home

DynConIE.dll

FriendsChecker LLC

The module DynConIE.dll by FriendsChecker has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘FriendsChecker’.
Publisher:
FriendsChecker  (signed by FriendsChecker LLC)

Product:
FriendsChecker

Version:
2.1.27

MD5:
013fb9a6b25746aa49228b33dd1a4e6b

SHA-1:
0d7ccdea0d86e27224df71ae89f88209bec79f08

SHA-256:
d44f38720780775a443f2f79405e78f35c00dcb8e173f8eccd5ab139c1aad98e

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/5/2024 7:05:20 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.7.28.10

File size:
195.6 KB (200,256 bytes)

Product version:
2.1.27

Copyright:
FriendsChecker

Original file name:
DynConIE.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\friendschecker\dynconie\dynconie.dll

Digital Signature
Signed by:
FriendsChecker LLC

Authority:
GoDaddy.com, Inc.

Valid from:
3/19/2011 1:29:57 PM

Valid to:
3/18/2012 11:50:39 AM

Subject:
CN=FriendsChecker LLC, O=FriendsChecker LLC, L=Wilmington, S=DE, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
07C90A416C66BC

Registration
CLSID:
{FED6A736-129B-49C7-857E-25FC91E87DB3}

ProgID:
DynConIE.DynConIEObject.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
4/6/2011 8:48:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:eZKu4oVW+GsWYC8CsImEo0H/f1+tmPypdFImzzZ5kgLLxOwQ/BUmsLxtizfh:eD42W+Gsa8/Eo0ngtmPypTXg1

Entry address:
0x11799

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 91, 63, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B, C9, 0B, C1, 59, E9, 3A, C9, FF, FF, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 07, 03, C1, 1B, C9, 0B, C1, 59, E9, 24, C9, FF, FF, B8, 88, 86, 01, 10, A3, 38, AB, 02, 10, C7, 05, 3C, AB, 02, 10, 6F, 7D, 01, 10, C7, 05, 40, AB, 02, 10, 23, 7D, 01, 10, C7, 05, 44, AB, 02, 10, 5C, 7D, 01, 10, C7, 05, 48, AB, 02...
 
[+]

Entropy:
6.5659

Code size:
126 KB (129,024 bytes)

Internet Explorer BHO
Display name:
FriendsChecker

CLSID:
{FED6A736-129B-49C7-857E-25FC91E87DB3}


Remove DynConIE.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.