» MovieModeService.exe
Overview
Analysis
File Details
Programs (1)

MovieModeService.exe

Movie Mode Service

GenTechnologies Apps, LLC

This is part of an adware program designed to inject advertising in the web browser (banners, text-links) as well as modify the normal behavior of the browser. Part of the Injekt brand of unwanted programs. The application MovieModeService.exe by GenTechnologies Apps has been detected as adware by 25 anti-malware scanners. This file is typically installed with the program Movie Mode by GenTechnologies Apps, LLC which is a potentially unwanted software program.

File name:

Publisher:

GenTechnologies Apps, LLC (signed and verified)

Product:

Movie Mode Service

Version:

1.0.0.0

MD5:

165e973e70f4cd4c904544670dbf609f

SHA-1:

ae50c94d16c797ffae3cccbbf89137cee7466ec9

SHA-256:

2aa0dff884289a8c5768e6da3d31985efde0b20042c8643ad17810d416f617b5

Scanner detections:

25 / 68

Status:

Adware

Explanation:

Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:

5/10/2024 6:48:13 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.380518

499

Agnitum Outpost

PUA.PullUpdate

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen

7.11.212.220

avast!

Win32:Adware-gen [Adw]

2014.9-150923

AVG

GenTec

2016.0.2977

Baidu Antivirus

Adware.MSIL.PullUpdate

4.0.3.15923

Bitdefender

Gen:Variant.Kazy.380518

1.0.20.1330

Comodo Security

ApplicUnwnt

18025

Dr.Web

Adware.Plugin.175

9.0.1.0266

Emsisoft Anti-Malware

Android.Trojan.Boqx

8.15.09.23.08

ESET NOD32

MSIL/Adware.PullUpdate (variant)

9.9617

Fortinet FortiGate

Adware/PullUpdate

9/23/2015

F-Secure

Gen:Variant.Kazy.380518

11.2015-23-09_4

G Data

Gen:Variant.Kazy.380518

15.9.24

IKARUS anti.virus

AdWare.Agent

t3scan.1.6.1.0

K7 AntiVirus

Adware

13.178.12292

Malwarebytes

Adware.MovieMode

v2015.09.23.08

MicroWorld eScan

Gen:Variant.Kazy.380518

16.0.0.798

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1015

Reason Heuristics

PUP.Injekt.GenTechnologiesApps (M)

15.9.23.20

Sophos

Pull Update

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

9611

Trend Micro House Call

TROJ_GEN.F47V0323

7.2.266

VIPRE Antivirus

Threat.4872425

29800

XVirus List

Win.Detected

2.3.31

File size:

54.1 KB (55,440 bytes)

Product version:

1.0.0.0

Original file name:

MovieModeService.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\moviemode\moviemodeservice.exe

Digital Signature

Signed by:

GenTechnologies Apps, LLC

Authority:

COMODO CA Limited

Valid from:

5/30/2013 2:00:00 AM

Valid to:

5/31/2014 1:59:59 AM

Subject:

CN="GenTechnologies Apps, LLC", O="GenTechnologies Apps, LLC", STREET=640 Grand Avenue, STREET=Suite E, L=Carlsbad, S=California, PostalCode=92008, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

06D4A5EDA561071FC293924D6DFC6300

File PE Metadata

Compilation timestamp:

2/19/2014 7:03:10 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:7ZzGxHiByArQogDLcASu6NSqnI/aa4X1LfgGzZmT5H8:7lGxHiByArQ3XPL6JISa4X1LfgGQFc

Entry address:

0xCE6E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

44 KB (45,056 bytes)

The file MovieModeService.exe has been discovered within the following program.

Movie Mode by GenTechnologies Apps, LLC

Run by Creative Island Media, LLC, this is an adware (ad-supported) web browser extension that is difficult to remove and will hijack the user's web browser search page as well as inject advertisements.

www.moviemodeapp.com

88% remove it

Remove MovieModeService.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.