Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
(Note, Hoolapp publishes each variation of this file with the same version, but the hashes are unique.)
Relationships
updatetask.exe
By Hoolapp (Signed)
MD5: | ec63f649f7090f885ebd4770ffb92fcb |
SHA1: | 2a19e8791533376d8f930704c7487b990be5b7cd |
SHA256: | ca24a8f7c04fe15a758f3360c8e5619205c53807bfc65f82c028cdf808bf2189 |
Warning 12 antivirus scanners has detected malware.
Overview
updatetask.exe is malware that executes as a process with the local user's privileges. It is installed with a couple of know programs including Update for Zip Opener published by installCore, Update for PDF Reader from installCore and Update for PDF Reader by installCore. The file is digitally signed by Hoolapp which was issued by the COMODO CA Limited certificate authority (CA).
Details
File name: | updatetask.exe |
Typical file path: | C:\users\user\appdata\roaming\hoolappforandroid\updateproc\updatetask.exe |
Size: | 92 KB (94,208 bytes) |
Certificate |
Issued to: | Hoolapp |
Authority (CA): | COMODO CA Limited |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Programs
The following programs will install this file
The software uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other potentiall...
Update for PDF Reader uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for PDF Creator uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other ...
Update for Codec Pack uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for Image Editor uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other...
Update for PDF Writer uses the InstallCore Click run software which is an installer that bundles legitimate applications that may also offer additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but also include an option to ‘opt-out’ during or after the installation process. Typical bundled installs include DealPly as well as other p...
Update for Codec Package is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Update for Mipony Download Manager is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Update for Codec Pack is the update mechanism for the Install Core software which is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
This uses the InstallCore download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
This uses the InstallCore download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
This uses the Install Core download Manager. Install Core Click run software is an installer which bundles applications with offers for additional third party programs that may be unwanted by the user incuding toolbars and browser extensions. Such third party programs are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.
Behaviors
Scheduled tasks
- The task 'Price Meter Updater' runs daily in the path '\Price Meter Updater'
- The task 'Speedial' runs daily in the path '\Speedial'
- The task 'PriceMeterUpdater' runs daily in the path '\PriceMeterUpdater'
- The task 'DigitalSite' runs daily in the path '\DigitalSite'
- The task 'MetaCrawler' runs daily in the path '\MetaCrawler'
- The task 'UpdaterEX' runs daily in the path '\UpdaterEX'
- The job 'MySearchDial' runs daily in the path '\MySearchDial'
- The task 'DealPly' runs daily in the path '\DealPly'
- The job 'At1' runs weekly in the path 'C:\WINDOWS\Tasks\At1.job'
- The job 'DSite' runs daily in the path '\DSite'
- The task 'Hoolapp For Android' runs daily in the path '\Hoolapp For Android'
- The job 'Funmoods' runs daily in the path '\Funmoods'
- Entry path '\Funmoods'
- Entry path '\Hoolapp For Android'
Malware detections
Based on 40+ industry antivirus scanners, 12 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Antiy Labs AVL |
2.0.3.7 |
Downloader/Win32.Agent.gen |
Dr.Web |
8.13.10.6 |
Adware.Downware.1195 |
ESET NOD32 |
7.8880 |
Win32/DownWare.E |
Fortinet |
5.1.147.0 |
W32/DownWare.E!tr |
Ikarus |
T3.1.5.4.0 |
not-a-virus:Downloader.Win32.Agent |
Kaspersky |
9.0.0.837 |
not-a-virus:Downloader.Win32.Agent.xdm |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Generic.a.(kcloud) |
Sophos |
4.93.0 |
Troj/Mdrop-FAN |
Trend Micro |
9.740.0.1012 |
ADW_DOWNWRE |
Trend Micro HouseCall |
9.700.0.1001 |
ADW_DOWNWRE |
Vba32 AntiVirus |
3.12.24.3 |
SScope.Trojan.Kriptik.8607 |
VIPRE Antivirus |
22126 |
Trojan.Win32.Generic!BT |
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
26.76% |
|
Windows 7 Ultimate |
18.31% |
|
Microsoft Windows XP |
12.68% |
|
Windows 8.1 |
8.45% |
|
Windows 8 |
8.45% |
|
Windows Vista Home Premium |
5.63% |
|
Windows 8 Pro |
4.23% |
|
Windows 7 Professional |
4.23% |
|
Windows 7 Home Basic |
2.82% |
|
Windows 8.1 Pro with Media Center |
1.41% |
|
Windows 8.1 Enterprise |
1.41% |
|
Windows 8.1 Single Language |
1.41% |
|
Windows Developer Preview |
1.41% |
|
Windows 8.1 Single Language Preview |
1.41% |
|
Windows 8 Pro with Media Center |
1.41% |
|
Distribution by country
United States installs about 30.99% of updatetask.exe.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Dell |
19.78% |
|
Acer |
17.58% |
|
Lenovo |
13.19% |
|
Hewlett-Packard |
13.19% |
|
ASUS |
10.99% |
|
Toshiba |
8.79% |
|
GIGABYTE |
4.40% |
|
Samsung |
3.30% |
|
American Megatrends |
3.30% |
|
MSI |
2.20% |
|
Sony |
2.20% |
|
Sahara |
1.10% |
|