JANDER PINTO DA SILVA

Publisher Information

JANDER PINTO DA SILVA is a software developer located in PALMAS, Tocantins in Brazil*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Remove JANDER PINTO DA SILVA Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
9/12/2013 9:00:00 PM

Valid to:
9/12/2014 8:59:59 PM

Subject:
CN=JANDER PINTO DA SILVA, OU=Individual Developer, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=No Organization Affiliation, L=PALMAS, S=TOCANTINS, C=BR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1fc6ad26672cba136e6b00334840ca37

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Startup.JANDERPINTODASILVA.C, PUP.BHO.JANDERPINTODASILVA.K, PUP.JANDERPINTODASILVA.Q, PUP.JANDERPINTODASILVA.C, PUP.JANDERPINTODASILVA.F, PUP.JANDERPINTODASILVA.H, PUP.JANDERPINTODASILVA (M), PUP.JANDERPINTODASILVA.Installer (M)
97.62%

VIPRE Antivirus
Trojan.Compcert.121913
76.19%

ESET NOD32
Win32/Spy.Banker.YQP (variant), Win32/Spy.Banker.ZTC (variant), Win32/Spy.Banker.AAUT (variant)
33.33%

IKARUS anti.virus
Win32.SuspectCrc, Trojan-Banker.Win32.Banbra, Trojan-PWS.Banker6, Trojan.SuspectCRC
30.95%

Sophos
Mal/Banker-AA, Mal/DelpBanc-A
30.95%

Antiy Labs AVL
Trojan[Spy]/Win32.Agent, Trojan[Banker]/Win32.Lohmys, Trojan[Ransom]/Win32.PornoBlocker
23.81%

G Data
Gen:Variant.Symmi.15277, Gen:Variant.Symmi.17389, Dropped:Trojan.GenericKD.1642179, Trojan.GenericKD.1673006
21.43%

Fortinet FortiGate
W32/Banker.YQP!tr.spy, W32/Banker.AA!tr.spy, W32/Banker.A!tr.spy, W32/Lohmys.A!tr, W32/Banker.AAUT!tr.spy
21.43%

AVG
PSW.Banker6
21.43%

herdProtect (fuzzy)
a variant of 7c72d79e976c72354628f03b206052ccba5b76a3, a variant of 02d5814c5c88ee066083f11e7748a4eb981d7833, a variant of 1c6fd5184b216195b3ef6fb22b559e533f0cf8b4
19.05%

1 / 68      (Adware)
install.exe  (311eaebe3fec293109a9e42758a12541)

1 / 68      (Adware)
ssleay32.dll  (8df7fa70701c517a6e835c84e580a33b)

1 / 68      (Adware)
p4.exe (Countdown by LimaRegister)  (d34673b6d1d1421205fdb69e3f908214)

1 / 68      (Adware)
libeay32.dll  (c7b4a3e1bce70b0913464ff9c3548381)

1 / 68      (Adware)
install.exe  (9913933f573c6005d550a3c02d2cf51e)

1 / 68      (Adware)
p2.exe (NITSUI Flash by NITSUI)  (d1577b1321a725699c55bdd52c70ad74)

1 / 68      (Adware)
skypesetup.exe  (c1cf6673638293809098ea3ce77aab5b)

1 / 68      (Adware)
solutionge.dll (Solutions)  (4f2536f1c8cf6c32ff94c9658a840ad9)

1 / 68      (Adware)
ssleay32.dll  (fbbf92be7a96567423ffad0a5a51d1e2)

1 / 68      (Adware)
libeay32.dll  (38a79137d08629e04d7823411498b3e1)

2 / 68      (Adware)
ssleay32.dll  (acf46a19180e1d29a178c20cf13d9ede)

2 / 68      (Adware)
libeay32.dll  (30938ec60b019d31e1d16143c19548b1)

26 / 68    (Adware)
beg.exe (Query by Assuz)  (b9c47a96c19cbe68dce09f1452e1e7a6)

37 / 68    (Adware)
wrar501br.exe  (b0ecef675483eb09108dcbcf2404a294)

2 / 68      (Adware)
ssleay32.dll  (785a47755119d5ff16dc5a0134f26099)

2 / 68      (Adware)
libeay32.dll  (60ea21c199287d088c8c4093efcf292a)

3 / 68      (Adware)
install.exe  (a55c0f30131ae59c194191e5e65a8de0)

8 / 68      (Adware)
d4ger.exe (D4 by Tronic.inc)  (ca3de84c8d0420da8e5c04c3987f8a71)

10 / 68    (Adware)
d3.exe (D3 by Tronic.inc)  (8d9c77fcc2ecd2706c5fd168d4440468)

4 / 68      (Adware)
d2.exe (D2 by Tronic.inc)  (16ba1860a58f105ceb037fb9032663fc)

4 / 68      (Adware)
solutionhs.dll (Salvation.dll by Salvation)  (47ce248d3a9498d5df34b3fb6c4c893d)

3 / 68      (Adware)
solutionge.dll (Salvation.dll by Salvation)  (53544e90a4d1d09e885c01c78ea51754)

2 / 68      (Adware)
install.exe  (0e1f1ab37f8eb4d13846e2cc200c57cf)

19 / 68    (Adware)
d4ger.exe (D4 by Tronic.inc)  (5fa7f32d4282ea18802a6b0c9aeae1d8)

18 / 68    (Adware)
d3.exe (D3 by Tronic.inc)  (a9d46b839fa6e639cac5fcb739f01725)

21 / 68    (Adware)
javainstall-7u51.exe  (fb5ad02c56c7b6d2d77d478d3d4015a1)

2 / 68      (Adware)
solutionhs.dll (Salvation.dll by Salvation)  (d5b29baf7eed59f684ce99fc63a2c2a0)

2 / 68      (Adware)
solutionge.dll (Salvation.dll by Salvation)  (fcbf4f6a31c5bf52a5bbc76ec5036e4c)

3 / 68      (Adware)
d2.exe (D2 by Tronic.inc)  (30cc3cda6dab58025b26ce3a53d8cef7)

1 / 68      (Adware)
install.exe  (827a93dc72592ff74c2b1d6a66b703a5)

 
Latest 30 of 42 files

Downloads URLs for files signed by JANDER PINTO DA SILVA.

37 / 68    (Adware)
https://baixador.googlecode.com/.../wrar501br.exe  (b0ecef675483eb09108dcbcf2404a294)

37 / 68    (Adware)

20 / 68    (Adware)

23 / 68    (Adware)
http://jadownload.com/.../java.php  (javainstall-7u51.exe)

The following websites host and distribute files published by JANDER PINTO DA SILVA.

The following certificate is also signed by JANDER PINTO DA SILVA.

56ED3CE67ED5492A8A92F257CCC586CB  (Oct 12, 2014 to Oct 13, 2015)

Remove JANDER PINTO DA SILVA Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to JANDER PINTO DA SILVA by VeriSign, Inc. on September 12, 2013 with the serial number '1fc6ad26672cba136e6b00334840ca37'.