» driverfetch_setup.exe
Overview
Analysis
File Details

driverfetch_setup.exe

Driver Fetch

Blitware Technology Inc.

The application driverfetch_setup.exe by Blitware Technology has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the Inno Setup installer. This version of the installer will bundle the Ask.com Toolbar, a potentially unwanted web browser extension.

File name:

Publisher:

Blitware Technology Inc. (signed by Blitware Technology Inc.)

Product:

Driver Fetch

Version:

2.5.0.2

MD5:

d2d9664d171e616dfc39ce960fa5c442

SHA-1:

2c5e59b4c91d3520fe4f5e22a1a47063e9dead80

SHA-256:

36a56a19a2e9e21b7cf86c5bd7a8086283956e5ba11ebeb4174b3bb1388d981b

Scanner detections:

2 / 68

Status:

Potentially unwanted

Explanation:

Bundles that Ask.com toolbar as a third-party offer, a web browser extension that may modify a user's search and home pages.

Analysis date:

4/26/2024 10:59:50 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Bundled.Toolbar.Ask potentially unsafe application

7.0.302.0

Reason Heuristics

PUP.Ask.Toolbar.Bundled

16.3.1.0

File size:

7.1 MB (7,479,320 bytes)

Product version:

2.5.0.2 (rev None)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\driverfetch_setup.exe

Digital Signature

Signed by:

Blitware Technology Inc.

Authority:

GoDaddy.com, Inc.

Valid from:

10/29/2008 1:17:11 PM

Valid to:

10/29/2011 12:45:38 PM

Subject:

CN=Blitware Technology Inc., O=Blitware Technology Inc., L=Victoria, S=BC, C=CA

Issuer:

SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:

00E0A6E5

File PE Metadata

Compilation timestamp:

4/10/2010 10:57:59 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

196608:mcL0EBndETc8HjfrFNV9Csv2E6iDynTRAW127GU:mM0EBndETXrFdMWynTRA5P

Entry address:

0x163C4

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 54, 55, 41, 00, E8, 70, 04, FF, FF, 33, C0, 55, 68, 91, 6A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 4D, 6A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, A6, EF, FF, FF, E8, B1, EA, FF, FF, 8D, 55, EC, 33, C0, E8, FB, 87, FF, FF, 8B, 55, EC, B8, B0, D6, 41, 00, E8, A6, EA, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, B0, D6, 41, 00, B2, 01... 
[+]

Entropy:

7.9699

Developed / compiled with:

Microsoft Visual C++

Code size:

85 KB (87,040 bytes)

Remove driverfetch_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.