Carambis Driver Updater, Potentially Superfluous Software.
Some legitimate programs like Carambis Driver Updater can be classified as unnecessary. They are not necessarily necessary for the functioning of the system and sometimes even unwanted.
More specifically, Rostpay's Carambis Driver program falls into the category of software that can optimize your system. It can be installed via downloading repackaged freeware.
It displays alerts on the quality of the system and offers the purchase of a paid version to resolve problems.
Some security solutions, such as ESET or Sophos, classify this software as Potentially Unwanted Optional Software (PUA/PUP/LPI).
This program is classified as Potentially Unnecessary Software (LPS). It installs as a program and/or as a browser extension. It can start automatically from the Registry via a "Run" key, a service or a scheduled task. It may launch when you start your browser after changing its settings. Sometimes the launch is done silently, that is to say it works in the background. The virus analysis of this software does not show any malware detection.
These are mostly legitimate programs that may not be necessary for your system to function properly. The multiplication of programs launched at system startup can cause delays in the execution of ordinary system tasks but also when browsing the Internet. Note that some programs come from downloads with repackaging, a technique which consists of offering other software during installation. These additional programs are obviously superfluous, they can even be installed without your knowledge. It is recommended to read the EULA before installing packaged software. Before clicking, check the relevance of the pre-checked boxes offered to you.
Potentially unwanted software (LPI) or Potentialy Unwanted Programs (PUP) are the cause of many infections. The most common example is adware. InstallCore, Crossrider, Graftor ou Boxore which pollute the Registry and your data storage units. They are usually installed without your knowledge by downloading freeware. Indeed some sites use the repackaging method, an operation which consists of redoing the software installation module by adding download options. These options allow you to add other software such as browser toolbars, adware, potentially unwanted software, intrusive advertising software, or even browser hijackers.
Spyware (spyware) and adware (adwares) unwanted files, just like malware, can use the writing flaws of legitimate software or those of operating systems. It is therefore essential to have official software and that it has automatic updating. Likewise, your Windows operating system must be programmed in automatic update mode and activated, so that you can have the latest updates for critical security vulnerabilities.
TECHNICAL ELEMENTS
Features
– Starts a process at system launch (RP),
- Created multiple application shortcuts, Desktop, QuickLaunch, Taskbar, Programs (O4GS),
- It is installed in the Registry Base in order to be launched each time the system starts (O4),
- It starts a scheduled task automatically (O38),
- It installs as a program (O42)
– Created multiple “Software” registry keys,
- Adds additional folders (O43),
- Registration in the Windows prefetcher folder (O45)
– Adds multiple user files (O61),
– It creates an active inbound connection in Windows Firewall Application Exceptions (O87),
– It creates Installer registry keys (O90),
- It creates context menu shortcuts (O108),
Preview in reports
Recorded on 30/08/2019
Serial number: 12640C72191CC90380E6C7059DB0397E
O4 – HKCU\..\Run: [Driver Updater] . (.ROSTPAY LTD – Driver Updater.) — C:\Program Files\Carambis\Driver Updater\dupdater.exe
O4 – HKUS\S-1-5-21-1245994586-1316496797-479707281-1000\..\Run: [Driver Updater] . (.ROSTPAY LTD – Driver Updater.) — C:\Program Files\Carambis\Driver Updater\dupdater.exe
[MD5.A05CEC204639B239E539CC96665B1C6D] – (.ROSTPAY LTD – Driver Updater.) — C:\Program Files\Carambis\Driver Updater\dupdater.exe [5188728] [PID.2424]
O4 – GS\Desktop [Coolman]: Driver Updater.lnk. (.ROSTPAY LTD – Driver Updater.) C:\Program Files\Carambis\Driver Updater\dupdater.exe
O42 – Software: Carambis Driver Updater – (.ROSTPAY LTD.) [HKLM] — Driver Updater
HKCU\SOFTWARE\Carambis
HKU\S-1-5-21-1245994586-1316496797-479707281-1000\SOFTWARE\Carambis
O43 – CFD: 29/08/2019 – [] D — C:\Program Files\Carambis
O43 – CFD: 29/08/2019 – [] D — C:\Users\Coolman\AppData\Roaming\Carambis
O43 – CFD: 29/08/2019 – [] D — C:\Users\Coolman\AppData\Roaming\Driver Updater
O43 – CFD: 29/08/2019 – [] D — C:\Users\Coolman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Updater
[12640C72191CC90380E6C7059DB0397E] [13/08/2019] (.ROSTPAY LTD.) – C:\Program Files\Carambis\Driver Updater\dupdater.exe
[12640C72191CC90380E6C7059DB0397E] [13/08/2019] (.ROSTPAY LTD.) – C:\Program Files\Carambis\Driver Updater\uninstall.exe
[12640C72191CC90380E6C7059DB0397E] [29/08/2019] (.ROSTPAY LTD.) – C:\Users\Coolman\AppData\Local\Tempcarambis_driver_updater_346f9adf0c48ed563eacf2ed51d248a2574080e7.exe
[12640C72191CC90380E6C7059DB0397E] [29/08/2019] (.ROSTPAY LTD.) – C:\Users\Coolman\Downloads\InstallerDU-2.4.4.4634.exe
Alias
Virus Total Analysis dupdater.exe :
DrWeb Program.Unwanted.4320
Endgame Malicious (moderate Confidence)
ESET-NOD32 A Variant Of Win32/UwS.CarambisDU.B
Rising Trojan.Generic@ML.87 (RDMK:Vmuh8kZi1Z9kcwDjfTzpdQ)
Tencent Win32.Risk.Uws.Ljjw
VBA32 SigRiskware.ROSTPAYLTD
Alias
Virus Total Analysis InstallerDU-2.4.4.4634.exe (installer) :
DrWeb Program.Unwanted.4320
Endgame Malicious (moderate Confidence)
Rising PUF.Rostpay!8.10916 (TFE:5:ybu8UFDYVLQ)
SentinelOne (Static ML) DFI – Suspicious PE
VBA32 SigRiskware.ROSTPAYLTD
Associate Editors
Rostpay Ltd
Some products
Carambis Driver Updater
Driver Updater
MD5 encryption
A05CEC204639B239E539CC96665B1C6D
Serial number
12640C72191CC90380E6C7059DB0397E
How to Remove Carambis Driver?
