home

flv player addon-bg.exe

FLV Player Addon

Nero

The application flv player addon-bg.exe, “FLV Player Addon exe” has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program FLV Player Addon by Sailor Project which is a potentially unwanted software program. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. While running, it connects to the Internet address hwcdn.net on port 80 using the HTTP protocol.
Publisher:
Nero

Product:
FLV Player Addon

Description:
FLV Player Addon exe

Version:
1000.1000.1000.1000

MD5:
36949138964bc7073d62ba1dd7fabeab

SHA-1:
efc214f027c1866c81e0bc3db30892f7ed556066

SHA-256:
949087c002c9fb24f6f43619d44f917c7676b6ec931e886a7b8327d4b5668a22

Scanner detections:
8 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:
11/5/2024 11:48:47 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.MulDrop
14.03.16

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14316

ESET NOD32
Win32/Toolbar.CrossRider.AA (variant)
8.9546

herdProtect (fuzzy)
variant of weather it up-bg.exe (Adware)
2014.4.25.9

Malwarebytes
PUP.Optional.WeatherItUp.A
v2014.03.16.05

Reason Heuristics
PUP.Crossrider.Nero.T
14.3.16.5

Trend Micro House Call
TROJ_GEN.F47V0310
7.2.75

VIPRE Antivirus
Crossrider
27404

File size:
792 KB (811,008 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
FLV Player Addon.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\flv player addon\flv player addon-bg.exe

File PE Metadata
Compilation timestamp:
3/10/2014 10:06:20 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:toV21Yx+G4Yg/0I9Xx5oFBgRMoR8L8YvwIGWScMMScG3qX2KtHeYSPcx5UEbGTri:toV21c+GG8giLJyccbTJHkN

Entry address:
0x77877

Entry point:
E8, 90, B2, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, F4, 4B, 00, E8, 73, 01, 00, 00, E8, 10, 13, 00, 00, 0F, B7, F0, 6A, 02, E8, 23, B2, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, A8, 11, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4307

Code size:
626 KB (641,024 bytes)

The file flv player addon-bg.exe has been discovered within the following program.

FLV Player Addon  by Sailor Project
FLV Player Addon is an ad-supported (also known as adware) web browser plugin that displays advertisements such as coupon ads in the browser that are displayed on web pages that are not associated with the plugin or would not otherwise appear.
87% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to hwcdn.net  (69.16.175.42:80)

TCP (HTTP):
Connects to ip-50-63-202-52.ip.secureserver.net  (50.63.202.52:80)

TCP (HTTP):
Connects to 125.235.4.59.adsl.viettel.vn  (125.235.4.59:80)

TCP (HTTP):
Connects to ip-50-63-202-33.ip.secureserver.net  (50.63.202.33:80)

Remove flv player addon-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.