Goobzo LTD

Publisher Information

Goobzo LTD is a software publisher located in Haifa, Israel*. The company is a primary distributor of adware type software. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
5/1/2013 8:00:00 PM

Valid to:
5/2/2015 7:59:59 PM

Subject:
CN=Goobzo LTD, O=Goobzo LTD, L=Haifa, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
120b25dde57b88636ad4d97d23b99c88

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Goobzo, PUP.Installer.Goobzo, PUP.Task.Goobzo, Adware.Crossrider.Task.Goobzo, Adware.Crossrider.Goobzo, Adware.Installer.Goobzo
100.00%

AVG
Skodna, MalSign.Skodna, ShopperPro, Generic
94.00%

VIPRE Antivirus
Goobzo, Threat.4792716, Crossrider, Threat.4789396, Trojan.Win32.Generic, Threat.4150696
92.00%

Panda Antivirus
Adware/Goobzo, Trj/Genetic.gen
76.00%

Baidu Antivirus
Adware.Win32.CrossAd, Adware.Win32.Shopper, PUA.Win32.CrossRider, Adware.Win32.CrossRider, PUA.Win32.SBWatchman, Adware.Win64.Crossrider
72.00%

ESET NOD32
Win32/Toolbar.CrossRider.AW (variant), Win32/SBWatchman (variant), Win32/SBWatchman.D potentially unwanted (variant), MSIL/SBWatchman (variant)
72.00%

G Data
Win32.Application.GoobZo, Gen:Variant.Adware.Strictor.75071, Gen:Variant.Adware.Graftor.171097, Gen:Variant.Strictor.62444
70.00%

Kaspersky
not-a-virus:WebToolbar.Win32.CrossRider, not-a-virus:Downloader.NSIS.Agent, not-a-virus:AdWare.Win32.Shopper, not-a-virus:WebToolbar.Win32.CroRi
68.00%

AhnLab V3 Security
Win-PUP/CrossRider, PUP/Win32.CrossRider, PUP/Win32.BHO, PUP/Win32.MulDrop
66.00%

avast!
Win32:Adware-CDO [PUP], Win64:Adware-gen [Adw], NSIS:Adware-PQ [PUP], Win32:Crossrider-AP [PUP], Win32:Crossrider-AG [PUP], Win32:Crossrider-AL [PUP]
58.00%

25 / 68    (Adware)
ins_postinst.exe  (f6e8fe715254aa50ca98595e97f41ebf)

12 / 68    (Adware)
setup.exe  (3fbbb3bf9ad27022e5c2e9a0e1e642ad)

1 / 68      (Adware)
smw.exe (Search module)  (8e2f9ee3552c2836ced2628e0a05fe68)

1 / 68      (Adware)
iwebar.exe (Mhdnsh by Ovsjcbtavvrx)  (02a3981951cd56d96dfa1bf818b5349f)

11 / 68    (Adware)
uninstall.exe  (f6b678c0d9f93a41d77a6871dc4b35c7)

10 / 68    (Adware)
iwebar-nova.dll  (28913c5e7f70cddc297bda8cdc78c45d)

16 / 68    (Adware)
iwebar-buttonutil64.dll  (c303cb5648ad7a416521002f902298fd)

29 / 68    (Adware)
iwebar-buttonutil.dll  (e6d22b655ad10cbf92fd5829156fea4f)

37 / 68    (Adware)
iwebar-bho64.dll (iWebar)  (ab3e8d8d1f32b4f93a2be27e35daf9b5)

42 / 68    (Adware)
iwebar-bho.dll (iWebar)  (c80e499dc3b73ef2d92812835ab32374)

33 / 68    (Adware)
c03909e0-b66f-4749-b405-8367ce193317-2.exe (iWebar)  (6f68557ce293b10f350fcab313343a30)

9 / 68      (Adware)
dcytdiegut_gutdu_setup.exe  (0e94c263b7896fc037e76bcc7fa17afd)

8 / 68      (Adware)
sysmenu64.dll (by Goobzo)  (6cc8f44cacda3dae90ba54519cee62ce)

18 / 68    (Adware)
4e0ed15e-699c-47e9-84d4-0bf2c56d9e2f.dll  (7e89168c7f96ce475c84698595e044a7)

31 / 68    (Adware)

27 / 68    (Adware)
sma.exe (W by )  (0e0ffcc399e897111efb20a3ce2dfd36)

25 / 68    (Adware)
dcsmuninstall.exe  (0e854c7d886ac5e5c80d98c6e91b5d55)

14 / 68    (Adware)
smw.sys (sbw)  (a407d5a9fdf68adb9775f96f437e490d)

21 / 68    (Adware)
smei32.dll (W by Search Module)  (716a8291031c519b16a28eb99d3aba40)

1 / 68      (Adware)
ins_yta.exe (by Goobzo)  (0ae1ae7139372fad30d5cb04032750c2)

24 / 68    (Adware)
ytd.exe (YTDownloader by Goobzo.com)  (23f08c9ffff66bde6b621138b436df9d)

17 / 68    (Adware)
ytduninst.exe  (1148a732be7e72688ec73d2a61197b04)

20 / 68    (Adware)
trz1b22.tmp  (611c448f3e488b89437d6229ac5de47d)

29 / 68    (Adware)
uninstall.exe  (b7eeb61c73b516a708d5fa621dad74fa)

13 / 68    (Adware)
object browser-nova.dll  (7ef4895107e7a1ac150f29da27834237)

11 / 68    (Adware)
gnfsrwcsahi.exe  (a18712a1fde4499d7e5afb78dffdbc14)

11 / 68    (Adware)
tzwljzeqme.exe  (8dcec474d00d7bd33fe3f0cd47f0eecd)

17 / 68    (Adware)
272056 (Object Browser)  (f12d96e687ff0ad3dcad82eacdeec779)

9 / 68      (Adware)
uninstall.exe  (fde5e12ee5538a9c1aaf89cb0983a649)

41 / 68    (Adware)
object browser-bho.dll (Object Browser)  (af41478c94052c7a275c667689e6ece5)

 
Latest 30 of 9,269 files

The following certificate is also signed by Goobzo LTD.

3C3E526E4FC7FCA9432F2BC6F34C86A5  (Feb 04, 2015 to May 06, 2016)

The following publishers (by Authenticode signature organization name) are related.

Detection Incidence by Country
* Note, the details and description above are based on the code signing digital signature issued to Goobzo LTD by Thawte, Inc. on May 01, 2013 with the serial number '120b25dde57b88636ad4d97d23b99c88'.