Updates LTD

Publisher Information

Updates LTD is a software developer located in Atibaia, Sao Paulo in Brazil*. The company is a primary distributor of unwanted software.
Remove Updates LTD Malware - Powered by Reason Core Security
Authority:
COMODO CA Limited

Valid from:
12/5/2012 10:00:00 PM

Valid to:
12/6/2013 9:59:59 PM

Subject:
CN=Updates LTD, O=Updates LTD, STREET=Alameda Professor Lucas Nogueira Garcez 2647, L=Atibaia, S=Sao Paulo, PostalCode=12947-000, C=BR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00fd2cf3fbe5a510b83f16bebc4554c718

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Service.Updates.H, PUP.Startup.Updates.H, PUP.Updates.M, Common.PUP.Updates.H, PUP.Updates.J, PUP.Updates (M)
100.00%

Trend Micro House Call
TROJ_GEN.R0CCOH0IP13, TROJ_GEN.RCBB1B9, TROJ_GEN.R0CCH0AJO13, TROJ_GEN.R0CCH0AII13, TROJ_GEN.R0CBB01FD13, TROJ_GEN.R0CBC0PIK13
45.00%

IKARUS anti.virus
Win32.Febipos, Backdoor.Win32.Fynloski, Trojan.Win32.Spy
40.00%

avast!
Win32:Febipos-A [Trj], Win32:Fakebook-F [Trj]
35.00%

Sophos
Updates Ltd Adware
35.00%

McAfee
Artemis!E6043572CB3B, Artemis!88E202DA4F7B, Artemis!7F3553BD0A7E, RDN/Generic.hra!a, RDN/Generic.hra!c, Generic.dx!7CAA58E3F14B
30.00%

McAfee Web Gateway
Artemis!E6043572CB3B, Artemis!88E202DA4F7B, Artemis!7F3553BD0A7E, RDN/Generic.hra!a, RDN/Generic.hra!c, Generic.dx!7CAA58E3F14B
30.00%

Avira AntiVirus
HEUR/Crypted, Adware/NoFB.C, TR/Spy.359824, TR/Crypt.XPACK.Gen2, TR/Spy.359944
30.00%

Bkav FE
W32.Clodd47.Trojan, HW32.CDB, HW32.Packed
25.00%

VIPRE Antivirus
Trojan.Win32.Generic
25.00%

1 / 68      (Adware)
fb13.4.4_pt.exe  (7fa6b59f4fc0ea64bf41ff5ced27dcb1)

1 / 68      (Adware)
fbsecpack2.9.exe  (075ffabf7d8579a45f4317da2ca92a5d)

1 / 68      (Adware)
fbsecuritypack2.3.exe  (0e5135c34408f0cc6b6d214c8bed1bea)

1 / 68      (Adware)
fb13.4.4_pt.exe  (9bdb5f50042b2b8851e898d5ef28bfc5)

1 / 68      (Adware)
fbupdinst14.4.exe  (e61d5dde0cd88746585b70fe234f75bd)

1 / 68      (Adware)
fb13.4.4_pt.exe  (c6e3b3cc6f6403d2f673d4eb6adc3678)

1 / 68      (Adware)
i_pt.txt  (e0b9d623174da2aee4d8f5b58c925d9d)

1 / 68      (Adware)
fbsctyup6.2_fr.exe  (7e6ca891cb321c90c2ccd517a56c4ddf)

1 / 68      (Adware)
fbupdate.exe  (b4d0ac290b21b5ae4457a7cfb9bd5043)

1 / 68      (Adware)
fbupdinst14.4_fr.exe  (0a8d24e02852313c5d069f6e4e4c9ba6)

1 / 68      (Adware)
fbsecup2.7.exe  (72d78730f520710d1b518d3d19a3b533)

31 / 68    (Adware)
fbinstupd.exe  (7caa58e3f14b59985a1988bb12153de8)

8 / 68      (Adware)
fbupdinst14.4.exe  (41dab7cc4966b14c5258e5926b076142)

33 / 68    (Adware)
csrss32.exe  (23edeffdb356bd45450221f7de90b6b8)

26 / 68    (Adware)
csrss32.exe  (ec1dfbf0eb5c723450944ca3c374bce7)

18 / 68    (Adware)
fbinstupd.exe  (7f3553bd0a7e76d81f0f57cd387ae1e8)

6 / 68      (Adware)
sqlite3.dll  (f347887da98425644a8f9a939f304b80)

7 / 68      (Adware)
libntkrnldmp.dll  (d5cf615e9d5bd05717ff32538f121e00)

12 / 68    (Adware)
csrss32.exe  (88e202da4f7b9f42a19c8ee601ac9374)

8 / 68      (Adware)
service.exe (ServiceEx by ServiceEx)  (e6043572cb3bedc092482d6e5c6b88cf)

Downloads URLs for files signed by Updates LTD.

1 / 68      (Adware)
http://spbr.uni.me/updates/.../fb13.4.4_pt.exe  (9bdb5f50042b2b8851e898d5ef28bfc5)

Remove Updates LTD Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Updates LTD by COMODO CA Limited on December 05, 2012 with the serial number '00fd2cf3fbe5a510b83f16bebc4554c718'.