home

UpdateChecker.exe

FileHippo.com Update Checker

FileHippo.com

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘FileHippo.com’. The file has been seen being downloaded from www.filehippo.com and multiple other hosts.
Publisher:
FileHippo.com

Product:
FileHippo.com Update Checker

Version:
1.040.0.0

MD5:
d72d08898e2ba14b8fd6e9533c714385

SHA-1:
3f8609c14ca3fb9b9690958f1d619ff2ed4b94ec

SHA-256:
f4337d46bbb5886ed654157c3bb1b2779376e919f1c5d8e5ff2f8c6b7306f8c4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 8:02:45 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Startup.FileHippo.N
188163

File size:
300.5 KB (307,712 bytes)

Product version:
1.040.0.0

Copyright:
Copyright © FileHippo.com

Original file name:
UpdateChecker.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\filehippo.com\updatechecker.exe

File PE Metadata
Compilation timestamp:
11/23/2012 12:22:05 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:VqmEQMYnUJPgVNFfGgkQPS7W36Z9yRFdxzpBr1k8R+/jJXW4x:VCQMYnMYDhQW09yRFdxzpBW

Entry address:
0x4862E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7988

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
282 KB (288,768 bytes)

3 Scheduled Tasks
Task name:
elevated_UpdateChecker_MOC.1~IHELIF1~ARGORPC

Task name:
FileHippo.com online update program

Trigger:
Weekly (Runs weekly on Mondays at 10:00 AM)

Action:
updatechecker.exe \background

Description:
tuident:BEE8D4F4

Task name:
FileHippo.com Update Checker

Trigger:
Weekly (Runs weekly on Mondays at 10:00 AM)


Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FileHippo.com

Command:
"C:\Program Files\filehippo.com\updatechecker.exe" \background


The file UpdateChecker.exe has been discovered within the following programs.

360Amigo System Speedup Free  by 360Amigo
360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
CCleaner  by Piriform
CCleaner developed by Piriform, is a utility program used to clean potentially unwanted files and invalid Windows Registry entries from a computer.
www.piriform.com/ccleaner
3% remove it
FileHippo App Manager  by FileHippo.com
Publisher's description - “The FileHippo App Manager will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases. These are then neatly displayed in your browser for you to download.”
filehippo.com/download_update_checker/58783
50% remove it
FileHippo.com Update Checker  by FileHippo.com
FileHippo.com Update Checker is the updater program which runs with Windows (in the background as a service) and automatically starts up when your computer boots. It checks for updates and automatically downloads and installs them if found based on the user's settings.
www.filehippo.com
57% remove it
OUTDATEfighter  by SPAMfighter ApS.
OUTDATEfighter has been known to use the InstallX (InstallIQ) download and bundle manager to install additional offers, typically unwanted toolbars such as We-Care and BlitzMedia.
www.spamfighter.com/OUTDATEfighter/Support_Default.asp
47% remove it
 
Powered by Should I Remove It?

The file UpdateChecker.exe has been seen being distributed by the following 8 URLs.

http://www.filehippo.com/es/.../updatechecker.exe

http://filehippo.com/fr/.../updatechecker.exe

http://www.filehippo.com/fr/.../updatechecker.exe

http://www.filehippo.com/pl/.../updatechecker.exe

http://www.filehippo.com/de/.../updatechecker.exe

http://cache.filehippo.com/UpdateChecker.exe

http://www.filehippo.com/.../UpdateChecker.exe

http://filehippo.com/.../UpdateChecker.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to 108.168.208.207-static.reverse.softlayer.com  (108.168.208.207:80)

TCP (HTTP):
Connects to 108.168.208.206-static.reverse.softlayer.com  (108.168.208.206:80)

Scan UpdateChecker.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.