Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

1000.1000.1000.1000 66.67%
1000.1000.1000.1000 33.33%
(Note, Engaging Apps publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

updater21806.exe

Deals Plugin Extension by Engaging Apps (Signed)

Remove updater21806.exe
Version:   1000.1000.1000.1000
MD5:   67cae5bfa7303c6e4c2447c548afc39a
SHA1:   65a1a52dbe24b125eb7beb7b5e0a4562cbf69159
SHA256:   d4e26d3541685c111a718e32614380b0470fcb0c4a30fdb3376c9e163d1e207d
Warning 8 antivirus scanners has detected malware.

Overview

updater21806.exe is malware that executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Engaging Apps which was issued by the Thawte certificate authority (CA).

DetailsDetails

File name:updater21806.exe
Publisher:Innovative Apps
Product name:Deals Plugin Extension
Description:Deals Plugin Extension exe
Typical file path:C:\Documents and Settings\user\Local\updater21806\updater21806.exe
Original name:Deals Plugin Extension.exe
File version:1000.1000.1000.1000
Size:201.5 KB (206,336 bytes)
Build date:1/15/2013 11:01 AM
Certificate
Issued to:Engaging Apps
Authority (CA):Thawte
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Updater21806.exe' → C:\Documents and Settings\user\Local\Updater21806\Updater21806.exe /extensionid=21806 /extensionname='Deals Plugin Extension' /chromeid=bbhgoadfgiandmaieopaphefb
Scheduled tasks
  • The task 'Updater21806.exe' in the path '\Updater21806.exe'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 8 of them detected the following malware.
Antivirus engineEngine versionDetection
AVG 13.0.0.3169 SmartShopper.G
Baidu Antivirus 3.5.1.41473 Trojan.Win32.Agent.peo
Dr.Web 8.13.10.5 Adware.Plugin.88
ESET NOD32 7.8859 a variant of Win32/Toolbar.CrossRider.C
McAfee 5.600.1067 Artemis!67CAE5BFA730
McAfee Gateway Anti-Malware v2013-dat Artemis!67CAE5BFA730
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0416
VIPRE Antivirus 21968 GamePlayLabs (fs)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00021012%
0.028634%
Kernel CPU:0.00016558%
0.013761%
User CPU:0.00004454%
0.014873%
Kernel CPU time:1,875 ms/min
100,923,805ms/min
Memory
Private memory:1.93 MB
21.59 MB
Private (maximum):6.25 MB
Private (minimum):3.32 MB
Non-paged memory:1.93 MB
21.59 MB
Virtual memory:42.23 MB
140.96 MB
Virtual memory (peak):45.24 MB
169.69 MB
Working set:6.25 MB
18.61 MB
Working set (peak):6.27 MB
37.95 MB
Resource allocations
Threads:2
12
Handles:167
600
GUI GDI count:8
103
GUI USER count:4
49

BehaviorsProcess properties

Integrety level:Undefined
Platform:32-bit
Command line:"C:\Documents and Settings\user\Local\updater21806\updater21806.exe" /extensionid=21806 /extensionname='deals plugin extension' /chromeid=bbhgoadfgiandmaieopaphefbhcdpfaf /stayidle /delay=300
Owner:User
Parent process:explorer.exe (by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 33.33%
Windows 7 Professional 33.33%
Microsoft Windows XP 33.33%

Distribution by countryDistribution by country

Panama installs about 33.33% of Deals Plugin Extension.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 66.67%
Samsung 33.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE