Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1.8.11.0 4.00%
1.8.3.0 40.00%
1.8.0.0 4.00%
1.6.9.0 44.00%
1.6.3.0 4.00%
1.4.15.0 4.00%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegEnumKeyExA, GetTokenInformation, RegEnumValueA, ConvertSidToStringSidA, RegQueryValueExA, RegQueryInfoKeyA, RegQueryInfoKeyW, RegDeleteValueA, RegGetKeySecurity, RegSetValueExA, RegCloseKey, RegDeleteKeyA, RegCreateKeyExA, RegOpenKeyExA, RegOpenKeyA, RegSetKeySecurity, OpenProcessToken
gdi32.dll
SelectObject, GetStockObject, GetObjectA, CreateSolidBrush, GetDeviceCaps, BitBlt, CreateCompatibleDC, CreateCompatibleBitmap, DeleteDC, DeleteObject
kernel32.dll
GetTickCount, RaiseException, EnterCriticalSection, LeaveCriticalSection, lstrcmpiA, IsDBCSLeadByte, Sleep, CreateThread, CreateEventA, GetModuleHandleW, SetEvent, ExitProcess, FreeLibrary, FindResourceA, LoadLibraryExA, GetCommandLineA, FlushInstructionCache, GetCurrentProcess, SetLastError, LoadLibraryA, LocalAlloc, LocalFree, SetFilePointer, CreateDirectoryA, GetTempPathA, MoveFileExA, GetTempFileNameA, InitializeCriticalSection, GlobalUnlock, GlobalLock, GlobalAlloc, lstrcmpA, MulDiv, ReleaseMutex, ResetEvent, CreateMutexA, GetVersionExA, GetEnvironmentVariableA, SetEnvironmentVariableA, WideCharToMultiByte, CloseHandle, CompareStringW, CreateFileW, GetModuleHandleExA, FlushFileBuffers, SetStdHandle, LoadLibraryW, LCMapStringW, GetConsoleMode, GetConsoleCP, GetStringTypeW, GetCurrentProcessId, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, GetModuleFileNameW, GetStdHandle, GetTimeZoneInformation, TerminateProcess, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, HeapCreate, GetSystemTimeAsFileTime, GetStartupInfoW, HeapSetInformation, VirtualQuery, GetSystemInfo, VirtualProtect, GetDateFormatA, GetTimeFormatA, RtlUnwind, EncodePointer, DecodePointer, InterlockedPopEntrySList, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, InterlockedPushEntrySList, InterlockedCompareExchange, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, GetModuleFileNameA, GetCurrentThreadId, lstrlenA, InterlockedIncrement, InitializeCriticalSectionAndSpinCount, WaitForSingleObject, GetFileTime, InterlockedDecrement, lstrlenW, MultiByteToWideChar, FileTimeToLocalFileTime, GetModuleHandleA, GetProcAddress, CreateFileA, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, DeleteCriticalSection, GetLastError, FileTimeToSystemTime, WriteConsoleW, HeapDestroy, WriteFile, OutputDebugStringA
ole32.dll
CoRegisterClassObject, OleInitialize, OleRun, CoCreateInstance, CLSIDFromProgID, CLSIDFromString, CoTaskMemFree, StringFromCLSID, CoTaskMemAlloc, CoTaskMemRealloc, CoInitialize, CoUninitialize, CoRevokeClassObject, OleUninitialize, CoCreateGuid, StringFromGUID2, CoAddRefServerProcess, CoReleaseServerProcess, CoInitializeEx, CreateStreamOnHGlobal, OleLockRunning, CoGetClassObject
sensapi.dll
IsNetworkAlive
shell32.dll
SHGetSpecialFolderPathA, SHGetFileInfoA, Shell_NotifyIconA, SHGetSpecialFolderPathW, ShellExecuteExA, ShellExecuteA
shlwapi.dll
PathAppendA, PathRenameExtensionA, PathFindFileNameA, PathFindExtensionA, StrStrW, SHSetValueA, PathIsURLW, PathRemoveFileSpecA, PathAddBackslashA, StrToIntW, SHGetValueA
user32.dll
CharUpperA, GetMessageA, UnhookWindowsHookEx, CallNextHookEx, GetDlgItem, SetForegroundWindow, SetFocus, SetWindowsHookExA, SetTimer, IsWindow, SendMessageA, UnregisterClassA, KillTimer, SendInput, ShowWindow, CharNextA, LoadIconA, TranslateMessage, GetParent, MsgWaitForMultipleObjects, PeekMessageA, GetWindowTextLengthA, GetWindowTextA, CreateAcceleratorTableA, DestroyAcceleratorTable, GetDesktopWindow, GetFocus, GetWindow, BeginPaint, EndPaint, FillRect, ReleaseCapture, GetClassNameA, PostThreadMessageA, IsChild, SetCapture, RedrawWindow, InvalidateRgn, InvalidateRect, ReleaseDC, GetDC, ScreenToClient, ClientToScreen, GetClientRect, MoveWindow, GetSysColor, RegisterWindowMessageA, PostQuitMessage, CreateWindowExA, RegisterClassExA, CallWindowProcA, GetWindowLongA, DefWindowProcA, LoadCursorA, GetClassInfoExA, SetWindowLongA, SetWindowTextA, DestroyWindow, SetWindowPos, CharNextW, DispatchMessageA

babylontoolbarsrv.exe

Babylon Toolbar by Babylon Ltd. (Signed)

Remove babylontoolbarsrv.exe
Version:   1.4.15.0
MD5:   df21c6f3df9d3ff3b65dcf0f022390ab
SHA1:   fe8e0324094acccfb6273cd0737e62bfe11bf10e
SHA256:   72f7ab75ac8da3a3dafb953c04bf8ac6621bd3675e2eae2c100caa1ff9997f6b
Warning 3 antivirus scanners has detected malware.

What is babylontoolbarsrv.exe?

Babylon Toolbar is a web browser add-on that allows you to get quick translations and definitions directly from your web browser. Babylon Toolbar and web search are the core features of this program. Babylon Toolbar toolbar comes bundled with other software, usually shareware. or can be downloaded from the official Babylon website. It also comes bundled with CNET's software downloader and there are several other popular download sites that distribute this toolbar through bundled installations.

About babylontoolbarsrv.exe (from Babylon Ltd.)

Babylon is the world's leading provider of language solutions, such as online and offline dictionary and translation software in over 75 languages in one simple click and is being used by millions of

DetailsDetails

File name:babylontoolbarsrv.exe
Publisher:Babylon Ltd.
Product name:Babylon Toolbar
Typical file path:C:\Program Files\babylontoolbar\babylontoolbar\1.6.4.6\babylontoolbarsrv.exe
File version:1.4.15.0
Size:280 KB (286,720 bytes)
Certificate
Issued to:Babylon Ltd.
Authority (CA):Thawte
Expiration date:Wednesday, September 3, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Babylon toolbar
 Babylon Ltd
  80% remove
Babylon Toolbar is a web browser plugin that allows you to get language translations and definitions through an installed web browser toolbar. Typically, the Babylon Toolbar comes bundled with other software, usually freeware and shareware. Before installing the toolbar, users have to agree to end user software agreement and accept all the changes that will be made during the installation. This web browser toolbar can change the default...
Network connections
  • [UDP] listens on port 50509

    • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
    Antivirus engineEngine versionDetection
    ESET NOD32 7.9045 a variant of Win32/Toolbar.Montiera.A
    Malwarebytes 1.75.0.1 PUP.Optional.BabylonToolBar.A
    Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0826

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00242990%
    0.028634%
    Kernel CPU:0.00152848%
    0.013761%
    User CPU:0.00090141%
    0.014873%
    Kernel CPU time:78 ms/min
    100,923,805ms/min
    Context switches:1/sec
    284/sec
    Memory
    Private memory:7.41 MB
    21.59 MB
    Private (maximum):19.85 MB
    Private (minimum):19.6 MB
    Non-paged memory:7.41 MB
    21.59 MB
    Virtual memory:166.08 MB
    140.96 MB
    Virtual memory (peak):186.34 MB
    169.69 MB
    Working set:19.6 MB
    18.61 MB
    Working set (peak):21.05 MB
    37.95 MB
    Resource allocations
    Threads:10
    12
    Handles:294
    600
    GUI GDI count:13
    103
    GUI GDI peak:14
    142
    GUI USER count:18
    49
    GUI USER peak:25
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:64-bit
    Command line:"C:\Program Files\babylontoolbar\babylontoolbar\1.4.15.10\babylontoolbarsrv.exe" /md i
    Owner:User

    ResourcesThreads

    Averages
     
    BabylonToolbarsrv.exe (main module)
    Total CPU:0.01383510%
    0.272967%
    Kernel CPU:0.00922340%
    0.107585%
    User CPU:0.00461170%
    0.165382%
    CPU cycles:598,125/sec
    5,741,424/sec
    Context switches:1/sec
    79/sec
    Memory:288 KB
    1.16 MB
    wow64.dll (Win32 Emulation on NT64 by Microsoft)
    Total CPU:0.00234242%
    Kernel CPU:0.00000000%
    User CPU:0.00234242%
    CPU cycles:71,251/sec
    Memory:252 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Ultimate N 50.00%
    Microsoft Windows XP 50.00%

    Distribution by countryDistribution by country

    Netherlands installs about 100.00% of Babylon Toolbar.
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE