home

common.dll

FriendsChecker LLC

The module common.dll by FriendsChecker has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘FriendsChecker’. This file is typically installed with the program FriendsChecker by GenTechnologies Apps LLC which is a potentially unwanted software program.
Publisher:
FriendsChecker  (signed by FriendsChecker LLC)

Product:
FriendsChecker

Version:
2.5.34

MD5:
ea6d5ba5231118e0b41e7dcb3f787674

SHA-1:
9ebaea31e2a71d7e32ed475cc901787cab43cbb6

SHA-256:
a05a3a2c0ca78f0bf91486eceb00d28632f43060ebf9e14a509a20772a1b063c

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/18/2024 6:55:07 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FriendsChecker (M)
15.12.26.11

File size:
369.1 KB (377,960 bytes)

Product version:
2.5.34

Copyright:
(c) FriendsChecker

Original file name:
common.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\friendschecker\ie\common.dll

Digital Signature
Signed by:
FriendsChecker LLC

Authority:
GoDaddy.com, Inc.

Valid from:
2/21/2012 5:32:11 PM

Valid to:
3/18/2013 11:50:39 AM

Subject:
CN=FriendsChecker LLC, O=FriendsChecker LLC, L=Wilmington, S=DE, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
07CF8C68061834

Registration
CLSID:
{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}

ProgID:
DynConIE.DynConIEObject.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
7/9/2012 8:28:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:F77IbDF2jqtkCvT6stJ3RB/uILcX4GyiX4zYPKzFyW:hyDF9tkCvTdtzBmILcX47zDyW

Entry address:
0x151E2

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, BE, 4E, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35, A0, 5C, 04, 10, 57, 8B, 06, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8D, 7B, 10, 83, F8, FE, 74, 0D, 8B, 4E, 04, 03, CF, 33, 0C, 38, E8, 2C, CF, FF, FF, 8B, 4E, 0C, 8B, 46, 08, 03, CF, 33, 0C, 38, E8, 1C, CF, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85...
 
[+]

Entropy:
6.6230

Code size:
223.5 KB (228,864 bytes)

Internet Explorer BHO
Display name:
FriendsChecker

CLSID:
{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}


The file common.dll has been discovered within the following program.

FriendsChecker  by GenTechnologies Apps LLC
FriendsChecker installs as a web browser plugin for Internet Explorer and FireFox. It is designed to check to see what facebook friends have defreinded you. It does this by polling facebook with your profile details to see changes in your friends list.
www.friendschecker.com
69% remove it
 
Powered by Should I Remove It?

Remove common.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.