home

updater.exe

Long Mile Solutions, LLC

Part of the branded Injekt adware package, the updater mechanism is an auto-starting program that is desigend to update the web browser extensions and protect the executables ChromeHelper, FirefoxHelper and IeHelper so that these programs can inject advertisments and generate popups in the user's web browser. The application updater.exe by Long Mile Solutions has been detected as adware by 21 anti-malware scanners.
Publisher:
Updater  (signed by Long Mile Solutions, LLC)

Product:
Updater

Description:
Updater service

Version:
1, 0, 0, 1

MD5:
4b60f3f20c364cf6b44e13171fa41de4

SHA-1:
f763e37978ac290ccf25b8aa4713943e5fb60ccf

SHA-256:
2ce3f20a2a0e6b0eba60af5a93578c44f337a20817f5eef25f5ef49af5a5c26f

Scanner detections:
21 / 68

Status:
Adware

Explanation:
Injects display ads (banner ads), in-text ads, interstitial ads, or other types of ads in the web browser as well as alters the browsers settings (home page, search, DNS, and security protocols).

Analysis date:
4/24/2024 3:06:03 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.Agent.NUE
833

Avira AntiVirus
TR/Trash.Gen
7.11.30.172

avast!
Win32:TubeDim-A [PUP]
2014.9-141024

Bitdefender
Adware.Agent.NUE
1.0.20.1485

Bkav FE
W32.Clod4a8.Trojan
1.3.0.4613

Dr.Web
Adware.Plugin.128
9.0.1.0297

Emsisoft Anti-Malware
Adware.Agent.NUE
8.14.10.24.09

F-Secure
Adware.Agent.NUE
11.2014-24-10_6

G Data
Win32.Application.TubeDimmer
14.10.22

IKARUS anti.virus
AdWare.Agent
t3scan.2.2.29

Malwarebytes
PUP.Optional.TubeDimmer
v2014.10.24.09

McAfee
Artemis!A5F634DAE5C0
5600.6967

MicroWorld eScan
Adware.Agent.NUE
15.0.0.891

Norman
Malware
11.20141024

nProtect
Adware.Agent.NUE
14.02.02.01

Reason Heuristics
PUP.LongMileSolutions.H
14.10.24.21

Sophos
Search Donkey
4.97

SUPERAntiSpyware
Trojan.Agent/Gen-Nullo[Short]
10279

Trend Micro House Call
TROJ_GEN.F47V1106
7.2.297

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic!SB.0
25500

File size:
291.1 KB (298,104 bytes)

Product version:
1, 0, 0, 1

Original file name:
updater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\application data\updater\updater.exe

Digital Signature
Signed by:
Long Mile Solutions, LLC

Authority:
COMODO CA Limited

Valid from:
4/25/2013 7:00:00 PM

Valid to:
4/26/2014 6:59:59 PM

Subject:
CN="Long Mile Solutions, LLC", O="Long Mile Solutions, LLC", STREET=640 GRAND AVE STE E, L=CARLSBAD, S=CA, PostalCode=92008, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
53B89B8046F82D87A2C562F3D007CB45

File PE Metadata
Compilation timestamp:
9/26/2013 5:58:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:hVRqJ9kQAmmHgEDFx7RdkUxDrim1c/swhm/8QA/R/H4/AjhNpzBDqIBOMeZr:hVootm2hhRFpri2Qsf/m5/Y/AFT1DWF

Entry address:
0x1C477

Entry point:
E8, 46, 96, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 3C, D4, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 83, EC, 10, A1, 30, AB, 43, 00, 33, C5, 89, 45, FC, 8B, 55, 18, 53, 33, DB, 56, 57, 3B, D3, 7E, 1F, 8B, 45, 14, 8B, CA, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, C2, 2B, C1, 48, 3B, C2, 7D, 01, 40, 89, 45, 18, 89, 5D, F8, 39, 5D, 24, 75, 0B, 8B, 45, 08, 8B, 00, 8B, 40, 04, 89, 45, 24, 8B, 35, 4C, 01, 43, 00...
 
[+]

Entropy:
6.4322

Code size:
187.5 KB (192,000 bytes)

Remove updater.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.