WEB.DE_MailCheck_Broker.exe

WEB.DE MailCheck für Internet Explorer

1&1 Mail & Media GmbH

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MailCheck IE Broker’. This file is installed with the program WEB.DE MailCheck für Internet Explorer.
Publisher:
1und1 Mail und Media GmbH  (signed by 1&1 Mail & Media GmbH)

Product:
WEB.DE MailCheck für Internet Explorer

Description:
WEB.DE MailCheck Dienst

Version:
2.4.0.0

MD5:
532330bcf21bb4d13e990e17b759df2d

SHA-1:
d2fd048453c11862a0d3c933a8718ffc76145ccd

SHA-256:
2f7e33807247a2cdff904a00c5ae188a5c66146ff7103f5c169026c4a2a72196

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/24/2024 4:24:25 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Win32.Virut.Y
8.14.04.20.09

File size:
1.7 MB (1,766,464 bytes)

Product version:
2.4.0.0

Copyright:
© 1&1 Mail & Media GmbH. Alle Rechte vorbehalten.

Original file name:
WEB.DE_MailCheck_Broker.exe

File type:
Executable application (Win32 EXE)

Language:
German (Germany)

Common path:
C:\Program Files\web.de mailcheck\ie\web.de_mailcheck_broker.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
10/16/2013 2:00:00 AM

Valid to:
10/25/2016 1:59:59 AM

Subject:
CN=1&1 Mail & Media GmbH, OU=WEB.DE, O=1&1 Mail & Media GmbH, L=Montabaur, S=Rheinland-Pfalz, C=DE

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
75666A569980B5C13E2BBA81CC81FF7B

File PE Metadata
Compilation timestamp:
10/16/2013 11:45:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:HgQng1b00Oxzp5WhSxcm1sKK3uKejuNK1:HJncczpbx7sN+ONy

Entry address:
0xE3A5B

Entry point:
E8, 8A, 90, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 8B, D0, 66, 8B, 08, 83, C0, 02, 66, 85, C9, 75, F5, 66, 8B, 4D, 0C, 83, E8, 02, 3B, C2, 74, 05, 66, 39, 08, 75, F4, 66, 39, 08, 74, 02, 33, C0, 5D, C3, 8B, FF, 55, 8B, EC, 83, 7D, 10, 00, 75, 04, 33, C0, 5D, C3, 8B, 55, 0C, 8B, 4D, 08, FF, 4D, 10, 74, 15, 0F, B7, 01, 66, 85, C0, 74, 0D, 66, 3B, 02, 75, 08, 83, C1, 02, 83, C2, 02, EB, E6, 0F, B7, 01, 0F, B7, 0A, 2B, C1, 5D, C3, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 57, 85, F6, 74, 07, 8B...
 
[+]

Code size:
1.2 MB (1,244,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MailCheck IE Broker

Command:
"C:\Program Files\web.de mailcheck\ie\web.de_mailcheck_broker.exe"


The file WEB.DE_MailCheck_Broker.exe has been discovered within the following program.

WEB.DE MailCheck für Internet Explorer  by 1&1 Mail & Media Inc.
Publisher's description - “No matter where you are on the Internet on the go - the practical Mailcheck you informed directly in Internet Explorer 9 on new incoming emails. With just one click, you are back in your mailbox and have immediate access to your inbox and features all of your mailbox.”
go.web.de/tb/ie_productpage
19% remove it
 
Powered by Should I Remove It?

Scan WEB.DE_MailCheck_Broker.exe - Powered by Reason Core Security