Kimahri Software inc.

Publisher Information

Kimahri Software inc. is a software developer located in Montreal, Quebec in Canada*. The company is a primary distributor of adware type software. The subdivision of Yuna Software (Messenger Plus!), Kimahri developes and distributes web brower extensions using the Crossrider platform which is considered adware as the extensions it delivers may inject advertisements in the Internet browsers it is installed in. Through 3rd-party bundling mechanism the software is typically distributed. There is one additional code signing certificate issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
3/7/2013 1:00:00 AM

Valid to:
3/7/2016 12:59:59 AM

Subject:
CN=Kimahri Software inc., O=Kimahri Software inc., STREET=666 Sherbrooke Rue w, L=Montreal, S=Quebec, PostalCode=H3A 1E7, C=CA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00a1bb8569950c0b2080a11a0e2f618b33

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Crossrider.KimahriSoftwareinc.S, PUP.KimahriSoftwareinc.E, PUP.Crossrider.KimahriSoftwareinc.R, PUP.KimahriSoftwareinc.J, PUP.Crossrider.KimahriSoftwareinc.K, PUP.Crossrider.KimahriSoftwareinc.Q, PUP.KimahriSoftwareinc.R, PUP.KimahriSoftwareinc.Q, PUP.Installer.KimahriSoftwareinc.F, PUP.KimahriSoftwareinc.h, PUP.KimahriSoftwareinc.H
100.00%

G Data
Gen:Adware.Plush, Win32.Application.Plush, Gen:Variant.Adware.Kazy.374062, Gen:Variant.Adware.Kazy.374109, Gen:Variant.Adware.Graftor.154594
86.00%

VIPRE Antivirus
Crossrider, Threat.4789396
84.00%

Panda Antivirus
PUP/PlusHD
80.00%

Baidu Antivirus
Trojan.Win32.Toolbar, Adware.Win32.CrossRider, Adware.Win32.CrossAd, Adware.Win32.AddLyrics, Adware.Win64.Crossrider
72.00%

Malwarebytes
PUP.Optional.PlusHD.A, PUP.Optional.ScramblePacker.A, PUP.Optional.Feven.A, PUP.Optional.CrossRider.A, PUP.Optional.HQPro.A
68.00%

Avira AntiVirus
Adware/CrossRider.A.661, Adware/CrossRider.A.2748, Adware/CrossRider.A.1109, ADWARE/CrossRider.Gen2, Adware/CrossRider.A.5853
58.00%

ESET NOD32
Win32/Toolbar.CrossRider (variant), Win32/Toolbar.CrossRider.AA (variant), Win32/Toolbar.CrossRider.AI (variant), Win32/Toolbar.CrossRider.AC (variant)
50.00%

Trend Micro House Call
TROJ_GEN.R047H0AIG13, TROJ_GEN.F47V1122, TROJ_GEN.F47V1111, TROJ_GEN.F47V0607, TROJ_GEN.F47V0604, TROJ_GE.91F69D18, TROJ_GEN.F47V0426
50.00%

Dr.Web
Adware.Plugin.73, Trojan.Crossrider.41, Trojan.Crossrider.22661, Trojan.Crossrider.27207, Trojan.Crossrider.17414, Trojan.Crossrider.10
48.00%

8 / 68      (Adware)
jwktmwegtgm.exe  (759d9e107f9d9ae334b96c6ec5b5d0e2)

15 / 68    (Adware)
402059 (Freeven pro 1.2 by Freeven)  (2d8678c0d05fa0d65e8a36cdd103b8e6)

6 / 68      (Adware)
plushduk.exe (by Wmerpkfkhi)  (ab92c176301fbaa4bbf19e4686ae98d0)

1 / 68      (Adware)
clipyhd.exe  (a794ada805c906ccadf2221c364e1c22)

1 / 68      (Adware)
freeven-prox-1-4.exe (Clzrxyalr by Sxpvjopxeulsa)  (c39744077f9bc4085a9c054c10d96c87)

12 / 68    (Adware)
hdplus-de.exe (Eisfglwputeejq by Xjrbubzhxrrbhm)  (4716ff25c2cefd2137912fbc7987c1bc)

22 / 68    (Adware)
freeven pro-bho64.dll (Freeven pro by Freeven)  (6f0eea56d7fcfe4aaa0dd8a873342024)

17 / 68    (Adware)
setup.exe  (a3dd18c0f73cff935310414a1c2f74af)

34 / 68    (Adware)
plus-hd-2.3-bho.dll (Plus-HD-2.3 by Plus HD)  (5d550f2cfba67c4985f8d2f274224912)

33 / 68    (Adware)
plus-hd-2.3-updater.exe (Plus-HD-2.3 by Plus HD)  (6ef98e8ae8b351c3c5d0568837409aff)

22 / 68    (Adware)
plus-hd-2.3-firefoxinstaller.exe (Plus-HD-2.3 by Plus HD)  (54b9f8153dffe01047264ff47cfa882a)

28 / 68    (Adware)
plus-hd-2.3-codedownloader.exe (Plus-HD-2.3 by Plus HD)  (f7cb78c9cd38a62f3bcdba2272435fe3)

23 / 68    (Adware)
plus-hd-2.3-chromeinstaller.exe (Plus-HD-2.3 by Plus HD)  (2a58592f095c0839892905f67fc5f4a6)

11 / 68    (Adware)
dab5f21e-b400-4fc3-8787-aeb2b3d5af62-11.exe (Torpedo)  (570e317d7a7b33f4bf75e7f1649c5bdf)

6 / 68      (Adware)
plus-hd-0.1-bho64.dll (Plus-HD-0.1 by Plus HD4)  (6e955154ae17c7240e19308530ec45cf)

6 / 68      (Adware)
plus-hd-4.9-buttonutil.dll  (a9a842d115666d74f25032c6dfd89889)

2 / 68      (Adware)
uninstall.exe  (9cc0d92bf38ae820bfdb0b90986acdf5)

7 / 68      (Adware)
plus-hd-4.9-helper.exe  (9e991ffd9f62b0c5e807bf16a8a4e55d)

21 / 68    (Adware)
plus-hd-4.9-buttonutil.exe (Plus-HD-4.9 by Plus HD)  (b71d8f05485e90cd9cf6b55b3764cb92)

47 / 68    (Adware)
plus-hd-4.9-bg.exe (Plus-HD-4.9 by Plus HD)  (950214bb3dc4549b5d4e3b8f599ef405)

16 / 68    (Adware)
setup.exe (Yjfdudqddr by Hyeoymrbgbspvn)  (45cbef5e4d40785ec05f1dac299a7fd9)

25 / 68    (Adware)
setup.exe (Lcrmnsqblq by Bdnlnelmslirm)  (fbacbb680990b1186782d79ce4cb1bb2)

8 / 68      (Adware)
freeven pro-nova.dll  (28bc9370619dbee6674b6bfcda500219)

22 / 68    (Adware)
freeven pro-bho64.dll (Freeven pro by Freeven)  (477489a86a2b67af3156760dbf30a98d)

9 / 68      (Adware)
uninstall.exe  (4204bff61dbef65ca4af65c89ea33582)

23 / 68    (Adware)
freeven pro-bg.exe (Freeven pro by Freeven)  (08dd9f96db262366777e36592a9bb03d)

22 / 68    (Adware)
freeven pro-bho.dll (Freeven pro by Freeven)  (685c96ee88459e0be549356ec7002081)

13 / 68    (Adware)

9 / 68      (Adware)
mwlvev.exe  (4331575b59be8e9da602ca9bbd4dd88c)

27 / 68    (Adware)
hqpro-1-bho.dll (HQPro-1 by HQ-1.9)  (a28211b1e1da3241c10294d91fee8d01)

 
Latest 30 of 7,047 files

The following certificate is also signed by Kimahri Software inc..

07C63B61BAA996BF90FF340CD94B17DA  (Jun 20, 2012 to Jun 21, 2013)

The following publishers (by Authenticode signature organization name) are related.

Detection Incidence by Country
* Note, the details and description above are based on the code signing digital signature issued to Kimahri Software inc. by COMODO CA Limited on March 07, 2013 with the serial number '00a1bb8569950c0b2080a11a0e2f618b33'.