Tag Archives: PullUpdate

Mathematical Applications – 32% Detection Rate – PullUpdate / Jatif / Artemis

Hello readers! Short on time today, but I just wanted to give you the heads up on a publisher called Mathematical Applications. I’ve seen many files digitally signed by this publisher submitted to the FreeFixer database, so I thought it was about time to write a few lines about it.

The issue with the Mathematical Applications file is that it is detected by many of the anti-virus progams. Here are some of the detection names: Downloader.CBD, Adware.Yontoo.55, a variant of MSIL/Adware.PullUpdate.G.gen, Gen:Variant.Adware.Jatif.92, PUP.Optional.CrimeWatch.A and Artemis. In other words, you are probably better off removing these files.

Mathematical Applications virustotal

Did you also find a download that was signed by Mathematical Applications? What kind of download was it and was it detected by the anti-viruses at VirusTotal? Please share in posting comments below.

Thanks for reading.

Small Island Development – Detection Rate: 18% – Smallis / PullUpdate / TVWizard

Welcome! Another quick post on a publisher called Small Island Development. I noticed that many FreeFixer users are submitting files digitally signed by this publisher, so I though I should write a few lines about them.

There seems to be many variants of the Small Islands files, and many of them seems to have a randomly generated filename. The file I’m currently looking on is detected by 10 of the scanners scanners at VirusTotal. The majority of the scanners classify the file as adware. AVG reports NXtcFoMlakD.dll as Smallis.5E4, Baidu-International names it Adware.MSIL.PullUpdate.BK, Comodo names it ApplicUnwnt, Panda reports Adware/TVWizard and Symantec calls it Yontoo.C.

Small Island Development virustotal

Did you also find a Small Island Development file? What kind of download was it?

Thanks for reading.

Rational Thought Solutions – 18% Detection Rate – MSIL.Adware.PullUpdate

Found another publisher that appears to be signing adware related files while checking out the new files added to FreeFixer’s database. The publisher is called Rational Thought Solutions.

When I uploaded the Rational Thought Solutions file to VirusTotal, it came up with a 18% detection rate. The file is detected as Downloader.CBD by AVG, a variant of MSIL/Adware.PullUpdate.G.gen by ESET-NOD32, PUP.Optional.StormAlert.A by Malwarebytes, Artemis!707FECAF8B22 by McAfee and MSIL.Adware.PullUpdate by VIPRE.

Rational Thought Solutions virustotal

From what I can tell from the Rational Thought Solutions files added to the FreeFixer database, the file names seems to be randomly generated. The files are located at C:\ProgramData\%random%\%random%.exe.

Did you also stumble upon a download that was signed by Rational Thought Solutions? What kind of download was it and was it reported by the anti-virus scanners at VirusTotal? Please share in posting comments below.

Thanks for reading.