home

ITF (AYTIEF)

Publisher Information

ITF (AYTIEF) is a software publisher located in Moscow, Russia*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
COMODO CA Limited

Valid from:
4/20/2016 8:00:00 PM

Valid to:
4/21/2017 7:59:59 PM

Subject:
CN=ITF (AYTIEF), O=ITF (AYTIEF), STREET=Verkhnyaya Maslovka street 28-2, L=Moscow, S=Moscow, PostalCode=127083, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
06ac8f16f957ec18e4d964461dc683c6

Scanner detections:
Detections  (84% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Kovter (M), PUP.Kovter.ITFAYTIE (M)
78.57%

ESET NOD32
Win32/Kovter.D trojan, Win32/Kovter.C trojan
33.33%

Dr.Web
Trojan.Kovter.118, Trojan.DownLoader15.5888, Trojan.MulDrop6.44083
26.19%

Kaspersky
Trojan.Win32.Kovter
23.81%

Norman
Gen:Variant.Symmi.48815, Gen:Variant.Symmi.48375
11.90%

Emsisoft Anti-Malware
Gen:Variant.Symmi.48815, Gen:Variant.Symmi.48375, Gen:Variant.Graftor.291329
11.90%

F-Secure
Variant.Symmi.48375, Variant.Midie.30552, Variant.Graftor.291329
11.90%

Microsoft Security Essentials
Threat.Undefined, Trojan:Win32/Kovter
11.90%

McAfee
Artemis!9223D4DBD54A, Trojan.Artemis!9A74B543569F, RDN/Generic.grp, Artemis!5A0A5F8A1C6F
9.52%

avast!
Win32:Malware-gen, Win32:Trojan-gen
9.52%

1 / 68      (PUP)
firefox-patch.exe (Tanyards by a16)  (75c447528c4e1df7c8d691cd9f7131de)

1 / 68      (PUP)
c2rnl99q.exe (Aktivere7 by a161)  (2156a2ba14cf8b757faf3f60ecea55da)

1 / 68      (PUP)
Setup.exe (Aktivere7 by a161)  (4d89b20a5d64a1b16e04cc17dab144c4)

1 / 68      (PUP)
firefox-patch.exe (Chooses by a161)  (d009a1940cde880342274e705ef160d5)

1 / 68      (PUP)
firefox-patch.exe (Christiansfelders by a16)  (7849cb20b15f64982bfbd227d1667a6a)

1 / 68      (PUP)
+vqrp2cx.exe (Normls2 by Hal 9001)  (c71bb5dc441a3112191538d9141b595e)

1 / 68      (PUP)
firefox-patch.exe (Startsignalet by Free Time)  (d08ce2edd3385f42845ef842d285f66e)

1 / 68      (PUP)
firefox-patch.exe (Aktivere7 by a161)  (d43ed574ae10693936c8e63a4090ec64)

1 / 68      (PUP)
firefox-patch.exe.pcpquar (Christiansfelders by a16)  (af39744546f404db1bc78df15c9d8bfb)

1 / 68      (PUP)
firefox-patch.exe (Tailors5 by Free Time)  (b43baa532fdb9353a450a9d0b6a17074)

1 / 68      (PUP)
firefox-patch.exe (Startsignalet by Free Time)  (e969c5422faa9b4f396a2eb3a41afc5c)

1 / 68      (PUP)
qe5i+adw.exe (Tailors5 by Free Time)  (8bd63102a01db5ce274e4326bacf35f6)

1 / 68      (PUP)
firefox-patch.exe (Tailors5 by Free Time)  (c8f16f4aa14000ba5d7c92dc9a09daf1)

1 / 68      (PUP)
firefox-patch.exe (Startsignalet by Free Time)  (3189a248effad1d6bc540b05d5d09adf)

1 / 68      (PUP)
firefox-patch.exe (Christiansfelders by a16)  (917f7496a9326bebcec6fd0587e68ebd)

22 / 68    (Malware)
firefox-patch.exe (Aktivere7 by a161)  (5a0a5f8a1c6f094b4ff6bd3ac2a5bc44)

28 / 68    (Malware)
firefox-patch.exe.infected (Hydrogenomonas by a161)  (7304867009ee5bfd0fe5ed1fe814f7db)

0 / 68
firefox-patch.exe (Startsignalet by Free Time)  (1eb4c9c27aedfa0f65ceb9ce0d5067f9)

1 / 68      (PUP)
flashplayer.exe (Iotacism0 by Free Time)  (9da65b58350305428cfd1962760414eb)

5 / 68      (Malware)
firefox-patch.exe (Aktivere7 by a161)  (9a74b543569ff864ecdd1e3a9f5c1a6d)

3 / 68      (PUP)
firefox-patch.exe (Tanyards by a16)  (699e06f3bcd27ea7213c682888c7c595)

3 / 68      (Malware)
flashplayer.exe (Chooses by a161)  (432e037d265252111eafe034cdf55eb4)

6 / 68      (Malware)
Setup.exe (Aktivere7 by a161)  (3ae92b01c3905cd63a510e3e278e2311)

2 / 68      (PUP)
firefox-patch.exe (Christiansfelders by a16)  (813ae86451287f4fccc1a0c4df0c4dc5)

3 / 68      (Malware)
Setup.exe (Unrequisiteness7 by Tmoo zero)  (ac6756266c553147e8d04e86174b98be)

3 / 68      (PUP)
firefox-patch.exe (Hydrogenomonas by a161)  (c58f76cd02c6480240931d45b98f5926)

4 / 68      (Malware)
flashplayer.exe (Autorisationshaveres3 by f632)  (250b4e6ac3e8f6e7a4b5b41b94780f4b)

0 / 68
firefox-patch.exe (Startsignalet by Free Time)  (a18a6b9222745fe66230d039e4743b2b)

3 / 68      (PUP)
firefox-patch.exe (Christiansfelders by a16)  (ab818b243b1aeb7a47b37ca6fda4384a)

5 / 68      (Malware)
475e7b761fddd1b42a82e44dbd9fe23efb948223 (Autorisationshaveres3 by f632)  (e7b69f848519a3a533c1131fd404cae5)

 
Latest 30 of 484 files

* Note, the details and description above are based on the code signing digital signature issued to ITF (AYTIEF) by COMODO CA Limited on April 20, 2016 with the serial number '06ac8f16f957ec18e4d964461dc683c6'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.