Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
(Note, Hoolapp publishes each variation of this file with the same version, but the hashes are unique.)
Relationships
updatetask.exe
By Hoolapp (Signed)
MD5: | 00760d169c756b9cfd6b0faacba862ca |
SHA1: | 84d231bd285fb6e1bc20f82bc6261c1507675c17 |
SHA256: | 1d954f0d7bb161e7f18f0ba0453218beb82a9fd8b447a5569432485e6deb3a4b |
Warning 8 antivirus scanners has detected malware.
Overview
updatetask.exe is malware that executes as a process with the local user's privileges. It is installed with a couple of know programs including Update for Zip Opener published by installCore, Update for Image Editor from installCore and Update for Image Editor by installCore. The file is digitally signed by Hoolapp which was issued by the COMODO CA Limited certificate authority (CA).
Details
File name: | updatetask.exe |
Typical file path: | C:\users\user\appdata\roaming\hoolappforandroid\updateproc\updatetask.exe |
Size: | 93 KB (95,232 bytes) |
Certificate |
Issued to: | Hoolapp |
Authority (CA): | COMODO CA Limited |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
Extended Update is a potentially unwanted application that is triggered to run daily by bypassing Windows User Account Control (UAC).
The software uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other potentiall...
Update for Image Editor uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other...
Update for Codec Pack uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for Mipony Download Manager is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Update for PDF Writer uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for PDF Creator uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other ...
Update for Codec Package is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Update for Zip Extractor uses the Install Core download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user including toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
The soft...
This uses the InstallCore download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
“If you ever wanted to add video to your projects or websites, there is no easier way than using pre-built Flash video components. Our player is one of the most feature loaded components on the market and it was specifically designed to suit developer and designers needs. It provides a fast and easy way to add video content in just few steps. The name FLVplayer doesn't limit our video player to FLV video files. Using our component you ca...”
Behaviors
Scheduled tasks
- The task 'Price Meter Updater' runs daily in the path '\Price Meter Updater'
- The task 'Speedial' runs daily in the path '\Speedial'
- The task 'PriceMeterUpdater' runs daily in the path '\PriceMeterUpdater'
- The task 'DigitalSite' runs daily in the path '\DigitalSite'
- The task 'MetaCrawler' runs daily in the path '\MetaCrawler'
- The task 'UpdaterEX' runs daily in the path '\UpdaterEX'
- The job 'MySearchDial' runs daily in the path '\MySearchDial'
- The task 'DealPly' runs daily in the path '\DealPly'
- The job 'At1' runs weekly in the path 'C:\WINDOWS\Tasks\At1.job'
- The job 'DSite' runs daily in the path '\DSite'
- The task 'Hoolapp For Android' runs daily in the path '\Hoolapp For Android'
- The job 'Funmoods' runs daily in the path '\Funmoods'
- Entry path '\Funmoods'
- Entry path '\Hoolapp For Android'
Network connections
[TCP] ec2-54-225-201-206.compute-1.amazonaws.com (54.225.201.206:80)
Malware detections
Based on 40+ industry antivirus scanners, 8 of them detected the following malware.
Antivirus engine | Engine version | Detection |
avast! |
8.0.1489.320 |
Win32:PUP-gen [PUP] |
Comodo Internet Security |
17006 |
Application.Win32.Agent.~INS |
Dr.Web |
8.13.9.30 |
Adware.InstallCore.131 |
ESET NOD32 |
7.8848 |
a variant of Win32/DealPly.F |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
Trend Micro |
9.740.0.1012 |
ADW_INSTALLCORE |
Trend Micro HouseCall |
9.700.0.1001 |
ADW_INSTALLCORE |
Vba32 AntiVirus |
3.12.24.3 |
SScope.Trojan.Kriptik.8607 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00716249% | |
Kernel CPU: | 0.00573918% | |
User CPU: | 0.00142332% | |
Kernel CPU time: | 125 ms/min | |
Memory |
Private memory: | 2.86 MB | |
Private (maximum): | 9.22 MB | |
Private (minimum): | 184 KB | |
Non-paged memory: | 2.86 MB | |
Virtual memory: | 95.02 MB | |
Virtual memory (peak): | 104.07 MB | |
Working set: | 588 KB | |
Working set (peak): | 9.22 MB | |
Resource allocations |
Threads: | 2 | |
Handles: | 164 | |
GUI GDI count: | 28 | |
GUI GDI peak: | 30 | |
GUI USER count: | 21 | |
GUI USER peak: | 21 | |
Process properties
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
26.76% |
|
Windows 7 Ultimate |
18.31% |
|
Microsoft Windows XP |
12.68% |
|
Windows 8.1 |
8.45% |
|
Windows 8 |
8.45% |
|
Windows Vista Home Premium |
5.63% |
|
Windows 8 Pro |
4.23% |
|
Windows 7 Professional |
4.23% |
|
Windows 7 Home Basic |
2.82% |
|
Windows 8.1 Pro with Media Center |
1.41% |
|
Windows 8.1 Enterprise |
1.41% |
|
Windows 8.1 Single Language |
1.41% |
|
Windows Developer Preview |
1.41% |
|
Windows 8.1 Single Language Preview |
1.41% |
|
Windows 8 Pro with Media Center |
1.41% |
|
Distribution by country
United States installs about 30.99% of updatetask.exe.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
19.78% |
|
Acer |
17.58% |
|
Lenovo |
13.19% |
|
Hewlett-Packard |
13.19% |
|
ASUS |
10.99% |
|
Toshiba |
8.79% |
|
GIGABYTE |
4.40% |
|
Samsung |
3.30% |
|
American Megatrends |
3.30% |
|
MSI |
2.20% |
|
Sony |
2.20% |
|
Sahara |
1.10% |
|