Updater.exe

Updater Module

FriendsChecker LLC

The application Updater.exe by FriendsChecker has been detected as adware by 6 anti-malware scanners. This file is typically installed with the program FriendsChecker by GenTechnologies Apps LLC which is a potentially unwanted software program.
Publisher:
FriendsChecker LLC  (signed and verified)

Product:
Updater Module

Version:
1, 0, 0, 1

MD5:
904d5c65f67d7c0c019f00f226ac1ff9

SHA-1:
a343300e7b3fd8e88310954721593b89876f45df

SHA-256:
a63d47f38d8adf6c699e2b365fe14afb41b4a026c9f5698434e5edb535a385ca

Scanner detections:
6 / 68

Status:
Adware

Analysis date:
11/23/2024 11:45:59 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Agent.128512.14
7.11.102.20

Comodo Security
Heur.Suspicious
16923

Norman
Malware
11.20141212

Reason Heuristics
PUP.FriendsChecker.H
14.12.12.21

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.0

VIPRE Antivirus
FriendsChecker
21400

File size:
131.1 KB (134,208 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright 2011

Original file name:
Updater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\friendschecker\updater\updater.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
3/19/2011 12:29:57 PM

Valid to:
3/18/2012 10:50:39 AM

Subject:
CN=FriendsChecker LLC, O=FriendsChecker LLC, L=Wilmington, S=DE, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
07C90A416C66BC

File PE Metadata
Compilation timestamp:
2/21/2011 10:49:18 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:Eq2o9VYkHp5wi1IzLWwWq7m0tF5HRRCzq9IO0:Eq2ojYkHp5XCLcq7ma/zJ0

Entry address:
0xAEDD

Entry point:
E8, AC, 4E, 00, 00, E9, 79, FE, FF, FF, CC, 68, 90, A9, 40, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 68, B2, 41, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 51, 8D, 4C, 24, 08, 2B, C8, 83, E1, 0F, 03, C1, 1B...
 
[+]

Entropy:
6.3643

Code size:
88 KB (90,112 bytes)

The file Updater.exe has been discovered within the following program.

FriendsChecker  by GenTechnologies Apps LLC
FriendsChecker installs as a web browser plugin for Internet Explorer and FireFox. It is designed to check to see what facebook friends have defreinded you. It does this by polling facebook with your profile details to see changes in your friends list.
www.friendschecker.com
69% remove it
 
Powered by Should I Remove It?

Remove Updater.exe - Powered by Reason Core Security