OOO NPP GARANT-SERVIS-UNIVERSITET

Publisher Information

OOO NPP GARANT-SERVIS-UNIVERSITET is a software developer located in Moscow, Russia*. The publisher primarily developes software that can be classified as adware. There is one additional code signing certificate issued to this publisher.
Remove OOO NPP GARANT-SERVIS-UNIVERSITET Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
4/27/2012 4:00:00 AM

Valid to:
4/28/2014 3:59:59 AM

Subject:
CN=OOO NPP GARANT-SERVIS-UNIVERSITET, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=OOO NPP GARANT-SERVIS-UNIVERSITET, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
27425545c3ce4e4b0f44524816a30c13

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OOONPPGARANTSERVISUNIVERSITET, PUP.Installer.OOONPPGARANTSERVISUNIVERSITET, PUP.OOONPPGARANTSERVISUNIVERSITET (M)
100.00%

Antiy Labs AVL
Trojan[:HEUR]/Win32.Unknown
60.00%

Qihoo 360 Security
Malware.QVM02.Gen
8.00%

Zillya! Antivirus
Dropper.StartPage.Win32.1619
4.00%

Trend Micro House Call
Suspicious_GEN.F47V1026
4.00%

The Hacker
Trojan/HmBlocker.cnf
2.00%

2 / 68      (PUP)
F1UsersSave.exe  (f6c342a0cc6a172f7bb72e1e6d93d628)

1 / 68      (PUP)
F1Shell.dll  (d9e8f909a152b632106f73904dacd48d)

1 / 68      (PUP)
F1Shell.dll  (1a33686d716d142038f0c47528ff1c5d)

2 / 68      (PUP)
gclean.exe  (e3e49859f7b3ef50f29d4ddd52f16727)

2 / 68      (PUP)
F1UsersSave.exe  (d3ad3fa7d0be7dd5d0c77183e7e851cb)

2 / 68      (PUP)
F1CacheHelper.run  (862f326814f5ec1ad68512edc99c0787)

2 / 68      (PUP)
F1CacheHelper.run  (6b7cfa35ffac1763b65e4709a5eddf30)

1 / 68      (PUP)
gsock32.dll  (8fcf1406bed00e48c9e8d0537ff502b5)

1 / 68      (PUP)
CSAdapter.dll  (895b9e89bb895c56ab82cb8d3fdef4aa)

2 / 68      (PUP)
F1Prime.exe  (8702c75bcc933380b85305c6cfa29168)

2 / 68      (PUP)
F1ConsultingChecker.exe  (6c148574f225f2b1426a091285856954)

4 / 68      (PUP)
garant.exe  (c36560e27164e3399abd41921ddc86b7)

1 / 68      (PUP)
gu978.dll  (21633d2263abc2833692f38586d584b9)

1 / 68      (PUP)
gsock32.dll  (170081b8d4e1497e05d470c6ad6d0dce)

1 / 68      (PUP)
gl.dll  (e6426896a9f0d365284bab233a257010)

2 / 68      (PUP)
F1Download.run  (e119bcd7bbb00b31e4fa3b732287475b)

3 / 68      (PUP)
F1DataUpd.run  (c1ca08d4c0f9ffe9399caa3e4f6e82f2)

1 / 68      (PUP)
F1DataSetup.run  (22bdf5ccc8ba7dc10adabddfe13fa5e1)

2 / 68      (PUP)
f1consultingchecker.run  (f4af10ad1521f0e40799986b062f822a)

1 / 68      (PUP)
CSAdapter.dll  (9b8c2088d5069bcbb7e05630ca177946)

2 / 68      (PUP)
F1SplashScreen.run  (282c70f17e7ff1018e8a343e2136f273)

2 / 68      (PUP)
F1Sleep.exe  (f623d1dbf8d89df3f225897efc1ffb9d)

2 / 68      (PUP)
F1Shell.run  (c1bfc80da1283ba75327066ff6a4d75d)

2 / 68      (PUP)
F1SendMail.exe  (fdbeb467301e6d67e8116be6106e3ecf)

1 / 68      (PUP)
F1Prime.run  (148af1f4025e449abfe686a277a51d85)

2 / 68      (PUP)
F1Prime.exe  (279ae037e73e816560cb8178ff233c5a)

2 / 68      (PUP)
F1EasyUpdate.exe  (5564fb1f3433ab883b9377ccdb89eebe)

1 / 68      (PUP)
F1ConsultingChecker.exe  (2dc53f189c7ba0c465764b99e988ef8e)

1 / 68      (PUP)
F1Admin.run  (8a50ff0fb0bd38a36014e3199844525c)

4 / 68      (PUP)
garant.exe  (40ef4d8e0163b6267722a02d007fac8b)

 
Latest 30 of 73 files

The following certificate is also signed by OOO NPP GARANT-SERVIS-UNIVERSITET.

26AA653AC0CD28F27ABDABD5A3A9DA30  (Aug 22, 2013 to Aug 22, 2016)

Remove OOO NPP GARANT-SERVIS-UNIVERSITET Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to OOO NPP GARANT-SERVIS-UNIVERSITET by VeriSign, Inc. on April 27, 2012 with the serial number '27425545c3ce4e4b0f44524816a30c13'.