home

updater.exe

Updater

The executable updater.exe has been detected as malware by 9 anti-virus scanners. This is the uninstaller utility registered in the Windows Control Panel for the program Internet Quick Access by Internet Quick Access.
Product:
Updater

Version:
1.0.0.0

MD5:
597791e8448f281a8ae6f7eb025abdf8

SHA-1:
dcaed9c310c8990fb0be30a5aa10c6279a45a184

SHA-256:
9b86e2cb5d69a72d4a154320920cc7a4aa4e7627e79e70b45892f3b5a38f1fd8

Scanner detections:
9 / 68

Status:
File is infected by a Virus

Explanation:
The file is infected by a polymorphic file infector virus.

Analysis date:
4/25/2024 8:48:39 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Virtu-A
160209-2

Dr.Web
Win32.Virut.56
9.0.1.05190

ESET NOD32
Win32/Virut.NBP virus
7.0.302.0

F-Prot
W32/Virut.E.gen
4.6.5.141

Kaspersky
Virus.Win32.Virut
15.0.0.562

McAfee
Virus.W32/Virut.n.gen
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6208.0

Norman
Win32.Virtob.Gen.12
13.02.2016 01:47:07

Sophos
Virus 'W32/Scribble-B'
5.23

File size:
555.5 KB (568,832 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
Updater_dotnet2.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\chromium\application\45.0.2433.0\installer\updater\updater.exe

File PE Metadata
Compilation timestamp:
2/17/2003 2:28:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:H+qYyOhC+K3U5N9V7uikFgL2UbyKitLvV7uikFgcb:pYyOhxKk5N9lubgL2UbyHtLvlubgc

Entry address:
0x8E824

Entry point:
90, 83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, F5, 8B, F6, FC, 60, 83, EC, DC, 86, E5, E8, E4, 03, 00, 00, 4B, F7, D0, 84, E0, 66, 4B, F6, D2, 90, 75, F9, 29, F8, 48, 47, 81, DF, B2, 6C, 7B, A6, F7, D2, FF, 73, 3C, 8D, 86, E2, CB, 97, 9A, 86, F6, 59, 8D, 93, E0, C4, A0, F0, 00, CE, 4E, 47, 90, 81, E9, FD, FF, FF, 7F, 73, C9, B4, 93, 90, FC, 81, D9, E6, 13, 00, 00, 71, BD, 80, EE, 7A, FC, FF, B4, 19, E4, 13, 00, 80, 83, C4, 04, EB, 5A, 87, DF, 90, 54, FF, 54, 24, 5C, FF, 54, 24, 5C, 81, F9, F6, 3D, E0, 14, FF...
 
[+]

Entropy:
7.2652

Code size:
412 KB (421,888 bytes)

Program Uninstaller
Program name:
Internet Quick Access

Display publisher:
Internet Quick Access

Display version:
45.0.2433.0

Uninstall string:
C:\users\{user}\appdata\local\chromium\application\45.0.2433.0\installer\updater\updater.exe -uninstall="internet quick access"


Remove updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.