Hello! I was playing around and testing some downloads when I found a file signed by Install Source (Fried Cookie Ltd.).
If you have a Install Source (Fried Cookie Ltd.) file on your computer you may have noticed that Install Source (Fried Cookie Ltd.) pops up as the publisher in the User Account Control dialog when running the file. It is also possible to check a digital signature by looking at a file’s properties.
The issue is that chrome_setup.exe is not an official Google Chrome download. If it was, it should be signed by Google Inc.. Here’s how the authentic Google Chrome looks like when you double click on it. Notice that the “Verified publisher” says “Google Inc”.
Of the 56 anti-virus scanners, 5 detected the file. AVG reports chrome_setup.exe as Generic.834, AVware detects it as InstallCore (fs), Comodo detects it as Application.Win32.FriedCookie.CIRK, ESET-NOD32 reports a variant of Win32/InstallCore.UT and VIPRE detects it as InstallCore (fs).
Did you also find a file digitally signed by Install Source (Fried Cookie Ltd.)? Where did you find it and are the anti-virus programs detecting it? Please share in the comments below.
Thanks for reading.
Hi Roger,
I had been running 64 Bit Win 8.1 for some months unprotected except for “Windows Defender” Today I installed Comodo and ran a full scan. that reported “Application.win32.FriedCookie.CIRK…” found as “adobe_flash-setup.exe” file size 759,488, file Date 11-21-2014. The file location in Win 8.1 was C:\Users\Ed\AppData\Local\Microsoft\Windows\INetCache\IE\90I4HL4X. I just checked and found Windows Defender turned off. Perhaps Comodo did that.
Cheers, Ed Messerly