UniversalDriverUpdater.exe

Universal Driver Updater

PC SPEEDUP TOOLS

The application UniversalDriverUpdater.exe by PC SPEEDUP TOOLS has been detected as a potentially unwanted program by 3 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program Universal Driver Updater by universaldriverupdator.com. While running, it connects to the Internet address cache.google.com on port 80 using the HTTP protocol.
Publisher:
PCVARK  (signed by PC SPEEDUP TOOLS)

Product:
Universal Driver Updater

Version:
1.1.0.0

MD5:
a3540b98826e1191669bb0ad1e4bde3b

SHA-1:
22827a424f8da51625109571529d7bf5e9633741

SHA-256:
690950b66b5fe1bbc357285bd4342b784e4427f1370cf99237289eb6dc8212dd

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 2:06:01 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160917-0

Dr.Web
riskware program Program.Unwanted.1587
9.0.1.05190

ESET NOD32
Win32/Auslogics.A potentially unwanted application
6.3.12010.0

File size:
3.4 MB (3,582,080 bytes)

Product version:
1.x

Copyright:
Copyright © 2016 PCVARK Software Pvt. Ltd

Trademarks:
Copyright © 2016 PCVARK Software Pvt. Ltd

Original file name:
UniversalDriverUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\universal driver updater\universaldriverupdater.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
9/13/2016 4:00:00 AM

Valid to:
9/14/2017 3:59:59 AM

Subject:
CN=PC SPEEDUP TOOLS, O=PC SPEEDUP TOOLS, STREET="104 Surya Nagar, Murlipura", L=JAIPUR, S=RAJASTHAN, PostalCode=302039, C=IN

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
3829DB9E945E3F92A12B7B3AC64C3245

File PE Metadata
Compilation timestamp:
9/20/2016 2:40:43 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:JnV+FnqwSaoIZEMKhlEl05fVhPHC8/AM77IZTaBZZug0d12EDLaIgvy8X2:J8Fnoa4Zug0dsE9gvBm

Entry address:
0x1E7204

Entry point:
55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 78, FD, 5D, 00, E8, CB, A4, E1, FF, 33, C0, 55, 68, C1, 72, 5E, 00, 64, FF, 30, 64, 89, 20, B8, 64, FD, 5D, 00, E8, 6F, 76, E4, FF, B0, 01, E8, 6C, E9, E7, FF, B0, 01, E8, 31, 3C, E8, FF, A1, A4, F6, 5F, 00, 8B, 00, E8, 7D, DF, E7, FF, A1, A4, F6, 5F, 00, 8B, 00, B2, 01, E8, A7, DF, E7, FF, 8B, 15, 24, D8, 5D, 00, A1, 5C, A1, 58, 00, E8, 73, 30, FA, FF, 8D, 55, EC, A1, 0C, 8F, 5C, 00, E8, CA, 9E, E1, FF, 8B, 55, EC, A1, 8C, DD, 5D, 00, E8, 19, 6F, FF, FF, 84...
 
[+]

Entropy:
6.9016

Developed / compiled with:
Microsoft Visual C++

Code size:
1.9 MB (1,989,120 bytes)

Scheduled Task
Task name:
Start Driver Updater automatic scanning

Path:
\Universal\Driver Updater\Start Driver Updater automatic scanning

Trigger:
Daily (Runs daily at 12:37 AM)

Description:
Automatic scanning on Driver Updater launch.


The file UniversalDriverUpdater.exe has been discovered within the following program.

Universal Driver Updater  by universaldriverupdator.com
www.universaldriverupdater.com
About 9% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to li807-139.members.linode.com  (104.237.131.139:80)

TCP (HTTP):
Connects to cache.google.com  (59.20.132.231:80)

TCP (HTTP):
Connects to 67-219-149-66  (67.219.149.66:80)

TCP (HTTP):

Remove UniversalDriverUpdater.exe - Powered by Reason Core Security