home

driverfinder_setup.exe

DeskToolsSoft B.V

The application driverfinder_setup.exe by DeskToolsSoft B.V has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
DeskToolsSoft B.V  (signed and verified)

MD5:
48ade298218559c919f41c343575253b

SHA-1:
331838802c0b88221afcbb008535eefb997af768

SHA-256:
2fab970985cb51501451224f5e2953bcccfc56fc8a13db6e8a7da272be27ec78

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/24/2024 12:55:16 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.DeskToolsSoft (L)
16.6.13.18

File size:
248.9 KB (254,912 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\downloads\programs\driverfinder_setup.exe

Digital Signature
Signed by:
DeskToolsSoft B.V

Authority:
COMODO CA Limited

Valid from:
2/8/2012 3:00:00 AM

Valid to:
2/8/2014 2:59:59 AM

Subject:
CN=DeskToolsSoft B.V, O=DeskToolsSoft B.V, STREET=Jupiterstraat 4, L=Assen, S=Drenthe, PostalCode=9405PP, C=NL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1AF9E0F588744CDEC54F29861DEA1F32

File PE Metadata
Compilation timestamp:
2/24/2012 10:19:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
6144:AEUXQmssSM6Bcr2b2jDazH4UeaNKZiex+HYfSanHmHj:AE3m8PcK4GzreK+itYRnej

Entry address:
0x39E3

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 91, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, C0, 82, 40, 00, 6A, 08, A3, B8, 2E, 47, 00, E8, 37, 2A, 00, 00, 55, 68, B4, 02, 00, 00, A3, D0, 2D, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 93, 40, 00, FF, 15, 84, 81, 40, 00, 68, 04, 93, 40, 00, 68, C0, AD, 46, 00, E8, 19, 27, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 30, 4C, 00, 57, E8, 07, 27, 00, 00...
 
[+]

Entropy:
7.7641

Packer / compiler:
Nullsoft install system v2.x

Code size:
28 KB (28,672 bytes)

Scheduled Task
Task name:
{1A701DCC-883A-42D3-AC2E-E2877ED08AF9}

Trigger:
Registration (Runs on registration)


The file driverfinder_setup.exe has been seen being distributed by the following 43 URLs.

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1452189637&Signature=Mh35EfnYJlskAdxn0moWHtS3iRM5wE9MT-VVoAK9HbESVoJjo7qJOb54aM28UgPyGj9T1EAhSQKDrWT9~0Rq051Y3MnKqnf5k~xsGsHv7xzal-PtGY9aymMiYNT4ZhVzzpCAYdnrTf6iEZirtibRDosirE7VyRjArT05u43LIZ4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1449800872&Signature=X3MBVzwuxGvrKR5glQQCaqhUtgkBxHL~hGyOFrH6MJBdQemTb3Xhbu9t~axHmv5B5DRFQCGt~xTbs1NjDw7yrfqvM~w9xgtCnEoEm9zvklLnOKOsEbBNXE52g3kuKQfjGlyT5p1uMP4oTGOgfrZJO8pAIU2x5cOg-G-CpsHYB1s_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_es&type=PROGRAM&Expires=1441158331&Signature=WWzvpZ4r9wFKsKSZVZiRvz~7Jc1Qw6V2Q31MRFeIC-ZfkL4xdaWE~PW1S-qFC0qZRijoeZKN9W98wyPg2aD0yOciRuKHDliEF~cTPZHtEke-ftQLANVz8DRcfbYHzHUmTmAq4aMffi~3VEMOWthAo28miHA-ZjIEBLcOW7CvSX4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_fr&type=PROGRAM&Expires=1427083177&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=FMG5w1u0x4RLFgoSYXrwqWn6kj0Is4FLsdj9vFigegjiQ4vkZS7lHtJw1F7l36xXz1ObpIl4MJAYW9L9p9qqQm6x4GzV8OsTvKyDMqqnjtP0Ww-VrPvGFHrBOGFTkkZLSvuYUvLn75Z6NqzVjjxGbCfz6zTfQ9yVwA61psrT9-s_&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1433998675&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=eSDl~Gs7iNIsaMZKvI1gl0LgGERmYBJFpTOkfWHZxiLCqWSmti9Z8zipsLTt6srx5OyHBNCZWxPjXXWX60Sc94bP9CEwqoomXJyiTprfO4p8s3oOaG3vo0sEE11QMjaf3mOgOpiUGRtSFVOJqEiH7Qds6J7109p7hu7mpB50cr8_&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1435111259&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=H9D6ezQvrlJLVX9n4QDonLAs3tzZ-pjZI4MPY-KFpCyaRTESiJu-bC8c9TBFnOKjz9TuYWvjdXwZDn~Jz2zWmDbK2nsrFBqhruwCv1FXHesnTjFOSgy~otizd8MWMWOoe86lYAtya1-iCFrO5HRa7EUYVtEIhVZVXnjITPfX-pM_&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1433066532&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=DaewgoYDAcn3wQXN2O8w~hi1o6X2-GFKgIzyIIoqGaKjafln2QXMyqaXEO0MFTeuyZa7HGkzwPCCgmPuXpDndAMFmGahBG765rTkWQImAd-DKnc-iIKzpk-cdJESer7YL~TklmOeJh3PXXYiwI22aIAT-7~arIEbwsvHwG886g4_&filename=DriverFinder_Setup.exe

http://go.pcsoftupdate.com/click

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1450282432&Signature=GepCraALpgiPRO4CzeKecLJ4eAoBIRSXfVYrBStue70hVdln-AZfkv8xDg3ESvCtP6FN2jgTnQtOsJDl8Vd13YRJ2yt7MgR8JJ~CFxo3c1l0gaCFwVy5lbZn8LRF3xTvC7r~eBgKTsH2src6lXX6rvX5cBae3cVHMLo1o1XFHVg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1448208878&Signature=dVxrgYsyXL6E-Lh0nklUSXIhzhE0o83pyWad-7OieD8tuhgp1Q3f5Ymn~jxAbpoFm64d0e0LYNrprzUZ20RmtkhAUvLrXHBz7LfVACSh1tfbsVhlou-c~1AlN3CWECZycxWrsKMUi6F5x0tuzhLfYg5kSyQhPbmThtRHSng5ypI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1447238124&Signature=SsI6vaeHBP2EGFiC5GS54UBtffyO7vrO5XSFgVv6Kgu1LR~r9IuEcetzjecviFo8i-dYw6kHlJLhlebMgUfJnXo2wiKv3nniQDYeDoQJEm-ta-gvrzqqkeIRCj0n34XTwC622TBEjSEyjBRYzi03oBRBDHPGmppBGOOjX~njfoc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://gsf-cf.softonic.com/331/838/.../file?SD_used=0&channel=WEB&fdh=no&id_file=6656671&instance=softonic_en&type=PROGRAM&Expires=1443825279&Signature=anyfWA8o9AuWIuwb8qqzharScfTMuWnluopgNUjBFZjcDNinhhAqd66n0jV0Jex6nIUwXglHVo4zhKefwHuCOPvsgB8KO67WumsAhLHZRPccYvmWjDOoDk562L-RMYeCrjqlNe4M7IhsVdHk2Jj-BJc~-an4RAB9e0k3WB6p-uU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=DriverFinder_Setup.exe

http://driverfindertool.com/trkfor/.../download.php

http://device-driver.org/.../download.php?tid=dolaudDD1dolaud&src=b&ta=4331555083&kw=15234530825

http://device-driver.org/.../DriverFinder_Setup.exe

http://eddrivers.desktoolssoft.safecart.com/driverfinder/.../?lexinst3FI2lex

http://eddrivers.desktoolssoft.revenuewire.net/driverfinder/.../?lexinst3FI2lex

http://device-driver.org/.../download.php?tid=lexinst3FI2lex&src=b&ta=4240348346&kw=6646547384

http://device-driver.org/.../download.php?tid=bTosFI2toshiba&src=b&ta=4144102622&kw=6110003209

http://dfcompu.desktoolssoft.safecart.com/.../download?92685

http://dfcompu.desktoolssoft.revenuewire.net/.../download?92685

http://trk500.com/tracking202/.../off.php?acip=1107&pci=9926859

http://driverfinders.com/download-setup.php

http://6drvint.desktoolssoft.safecart.com/.../download?1807203

http://6drvint.desktoolssoft.revenuewire.net/.../download?1807203

http://vmtracker2000.com/tracking202/.../off.php?acip=11513&pci=918072038

http://6drvint.desktoolssoft.safecart.com/.../download?1912350

http://6drvint.desktoolssoft.revenuewire.net/.../download?1912350

http://vmtracker2000.com/tracking202/.../off.php?acip=11513&pci=219123507

http://6drvint.desktoolssoft.safecart.com/.../download?1612107

Latest 30 of 43 download URLs

Remove driverfinder_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.