Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

faccc 3.23%
de70e 3.23%
9b165 3.23%
8b7f5 3.23%
58f9d 16.13%
ebffe 3.23%
b1ec8 3.23%
5e01b 3.23%
ce2c4 3.23%
49792 3.23%
6d7c4 3.23%
ed068 12.90%
1ba41 6.45%
4f887 19.35%
d7539 3.23%
2e615 3.23%
d0c38 6.45%
(Note, Bit Cocktail Ltd. publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

extensionupdaterservice.exe

By Bit Cocktail Ltd. (Signed)

Remove extensionupdaterservice.exe
MD5:   4f887d2c0362e1b4183139a5eb926a50
SHA1:   7a3f3cf7ad7bd8a6f74db88ba612694d2626bc7f
SHA256:   517a95a0668b500f42922cd054c27e3e88b9ef896f1e7389c5ca1a4a2ca960ff
Warning 5 antivirus scanners has detected malware.

What is extensionupdaterservice.exe?

Plazy Updater is the software updater program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.

Overview

extensionupdaterservice.exe is malware that runs as a service under the name Web Assistant (Updater By SweetPacks) with extensive SYSTEM privileges (full administrator access). It is installed with a couple of know programs including Updater By SweetPacks 2.0.0.566 published by SweetIM Technologies Ltd., Updater By SweetPacks 2.0.0.586 from SweetIM Technologies Ltd. and Updater By SweetPacks 2.0.0.586 by SweetIM Technologies Ltd.. The file is digitally signed by Bit Cocktail Ltd. which was issued by the Thawte certificate authority (CA).

DetailsDetails

File name:extensionupdaterservice.exe
Typical file path:C:\Program Files\plazy\extensionupdaterservice.exe
Size:184.34 KB (188,760 bytes)
Build date:5/16/2013 1:11 AM
Certificate
Issued to:Bit Cocktail Ltd.
Authority (CA):Thawte
Expiration date:Thursday, January 16, 2014
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Updater By SweetPacks
 SweetIM Technologies Ltd.
  67% remove
Updater By SweetPacks (from Perion) is designed to monitor and keep the SweetPacks programs automatically up to date. It checks for software updates and automatically downloads and installs them if found. It does so by adding a startup entry to the registry to automatically load each time a user logs into windows and remotely checks its server for updates by adding a Windows firewall exception. If an update is found it will silently ins...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • Web Assistant
  • 'Updater By SweetPacks'
  • 'Web Assistant Updater'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 5 of them detected the following malware.
Antivirus engineEngine versionDetection
ESET NOD32 7.8789 a variant of Win32/Toolbar.BitCocktail.B
Kingsoft 2013.4.9.267 Win32.Troj.Generic.a.(kcloud)
Malwarebytes 1.75.0.1 PUP.Optional.SweetPacks.A
Sophos 4.91.0 BitCocktail
ViRobot 2011.4.7.4223 Trojan.Win32.A.Agent.188760

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00002500%
0.028634%
Kernel CPU:0.00001523%
0.013761%
User CPU:0.00000977%
0.014873%
Kernel CPU time:414,370 ms/min
100,923,805ms/min
CPU cycles:12,959,871/sec
17,470,203/sec
Memory
Private memory:10.48 MB
21.59 MB
Private (maximum):7.6 MB
Private (minimum):2.3 MB
Non-paged memory:10.48 MB
21.59 MB
Virtual memory:76.67 MB
140.96 MB
Virtual memory (peak):85.51 MB
169.69 MB
Working set:2.31 MB
18.61 MB
Working set (peak):7.81 MB
37.95 MB
Page faults:69,198,810/min
2,039/min
I/O
I/O write transfer:0 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:9 Bytes/sec
448.09 KB/min
I/O other operations:1/sec
1,671/min
Resource allocations
Threads:6
12
Handles:177
600

BehaviorsProcess properties

Integrety level:System
Platform:64-bit
Command line:"C:\Program Files\updater by sweetpacks\extensionupdaterservice.exe"
Owner:SYSTEM
Windows Service
Service name:Updater By SweetPacks
Display name:Web Assistant
Type:Win32OwnProcess
Parent process:services.exe (by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 26.67%
Windows Vista Home Premium 23.33%
Windows 8 16.67%
Windows 7 Ultimate N 13.33%
Microsoft Windows XP 6.67%
Windows 8 Pro 3.33%
Windows 7 Ultimate 3.33%
Windows 7 Starter 3.33%
Windows 7 Professional 3.33%

Distribution by countryDistribution by country

United States installs about 73.33% of extensionupdaterservice.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 51.85%
Hewlett-Packard 25.93%
Gateway 7.41%
Sony 7.41%
ASUS 7.41%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE