updatetask.exe
By Volonet Ltd (Signed)
| MD5: | cd043eb9f60a095302936524ae86a5e9 |
| SHA1: | 6fe956ce33a890840cba478346a10f0959c34afb |
| SHA256: | b7bbd0b9d58b4d63f7d8cde5d071c2e627112109e9e94ee9810c996dbee1525d |
Warning 9 antivirus scanners has detected malware.
What is updatetask.exe?
updatetask.exe for Funmoods is the software updater program which runs in the background of Windows and automatically starts up when your PC boots. It checks for software udpates and automatically downloads and installs them if found. The updater will check for updates remotely and install them based on an internal schedule.
Overview
updatetask.exe is malware that executes as a process with the local user's privileges. It is installed with a couple of know programs including Update for PDF Creator published by installCore, Update for PDF Reader from installCore and Update for PDF Reader by installCore. The file is digitally signed by Volonet Ltd which was issued by the COMODO CA Limited certificate authority (CA).
Details
| File name: | updatetask.exe |
| Typical file path: | C:\users\user\appdata\roaming\funmoods\updateproc\updatetask.exe |
| Size: | 83 KB (84,992 bytes) |
| Certificate |
| Issued to: | Volonet Ltd |
| Authority (CA): | COMODO CA Limited |
| Expiration date: | Monday, November 25, 2013 |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following programs will install this file
Update for PDF Creator uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other ...
Update for PDF Reader uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for Mipony Download Manager is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
This uses the InstallCore download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
This uses the Install Core download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Behaviors
Scheduled tasks
- The job 'At2' runs weekly in the path 'D:\WINDOWS\Tasks\At2.job'
- The job 'At5' runs weekly in the path 'C:\WINDOWS\Tasks\At5.job'
- The job 'At1' runs weekly in the path 'C:\WINDOWS\Tasks\At1.job'
- The job 'Funmoods' runs daily in the path '\Funmoods'
- The job 'DSite' runs daily in the path '\DSite'
- The job 'Searchya' runs daily in the path '\Searchya'
- Entry path 'C:\WINDOWS\Tasks\At1.job'
- Entry path '\DSite'
- Entry path 'C:\WINDOWS\Tasks\At2.job'
- Entry path '\Funmoods'
Malware detections
Based on 40+ industry antivirus scanners, 9 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Avira AntiVir |
7.11.89.150 |
Adware/InstallCore.E |
| Comodo Internet Security |
16572 |
Application.Win32.InstallCore.k |
| ESET NOD32 |
7.8546 |
Win32/InstallCore.BD |
| Fortinet |
5.1.146.0 |
Riskware/InstallCore |
| Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
| Sophos |
4.90.0 |
Install Core |
| Trend Micro |
9.740.0.1012 |
ADW_DWNWARE |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_DWNWARE |
| ViRobot |
2011.4.7.4223 |
Trojan.Win32.A.NSAnti.84992.F |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
31.58% |
|
| Windows Vista Home Premium |
15.79% |
|
| Microsoft Windows XP |
15.79% |
|
| Windows 7 Ultimate |
13.16% |
|
| Windows 7 Professional |
10.53% |
|
| Windows 7 Enterprise |
5.26% |
|
| Windows 7 Starter |
2.63% |
|
| Windows 8 Pro |
2.63% |
|
| Windows 8 |
2.63% |
|
Distribution by country
United States installs about 39.47% of updatetask.exe.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
27.78% |
|
| Hewlett-Packard |
22.22% |
|
| Toshiba |
16.67% |
|
| Gateway |
11.11% |
|
| Acer |
8.33% |
|
| ASUS |
5.56% |
|
| Samsung |
2.78% |
|
| GIGABYTE |
2.78% |
|
| American Megatrends |
2.78% |
|
