home

autoupdater.exe

autoupdater

Agence Exclusive

This is part of the Eorezo downloader which may bundle additional offers on the PC, mostly adware and other potentially unwanted software. The application autoupdater.exe by Agence Exclusive has been detected as a potentially unwanted program by 17 anti-malware scanners. This browser extension displays targeted advertising by monitoring the URLs viewed in the web browser.
Publisher:
PCTuto  (signed by Agence Exclusive)

Product:
autoupdater

Version:
2.0.0.0

MD5:
27870bddde2bb30c134247512d8a6156

SHA-1:
260b8e42b97aaa573a07d1b8c15bdfa508812fb2

SHA-256:
688f9ee380cf44dab815c5e768ea6c42375c4ce5acf53820fb71487f595ae6cf

Scanner detections:
17 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:26:22 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Adware
7.1.1

Avira AntiVirus
Adware/EoRezo.E
7.11.183.186

avast!
Win32:Eorezo-BH [Adw]
2014.9-150409

AVG
MalSign.Adware
2015.0.3520

Baidu Antivirus
AdWare.Win32.EoRezo
4.0.3.14330

Clam AntiVirus
Adware.Agent-5200
0.98/18155

ESET NOD32
Win32/Adware.EoRezo (variant)
8.8978

Fortinet FortiGate
Riskware/EoRezo
4/9/2015

IKARUS anti.virus
AdWare.Win32.EoRezo
t3scan.2.0.127

Malwarebytes
Trojan.Eorezo
v2014.03.30.04

McAfee
Adware-Eorezo
5600.6800

Microsoft Security Essentials
Adware:Win32/EoRezo
1.11104

Qihoo 360 Security
Win32/Trojan.Clicker.f46
1.0.0.1015

Reason Heuristics
PUP.AgenceExclusive.L
14.7.27.14

Sophos
EoRezo Adware
4.94

Trend Micro House Call
TROJ_GEN.R0CBH0AJ913
7.2.89

VIPRE Antivirus
Adware.Eorezo.a
34618

File size:
647.6 KB (663,168 bytes)

Product version:
2.0.0.0

Copyright:
(c) PCTuto. All rights reserved.

Original file name:
autoupdater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\pctuto\updatepctuto\autoupdater.exe

Digital Signature
Signed by:
Agence Exclusive

Authority:
VeriSign, Inc.

Valid from:
1/19/2011 1:00:00 AM

Valid to:
1/23/2012 12:59:59 AM

Subject:
CN=Agence Exclusive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Agence Exclusive, L=Paris, S=Ile de France, C=FR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
612CB1F3C82CC0C69A0C351146C131A3

File PE Metadata
Compilation timestamp:
4/13/2011 6:13:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:4/hozlK2hyKG9fmdeqnuHlBzImfxkCeE/WiEe:NlK2MKGYE+uHlBzZkCOiH

Entry address:
0x28E05

Entry point:
E8, F0, 86, 00, 00, E9, 16, FE, FF, FF, 6A, 00, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, FF, 74, 24, 14, E8, 68, 87, 00, 00, 83, C4, 14, C3, 8B, 44, 24, 04, 66, 8B, 08, 40, 40, 66, 85, C9, 75, F6, 2B, 44, 24, 04, D1, F8, 48, C3, 68, A0, 8E, 42, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, F0, E6, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3...
 
[+]

Code size:
244 KB (249,856 bytes)

Remove autoupdater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.