home

LLC LVIV IT!

Publisher Information

LLC LVIV IT! is a software publisher located in Stryy, Lvivska in Ukraine*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
COMODO CA Limited

Valid from:
2/17/2016 3:00:00 AM

Valid to:
2/17/2017 2:59:59 AM

Subject:
CN=LLC LVIV IT!, OU=IT, O=LLC LVIV IT!, STREET="vul. Saksahanskoho, 2", L=Stryy, S=Lvivska, PostalCode=82400, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
070e2550d28aff375a722d4a8040623a

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.HomePageDefender, PUP.LVIVIT (M), PUP.LVIVIT.Installer (M), PUP (M)
84.00%

Dr.Web
Trojan.StartPage1.26408, Trojan.StartPage1.28159, Trojan.StartPage1.28166
36.00%

Kaspersky
not-a-virus:AdWare.Win32.Clicker, Trojan.Win32.Karamanak
34.00%

Qihoo 360 Security
QVM20.1.Malware.Gen, HEUR/QVM20.1.0000.Malware.Gen
6.00%

ESET NOD32
Win32/Toolbar.Neobar.BH potentially unwanted application
6.00%

AVG
Generic, Win32/Neshta.A
6.00%

Quick Heal
(Suspicious) - DNAScan
4.00%

ESET NOD32
Win32/Toolbar.Neobar.BH potentially unwanted (variant)
4.00%

AhnLab V3 Security
Trojan/Win32.StartPage
4.00%

VIPRE Antivirus
Threat.4150696
4.00%

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (b3e5df72fa592e66a9b6cb4ed3ecab2d)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (d4288efe6d050e7d34725849ceb4cb51)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (d3ae19be723018e5d94fff51edc8b802)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (b1b3f2c2313125cebc18092f2e8440aa)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (b3e5df72fa592e66a9b6cb4ed3ecab2d)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (a3b9ab77c8dad6c165abbd4f4f6a7cea)

1 / 68      (Malware)
ImageEd.exe (ImageEd)  (192c8198ae136bda2b6f8fea07ff44b0)

1 / 68      (Malware)
Не подтверждено 778488.~ (µTorrent by BitTorrent)  (6b51b1c4fb89d34de800b87b61de27f1)

1 / 68      (Malware)
uTorrent.exe (µTorrent by BitTorrent)  (ba44473a81ecc255884cb2b5f5d08d23)

1 / 68      (Malware)
fp_setup_win.exe (Adobe Flash Player by Lviv IT)  (550b7ccc133738ff97d679cd3ba93340)

9 / 68      (PUP)
imageed.exe  (bdbd0727559de7b44f65f8c14b5bc135)

1 / 68      (Malware)
serchic-wd.ru_cis.exe  (a7ef0feda9d386ad39d386b2aaf1f9fb)

3 / 68      (PUP)
chrome_update.exe (Google Chrome by Google)  (fda920b3d72728f6a89672e07a900c70)

1 / 68      (PUP)
shockwave_setup.exe (by Lviv IT)  (c78d941d2b8e1f13c358209315c5d761)

1 / 68      (PUP)
ImageEd.exe (ImageEd)  (b3e5df72fa592e66a9b6cb4ed3ecab2d)

1 / 68      (PUP)
2654d779.dll  (0418c9b93699a7333a7a334c85d47c21)

1 / 68      (PUP)
fp_setup.exe (Adobe Download Manager by Adobe Systems)  (80d80316d5d188bb1e62d1d33dc28f8d)

7 / 68      (PUP)
не подтверждено 56012.~ (Google Chrome by Google)  (468ecdeeadbcc0a928ac9508b4a27cfb)

1 / 68      (PUP)
kdns.exe (Batch utilities by Mark Witney)  (81d16e9cf39a8125c3b625411e573442)

1 / 68      (PUP)
3e2bef8a.dll  (313c2a96aa662bcf6c1fbfc7aa7c2042)

1 / 68      (PUP)
shockwave_setup.exe (by Lviv IT)  (c55cdd3b7705107fd45d3a3e70033992)

4 / 68      (PUP)
shockwave_setup.exe (by Lviv IT)  (2530a11c4fa57fd3f9cdc30c8fd40878)

1 / 68      (PUP)
fp_setup_win.exe (Adobe Flash Player by Bit-Trejd)  (69359e87001df84ea62ccf373b6794ce)

1 / 68      (PUP)
setup.exe (Adobe Flash Player Installer/Uninstaller 21.0 r0 by Bit-Trejd)  (1ccfa07b1ea639b249dcc6ca868199e3)

1 / 68      (PUP)
setup.exe (Adobe Flash Player Installer/Uninstaller 21.0 r0 by Adobe Systems)  (d161e8ec6e0cd53be678be06310c5878)

1 / 68      (PUP)
setup.exe (Adobe Flash Player Installer/Uninstaller 21.0 r0 by Adobe Systems)  (b62ddd4250c6109969681dc42f6af12d)

1 / 68      (PUP)
setup.exe (Adobe Flash Player Installer/Uninstaller 21.0 r0 by Adobe Systems)  (de25adc64bd0abdf260eb6b94ee0114f)

2 / 68      (PUP)
ImageEd.exe (ImageEd)  (3ebaedfb610ae67f02d10f63750c0711)

2 / 68      (PUP)
ImageEd.exe (ImageEd)  (bbe21bf16281cc9f6fac20503305c6d1)

3 / 68      (PUP)
daemon_patched.exe  (6f97d0b383d64076781aa0f0da8f2a91)

 
Latest 30 of 122 files

Downloads URLs for files signed by LLC LVIV IT!.

3 / 68      (PUP)
https://onona.ru/userfiles/.../chrome_update.exe  (fda920b3d72728f6a89672e07a900c70)

1 / 68      (PUP)
https://raw.githubusercontent.com/sup27/flashplayer/master/.../setup.exe  (b62ddd4250c6109969681dc42f6af12d)

The following websites host and distribute files published by LLC LVIV IT!.

onona.ru

raw.githubusercontent.com

The following publishers (by Authenticode signature organization name) are related.

Vistumbler.net

Hostplanet Ltd

Brave New Software Project, Inc.

E GONCALVES DE SOUSA - ME

CONSTRUTORA NOVO PARQUE LTDA - ME

Brave New Software Project, Inc

Prolific Technology Inc.

Bit-Trejd

Oren Nachman

Wizdave\David

TrueCrypt Foundation

Emby LLC

* Note, the details and description above are based on the code signing digital signature issued to LLC LVIV IT! by COMODO CA Limited on February 17, 2016 with the serial number '070e2550d28aff375a722d4a8040623a'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.