» updater.exe
Overview
Analysis
File Details
Programs (1)

updater.exe

PC Speed Clean PRO

Downloadius S.a.r.l

The application updater.exe, “updater 2.5.4, 2013” by Downloadius S.a.r.l has been detected as adware by 3 anti-malware scanners. This file is typically installed with the program PC Speed Clean PRO by Downloadius S.A.R.L which is a potentially unwanted software program.

File name:

updater.exe

Publisher:

Downloadius S.a.r.l (signed and verified)

Product:

PC Speed Clean PRO

Description:

updater 2.5.4, 2013

Version:

2.5.4

MD5:

e138a4054795cf67f55b059ee287e546

SHA-1:

3a444e8b892c316e2f04f25b2f620fd4ab3a6b82

SHA-256:

7ccffe11137caa2a36373209fe27a844e861760880152e70b59a2b5120823080

Scanner detections:

3 / 68

Status:

Adware

Analysis date:

4/26/2024 6:41:19 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Downloadius.DownloadiusSarl (M)

15.8.10.10

Trend Micro House Call

Suspicious_GEN.F47V0912

7.2.222

VIPRE Antivirus

Downloadius

33686

File size:

394 KB (403,432 bytes)

Product version:

2.5.4

Original file name:

updater.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\downloadius s.a.r.l\pc speed clean pro 2.5.4\install\b7e41ae\updater.exe

Digital Signature

Signed by:

Downloadius S.a.r.l

Authority:

COMODO CA Limited

Valid from:

7/25/2013 8:00:00 PM

Valid to:

7/25/2016 7:59:59 PM

Subject:

CN=Downloadius S.a.r.l, O=Downloadius S.a.r.l, STREET="7, Avenue Gaston Diderich", L=Luxembourg, S=Luxembourg, PostalCode=L-1420, C=LU

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

516E4C889E15D413F8CD7F3121095139

File PE Metadata

Compilation timestamp:

6/17/2014 9:59:52 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:mhGHHXvYU0LT8EpZV4vVJ+LV2K9V0iDx4Qyg4ottG:mgXvYU0/hPVyVJcV2K9H4rgG

Entry address:

0x10E72

Entry point:

E8, F1, 75, 00, 00, E9, 79, FE, FF, FF, 68, E0, 0E, 41, 00, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 44, 10, 44, 00, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 8B, 73, 08, 33, 35... 
[+]

Entropy:

6.1106

Code size:

225.5 KB (230,912 bytes)

The file updater.exe has been discovered within the following program.

PC Speed Clean PRO by Downloadius S.A.R.L

PC Speed Clean PRO is a PC optimization program that is supposed to increase the speed of computer by removing invalid entries the computer's registry.

About 72% of users remove it

Remove updater.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.