home

HOW SOFT

Publisher Information

HOW SOFT is a software publisher located in Guro-gu, Seoul in Korea*. The publisher primarily developes software that can be classified as adware. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
12/16/2010 9:00:00 AM

Valid to:
12/17/2011 8:59:59 AM

Subject:
CN=HOW SOFT, O=HOW SOFT, L=Guro-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3b9817fbe154b0346689e1852f9704a7

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Hue Communication.HOWSOFT (M), PUP.Hue Communication.HOWSOFT.Installer (M), PUP.Hue Communication (M)
100.00%

Bkav FE
W32.Clod161.Trojan
2.00%

MicroWorld eScan
Trojan.Generic.6260580
2.00%

nProtect
Trojan.Generic.6260580
2.00%

McAfee
Artemis!EBD2EC031CFA
2.00%

K7 AntiVirus
Trojan
2.00%

Norman
Suspicious_Gen2.PSFIA
2.00%

avast!
Win32:HowSoft-A [PUP]
2.00%

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Agent
2.00%

Bitdefender
Trojan.Generic.6260580
2.00%

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (c632ef5df51ee4e2db94ded74e27892f)

1 / 68      (PUP)
kosguide.dll (KTHOpenSearch by NowSoft)  (79d6e15ea1a960ac58be77f5eec28e41)

1 / 68      (PUP)
howcodec_update.exe (Howcodec by HowSoft)  (b68f671e6bddc5499a36288b1d9fef82)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (6f419a2910c6ee40649088c20eeccdc2)

1 / 68      (PUP)
howcodecband.dll  (1473c294c1c8a167d75e8eea68d0c8d9)

1 / 68      (PUP)
howcodec_update.exe  (8ae93d86fc12c39601ab41d7b46c2af8)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (64c704173864983a52297c13b5241b30)

1 / 68      (PUP)
kos_guide.dll (by HowSoft)  (035d707763c338d751adaa189e66da02)

1 / 68      (PUP)
HowCodecSetup.exe (by HowSoft)  (c33e6971a24f14c6a6833d04acf2d0c1)

1 / 68      (PUP)
Down_LoadGetChange.exe  (b1ee1c6acc92175e9a4fe8a75eaa1eed)

1 / 68      (PUP)
kosearch.exe (KTHOpenSearch by NowSoft)  (a5ce05001de9a9a6241df1801975adb1)

1 / 68      (PUP)
DownLoadGetInstall.exe  (de9126a0c4a0aec2f24640a8c44a587d)

1 / 68      (PUP)
howcodecsetup.exe (by howsoft)  (1c552c50a15eea4d520726fb7a75eb0e)

1 / 68      (PUP)
HowCodecSetup.exe (by HowSoft)  (09fbfc60f2a2fc7247665c53602bbba6)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (a4baf25ce152c821f0ca5d0074a024f1)

1 / 68      (PUP)
howcodecband.dll  (c8a5f799f6fe7e6ba84bec2ea157e269)

1 / 68      (PUP)
howcodecband.dll  (c38e2542d174f7b9d071859995215db6)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (97c9fb61c9966e5ddc02fbaf641fa9af)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (745549072dae644575f5bca234c9edee)

1 / 68      (PUP)
Down_LoadGetInstall.exe  (5d4213cb04eedd662a2929599baac8a6)

1 / 68      (PUP)
Down_LoadGetupHp.exe  (01a67b59b86267ac19e9e3283b638c06)

1 / 68      (PUP)
Down_LoadGetUpgrade.exe  (a0a06f00e43c117509e9a48c389c8a79)

1 / 68      (PUP)
upchanger.exe  (9059ebf7b33fc3655a0813064bb8a54c)

1 / 68      (PUP)
howcodecopen.exe (by howsoft)  (c0223e1d16ff3687751cc31282a9621b)

1 / 68      (PUP)
howcodecband.dll (howcodecband.dll by HOW SOFT)  (b65d59071880bfbab1a0e56477f00dc8)

1 / 68      (PUP)
howcodecsetup.exe (by howsoft)  (395c82abefdf376d8d626be325c9937c)

1 / 68      (PUP)
kos_guide.dll (by HowSoft)  (a832bd546a5549c2c50be961d7764fb6)

1 / 68      (PUP)
howcodec_update.exe (Howcodec by HowSoft)  (11d90fbc42975efd63cc818baf3a4f95)

1 / 68      (PUP)
hka.dll  (4261cffac9008c632a27ac0d6404d998)

1 / 68      (PUP)
howcodecopen.exe (Howcodec by howsoft)  (203479db49f1416e35f9ba724d162313)

 
Latest 30 of 63 files

The certificates below are also signed by HOW SOFT.

7BA3F775C5D05768F56F97039538592C  (Jan 30, 2013 to Mar 02, 2015)

567C8147E85208EFCE0495C1D8AC015F  (Nov 28, 2011 to Jan 27, 2013)

* Note, the details and description above are based on the code signing digital signature issued to HOW SOFT by Thawte, Inc. on December 16, 2010 with the serial number '3b9817fbe154b0346689e1852f9704a7'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.