Updater.exe
Launcher by Amonetize ltd. (Signed)
Warning 45 antivirus scanners has detected malware in various versions of Updater.exe.
Overview
There are 14 versions of updater.exe in the wild, the latest version being 1.1.3.8. updater.exe is run as a standard windows process with the logged in user's account privileges. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. In addition the the run registry key, it also creates a scheduled job to be executed by the Windows Task Scheduler up user login, this is typically done in order to bypass a User Account Control (UAC) prompt. The average file size is about 272.93 KB. The file is a digitally signed and issued to Amonetize ltd. by Thawte. Some variations of the file have been seen to be installed with the program Software Version Updater from Amonetize ltd.. During the process's lifecycle, the typical CPU resource utilization is less than 0.01% with the maximum memory reaching around 6.67 MB.
What is updater.exe?
Software version updater (updater.exe) is the software updater program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found.
Details |
File name: | updater.exe |
Publisher: | Amonetize ltd. |
Product name: | Launcher |
Description: | Software version updater |
Typical file path: | C:\users\user\appdata\local\swvupdater\updater.exe |
Certificate |
Issued to: | Amonetize ltd. |
Authority (CA): | Thawte |
Effective date: | Monday, May 14, 2012 |
Expiration date: | Wednesday, May 15, 2013 |
Programs installed in
(Note, the programs listed below are for all versions of Launcher.)
The program is distributed by Amonetize ltd., a program bundling/installation monitization platform. "We provide our own installer software component. Our installer easily integrates with any Windows ...
Behaviors
(Note, the behaviors below are for all versions of updater.exe, select a unique version for details.)
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'SwvUpdtr' → C:\users\user\appdata\Local\SwvUpdater\Updater.exe /reg
Scheduled tasks
- The task 'AmiUpdXp' runs on logon in the path '\AmiUpdXp'
- Entry path 'C:\WINDOWS\Tasks\AmiUpdXp.job'
- Entry path '\AmiUpdXp'
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path 'C:\WINDOWS\Tasks\AmiUpdXp.job'
- Login entry path '\AmiUpdXp'
Malware detections
Based on 40+ industry antivirus scanners, 45 of them detected the following malware.
Antivirus engine | Engine version | Detection | File version |
avast! |
8.0.1489.320 |
Win32:Amonetize-D [PUP] |
1.1.3.7 |
Bkav Security |
1.3.0.4246 |
HW32.CDB.29a5 |
1.1.3.7 |
Bkav Security |
1.3.0.4246 |
HW32.CDB.390c |
1.1.3.7 |
Bkav Security |
1.3.0.4246 |
HW32.CDB.B812 |
1.1.3.7 |
Comodo Internet Security |
17074 |
Application.Win32.Amonetize.~A |
1.1.3.8 |
Dr.Web |
7.0.4.09250 |
Adware.Downware.646 |
1.1.1.7 |
Dr.Web |
7.0.4.09250 |
Adware.Downware.726 |
1.1.2.7 |
Dr.Web |
7.0.4.09250 |
Trojan.Siggen4.47631 |
1.1.3.4 |
Dr.Web |
8.13.8.11 |
Adware.Downware.1528 |
1.1.3.7 |
Dr.Web |
8.13.9.29 |
Adware.Downware.1170 |
1.1.3.7 |
Dr.Web |
8.13.9.30 |
Adware.Downware.1238 |
1.1.3.7 |
Dr.Web |
8.13.9.30 |
Adware.Downware.1238 |
1.1.3.7 |
Dr.Web |
8.13.10.5 |
Adware.Downware.1238 |
1.1.3.7 |
Dr.Web |
8.13.10.5 |
Adware.Downware.1292 |
1.1.3.7 |
Dr.Web |
8.13.10.8 |
Adware.Downware.1292 |
1.1.3.7 |
Dr.Web |
8.13.10.8 |
Adware.Downware.1325 |
1.1.3.8 |
ESET NOD32 |
7.8844 |
a variant of Win32/Amonetize.I |
1.1.3.7 |
ESET NOD32 |
7.8845 |
a variant of Win32/Amonetize.I |
1.1.3.7 |
ESET NOD32 |
7.8844 |
a variant of Win32/Amonetize.I |
1.1.3.7 |
ESET NOD32 |
7.8734 |
a variant of Win32/Amonetize.I |
1.1.3.7 |
ESET NOD32 |
7.8892 |
a variant of Win32/Amonetize.I |
1.1.3.8 |
ESET NOD32 |
8.9341 |
a variant of Win32/Amonetize.I |
1.1.3.7 |
K7 AntiVirus |
9.175.10963 |
Unwanted-Program ( 00454f261 ) |
1.1.3.7 |
K7GW |
9.175.10963 |
Unwanted-Program ( 00454f261 ) |
1.1.3.7 |
Kingsoft |
2013.1.8.219 |
Win32.Troj.Agent.g.(kcloud) |
1.1.3.4 |
Malwarebytes |
1.62.0.140 |
PUP.Software.Updater |
1.1.1.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize.A |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize |
1.1.3.7 |
Malwarebytes |
1.75.0.1 |
PUP.Optional.Amonetize.A |
1.1.3.8 |
McAfee |
5.600.1067 |
Artemis!861DDA2A5B38 |
1.1.3.7 |
McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!861DDA2A5B38 |
1.1.3.7 |
Sophos |
4.97.0 |
Amonetize |
1.1.3.7 |
The Hacker |
None |
Posible_Worm32 |
1.1.1.7 |
The Hacker |
None |
Posible_Worm32 |
1.1.2.7 |
VIPRE Antivirus |
25854 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
20214 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
21834 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
21838 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
21834 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
20932 |
Amonetize (fs) |
1.1.3.7 |
VIPRE Antivirus |
22208 |
Amonetize (fs) |
1.1.3.8 |
All file variations of updater.exe
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
32.97% |
|
Windows 7 Ultimate |
25.27% |
|
Microsoft Windows XP |
13.19% |
|
Windows 8 Pro |
10.99% |
|
Windows 8 |
5.49% |
|
Windows Vista Home Premium |
3.30% |
|
Windows 7 Professional |
2.20% |
|
Windows 8 Single Language |
2.20% |
|
Windows Vista Ultimate |
2.20% |
|
Windows 8 Pro with Media Center |
1.10% |
|
Windows 7 Ultimate N |
1.10% |
|
Distribution by country
United States installs about 51.65% of Launcher.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Hewlett-Packard |
28.89% |
|
Toshiba |
20.00% |
|
Dell |
17.78% |
|
Acer |
12.22% |
|
ASUS |
6.67% |
|
Gateway |
4.44% |
|
American Megatrends |
3.33% |
|
Sony |
2.22% |
|
Sahara |
2.22% |
|
Samsung |
2.22% |
|