home

InternetUpdaterService.exe

Internet Updater Service

Parallel Lines Development, LLC

The application InternetUpdaterService.exe has been detected as a potentially unwanted program by 5 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Internet Updater”. This file is typically installed with the program Internet Updater by Parallel Lines Development, LLC which is a potentially unwanted software program.
Publisher:
Parallel Lines Development, LLC

Product:
Internet Updater Service

Version:
1.0.0.0

MD5:
12386962a77af92c22d6b0d2357658c5

SHA-1:
140f1ba4dd591202e50dea5de4ef46612c059bd0

SHA-256:
bdd161ce73648b21c61c8d73d78a4ed72c980ac687cbd6a92afb0c416953327c

Scanner detections:
5 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 1:23:04 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Trojan.Agent-1638228
0.98/22255

Dr.Web
Adware.Plugin.157
9.0.1.05190

ESET NOD32
MSIL/Adware.PullUpdate.A application
6.3.12010.0

F-Prot
W32/PullUpdate.A
4.6.5.141

Reason Heuristics
Adware.Injekt (M)
16.3.9.20

File size:
44.5 KB (45,568 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Parallel Lines Development, LLC 2014

Original file name:
InternetUpdaterService.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\ProgramData\internetupdater\internetupdaterservice.exe

File PE Metadata
Compilation timestamp:
1/15/2014 2:07:04 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:PBjMOkJttMr7wybo3/okM8MUAOUPC/pKdVETJVcorwAhTGCZoOoa:dQtX/I8VdUygdVCVcY3hTGCZL

Entry address:
0xC47E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
41.5 KB (42,496 bytes)

Service
Display name:
Internet Updater

Service name:
InternetUpdater

Description:
Provides system level support for Internet Updater.

Type:
Win32OwnProcess


The file InternetUpdaterService.exe has been discovered within the following program.

Internet Updater  by Parallel Lines Development, LLC
Also known as WebShield, Internet Updater is a potentially unwanted software program. It is bundled by third party download manager including the Conduit Toolbar. It connects to the domain pullupdate.com to download various software updates as well as command data.
85% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-50-112-218-190.us-west-2.compute.amazonaws.com  (50.112.218.190:80)

TCP (HTTP):
Connects to ec2-52-10-180-179.us-west-2.compute.amazonaws.com  (52.10.180.179:80)

TCP (HTTP):
Connects to ec2-54-218-62-24.us-west-2.compute.amazonaws.com  (54.218.62.24:80)

TCP (HTTP):
Connects to ec2-54-213-104-242.us-west-2.compute.amazonaws.com  (54.213.104.242:80)

TCP (HTTP):
Connects to ec2-52-32-118-15.us-west-2.compute.amazonaws.com  (52.32.118.15:80)

TCP (HTTP):
Connects to ec2-54-213-89-119.us-west-2.compute.amazonaws.com  (54.213.89.119:80)

TCP (HTTP):
Connects to ec2-54-187-20-232.us-west-2.compute.amazonaws.com  (54.187.20.232:80)

TCP (HTTP):
Connects to ec2-54-186-60-190.us-west-2.compute.amazonaws.com  (54.186.60.190:80)

TCP (HTTP):
Connects to ec2-50-112-145-191.us-west-2.compute.amazonaws.com  (50.112.145.191:80)

TCP (HTTP SSL):
Connects to wifi.free.fr  (212.27.40.236:443)

TCP (HTTP):
Connects to ec2-54-69-229-31.us-west-2.compute.amazonaws.com  (54.69.229.31:80)

TCP (HTTP):
Connects to ec2-54-244-3-176.us-west-2.compute.amazonaws.com  (54.244.3.176:80)

TCP (HTTP):
Connects to ec2-54-218-57-60.us-west-2.compute.amazonaws.com  (54.218.57.60:80)

TCP (HTTP):
Connects to ec2-54-213-81-117.us-west-2.compute.amazonaws.com  (54.213.81.117:80)

TCP (HTTP):
Connects to ec2-54-213-35-177.us-west-2.compute.amazonaws.com  (54.213.35.177:80)

TCP (HTTP):
Connects to ec2-54-213-223-194.us-west-2.compute.amazonaws.com  (54.213.223.194:80)

TCP (HTTP):
Connects to ec2-54-200-21-6.us-west-2.compute.amazonaws.com  (54.200.21.6:80)

TCP (HTTP):
Connects to ec2-54-200-165-191.us-west-2.compute.amazonaws.com  (54.200.165.191:80)

TCP (HTTP):
Connects to ec2-54-200-151-217.us-west-2.compute.amazonaws.com  (54.200.151.217:80)

TCP (HTTP):
Connects to ec2-54-186-84-255.us-west-2.compute.amazonaws.com  (54.186.84.255:80)

Remove InternetUpdaterService.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.