EFupdater.exe
Express Files Updater by Faglaro Enterprises Limited (Signed)
| Version: | 1, 0, 0, 6 |
| MD5: | fa0f8558cbf4a4c1175f5bc1824cd253 |
| SHA1: | 36c513b8d860984cda7c81a6fc4261d8d37a9032 |
| SHA256: | d77d05d3f897e144798f03404170328e3724e09c0412517b5ad52e5d7c4fe86f |
Warning 5 antivirus scanners has detected malware.
What is EFupdater.exe?
Express Files Updater (efupdater.exe) is a program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.
About EFupdater.exe (from Faglaro Enterprises Limited)
“It's all-in-one product. Easy to use instant built-in search tool usefully sorts your results and download manager is so handy. With our prod- uct you can find any content of any subject that interest”
Overview
efupdater.exe is malware that executes as a process with the local user's privileges. It is an auto-starting process that used the Windows Task Scheduler service to load when the user logs into Windows (sometimes this is required to bypass the UAC protection). It is installed with a couple of know programs including ExpressFiles published by Express Solutions, ExpressFiles from Express Solutions and ExpressFiles by Express Solutions. The file is digitally signed by Faglaro Enterprises Limited which was issued by the COMODO CA Limited certificate authority (CA).
Details
| File name: | efupdater.exe |
| Publisher: | http://www.express-files.com/ |
| Product name: | Express Files Updater |
| Typical file path: | C:\Program Files\expressfiles\efupdater.exe |
| File version: | 1, 0, 0, 6 |
| Product version: | 1,0,0,0 |
| Size: | 196.24 KB (200,952 bytes) |
| Certificate |
| Issued to: | Faglaro Enterprises Limited |
| Authority (CA): | COMODO CA Limited |
| Effective date: | Friday, December 16, 2011 |
| Expiration date: | Sunday, December 16, 2012 |
| Digital DNA |
| PE subsystem: | Windows GUI |
| File packed: | Yes |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
“No settings, no complications, unimaginable speed, with minimum effort and maximum simplicity! User-friendly interface anyone can manage. Built-in instant search tool with an amazingly intelligent algorithm! It's absolutely free. And, we are con- stantly working to make our product better. Ask why? It's simple! We like to make the Internet better, and staying there pleasant. It's totally unique. Very simple inter- face is specifically d...”
Behaviors
Scheduled tasks
- The job 'Express Files Updater' runs on logon in the path 'C:\WINDOWS\Tasks\Express Files Updater.job'
- The job 'Express FilesUpdate' runs on logon in the path '\Express FilesUpdate'
- Entry path '\Express FilesUpdate'
- Entry path '\Express Files Updater'
- Entry path 'C:\WINDOWS\Tasks\Express FilesUpdate.job'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path 'C:\WINDOWS\Tasks\Express Files Updater.job'
- Login entry path '\Express FilesUpdate'
- Login entry path '\Express Files Updater'
- Login entry path 'C:\WINDOWS\Tasks\Express FilesUpdate.job'
Malware detections
Based on 40+ industry antivirus scanners, 5 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Dr.Web |
8.13.4.17 |
Tool.DownLoader.52 |
| Emsisoft Anti-Malware |
3.0.0.575 |
Trojan.Win32.YourFileDownloader.AMN (A) |
| eSafe |
7.0.17.0 |
Win32.Trojan |
| ESET NOD32 |
7.8224 |
a variant of Win32/YourFileDownloader.B |
| VIPRE Antivirus |
16818 |
ExpressFiles Installer (fs) |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Ultimate |
32.35% |
|
| Microsoft Windows XP |
29.41% |
|
| Windows 7 Home Premium |
14.71% |
|
| Windows Vista Home Premium |
11.76% |
|
| Windows 8 Pro |
8.82% |
|
| Windows 8 Pro with Media Center |
2.94% |
|
Distribution by country
United Kingdom installs about 23.53% of Express Files Updater.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Acer |
23.53% |
|
| Dell |
23.53% |
|
| Toshiba |
23.53% |
|
| American Megatrends |
17.65% |
|
| Hewlett-Packard |
11.76% |
|
