home

OOO Russkie Internet Reshenija

Publisher Information

OOO Russkie Internet Reshenija is a software publisher located in Moscow, Russia*. The publisher primarily developes software that can be classified as adware. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
12/29/2012 4:00:00 AM

Valid to:
2/28/2015 3:59:59 AM

Subject:
CN=OOO Russkie Internet Reshenija, OU=IT Department, O=OOO Russkie Internet Reshenija, L=Moscow, S=Moscow, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
70e974f1d705599bd16fe4cfa4da84a9

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.OOORusskieInternetReshenija, PUP.Installer.OOORusskieInternetReshenija, PUP.OOORusskieInternetReshenija (M), PUP.OOORusskieInternetReshenija.Installer (M), Common.OpenSSLPackaged.PUP.OOORusskieInternetReshenija (M), Common.PUP.OOORusskieInternetReshenija (M), Common.CRuntimePackaged.PUP.OOORusskieInternetReshenija (M), PUP (M), Common.PartOf.PUP.OOORussk (M), PUP.OOORussk.Installer (M)
100.00%

F-Prot
W32/Downloader-Web-based!Maximu
6.00%

Trend Micro House Call
TROJ_GEN.R0CBH01H513
2.00%

1 / 68      (PUP)
qip.exe (QIP 2012 by QIP)  (ef6fb755e07eabede031acc0ce1bb59b)

1 / 68      (PUP)
qip.exe (QIP 2012 by QIP)  (d18c734303c5dfbd38419ba9331b6496)

1 / 68      (PUP)
unins000.exe  (6b92dbc724ef0752f3c0032f833d6503)

1 / 68      (PUP)
qip.exe (QIP 2012 by QIP)  (391482e73d28fd43c54d1bab715da7bd)

1 / 68      (PUP)
qip.exe (QIP 2012 by QIP)  (ca8893e79a1256bb2b46f5a15f787dd3)

1 / 68      (PUP)
qip.exe (QIP 2012 by QIP)  (90e481864210187a3b72c483c7d31df3)

1 / 68      (PUP)
perfh00c.dat  (336ec3801a2f2f3eb50d2492715ac9cf)

1 / 68      (inconclusive)
isxdl.dll (ISX Download DLL by Bjørnar Henden)  (a40f34df6ab0dfff5f092cb26e4f6d05)

1 / 68      (PUP)
icq_pics.dll  (da9d890a351dc71284adc0cacc0ad43f)

1 / 68      (PUP)
graph.dll  (51897b21f6b859073e9fc5d27403668f)

1 / 68      (PUP)
win7helper.dll  (3c6cd5d39b666a5b74c5b45e4ee8569d)

1 / 68      (PUP)
qipradio.dll  (451e4999793e7ec35f22f739c413b340)

1 / 68      (PUP)
qipcurrency.dll  (454e07f17307d98eec5d544088ef14b3)

1 / 68      (PUP)
cards.dll  (a892c18875fc17eb170d57e17cf312c0)

1 / 68      (PUP)
infiumdetect.dll  (4dffc7eba4cb49ebbc8bd4d32414ea86)

1 / 68      (PUP)
unins000.exe  (4d40ca1151d08f0c21b41ace4166ef4c)

1 / 68      (PUP)
unins000.exe  (ed80bae38e0d7323a5fca4b5f9ebef55)

1 / 68      (PUP)
qip2012.exe (QIP 2012 by QIP.ru)  (edbd7c2cb4dd503d9adfc4b66d6cfe5e)

1 / 68      (PUP)
updater.exe (QipGuard updater by QIP.ru)  (6c88cfda0e4ba8a90f760497bfbc7a63)

1 / 68      (PUP)
chrome.dll  (e32b9317bfc8a2654c6c752998cd422d)

1 / 68      (PUP)
unins000.exe  (011c9efbdab56476f3b32ea01488ec28)

1 / 68      (PUP)
QStatSrv.dll (TODO: <Product name> by TODO: <Company name>)  (63aa0b5cfafb3c92323313904d60a130)

1 / 68      (inconclusive)
MSVCR90.DLL (Microsoft Visual Studio 2008 by Microsoft)  (aa687789a7f4fc757298dcf1b085e4d4)

1 / 68      (inconclusive)
MSVCP90.DLL (Microsoft Visual Studio 2008 by Microsoft)  (de14499f6fe4b982dbcb2aae140c7c1e)

1 / 68      (PUP)
dsfvorbisencoder.dll  (313a57d652f3089d96ddef5e361a9764)

1 / 68      (PUP)
dsfvorbisdecoder.dll  (3381727d7a5f3e2a1ff10f39194066f4)

1 / 68      (PUP)
dsfoggmux.dll  (be2e42a15533eea2f57409ad8b10d6e0)

1 / 68      (PUP)
dsfoggdemux2.dll  (6167dd0fd66a231f714e71b9d77597f0)

1 / 68      (PUP)
xmpp.dll  (a77072ea7398a0a5e02f0b74ca1743c8)

1 / 68      (inconclusive)
openssleay32.dll (The OpenSSL Toolkit by The OpenSSL Project, http://www.openssl.org/)  (a71e4603bde4be83809f1e2e07d671e9)

 
Latest 30 of 189 files

Downloads URLs for files signed by OOO Russkie Internet Reshenija.

1 / 68      (PUP)
http://download.qip.ru/.../qip2012_nosms_8921.exe  (edbd7c2cb4dd503d9adfc4b66d6cfe5e)

2 / 68      (PUP)
http://download.qip.ru/.../qip2012.exe  (321e8417a04ed93e6e1120099a8fb238)

3 / 68      (PUP)
http://download.qip.ru/.../qip2012_nosms_8921.exe  (94ed461a62ff6f30f643e8c06a878436)

The following websites host and distribute files published by OOO Russkie Internet Reshenija.

download.qip.ru

The certificates below are also signed by OOO Russkie Internet Reshenija.

4D3719C982A3F74F3C5017CA380E9B3B  (Nov 18, 2010 to Jan 17, 2013)

01E694F0EE33389EFA689F9AAF6C8359  (Dec 11, 2009 to Dec 12, 2010)

* Note, the details and description above are based on the code signing digital signature issued to OOO Russkie Internet Reshenija by Thawte, Inc. on December 29, 2012 with the serial number '70e974f1d705599bd16fe4cfa4da84a9'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.