OPEN.co., ltd

Publisher Information

OPEN.co., ltd is a software developer located in "Gangnam-gu,", Seoul in Korea*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Remove OPEN.co., ltd Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
12/24/2012 9:00:00 AM

Valid to:
2/23/2015 8:59:59 AM

Subject:
CN="OPEN.co., ltd", O="OPEN.co., ltd", L="Gangnam-gu,", S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
548aad77f8523322625f42520037ea48

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Startup.OPENcoltd.L, PUP.OPENcoltd.D, PUP.Toolbar.OPENcoltd.H, PUP.Installer.OPENcoltd.O, PUP.Installer.OPENcoltd.Q, PUP.OPENco.Installer (M), PUP.OPENco (M)
100.00%

avast!
Win32:Adware-AZE [Adw], Win32:Adware-ATR [Trj]
57.45%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), VIRUS_UNKNOWN
53.19%

Trend Micro House Call
TROJ_GEN.F47V1210, TROJ_GEN.F47V0913, TROJ_GEN.F47V0904, TROJ_GEN.F47V1004, TROJ_GEN.F47V1104, TROJ_GEN.F47V0122, TROJ_GEN.F47V0224, TROJ_GEN.F47V0417
38.30%

Qihoo 360 Security
Win32/Trojan.Adware.37e, Unnamed.Threat
29.79%

Dr.Web
BackDoor.Infector.50, BackDoor.Infector.133, Trojan.Adkor.110
27.66%

Comodo Security
ApplicUnwnt, UnclassifiedMalware, Heur.Suspicious
23.40%

ESET NOD32
Win32/Adware.BHO.NJC (variant), Win32/Adware.Winggo.AD (variant)
23.40%

Malwarebytes
Adware.KorAd, PUP.Optional.PowerSearch.A
21.28%

Avira AntiVirus
Adware/Adware.AZE.16, ADSPY/AdSpy.Gen2, Adware/Symmi.36013.29
19.15%

1 / 68      (Adware)
IEsearchhelp.exe (IEsearchhelp by OPN)  (ad8243a77bac62e3afc1f6d8d765c8d5)

1 / 68      (Adware)
windowunitpop005.exe (windowunitpop by OPN.co.,ltd)  (397384411b198248a18606de9d087b23)

26 / 68    (Adware)
powersearch006.exe (powersearch by OPN.co.,ltd)  (7bb26850a2b08cef1c145843f5d50230)

1 / 68      (Adware)
microadbar010.exe (microadbar by OPN.co.,ltd)  (293b5fa96708aed43cb11728e4246d6b)

1 / 68      (Adware)
microab.exe (microadbar by OPN)  (963338069f2f20ab6e64a6f10763c50d)

1 / 68      (Adware)
microadbar014.exe (microadbar by OPN.co.,ltd)  (d857ebc05b7c1385f75bc326184be62f)

1 / 68      (Adware)
microadbar021.exe (microadbar by OPN.co.,ltd)  (e8301988105324e195727039855554b9)

1 / 68      (Adware)
powersearch.exe (powersearch by OPN)  (7657c01b7fbdb96c458926ac330e5ee8)

1 / 68      (Adware)
powersearch006.exe (powersearch by OPN.co.,ltd)  (66eca83fa885c6ce5bb3f3325d051c05)

1 / 68      (Adware)
winapp.exe.bak2 (winapp by OPN)  (2f164e701ad6f98fc176348c404c92f8)

1 / 68      (Adware)
iesearchtool.exe (IEsearchtool by OPN.co.,ltd)  (7e525e30eb635eb04e91df37e813d502)

1 / 68      (Adware)
powersearch003.exe (powersearch by OPN.co.,ltd)  (be502c7a4de25d8b20d42b122988c432)

1 / 68      (Adware)
winst.exe (winsigntool by OPN)  (186a9554637e55b29aa6b9866ce9e7c5)

1 / 68      (Adware)
powersearch.exe.bak2 (powersearch by OPN)  (4d077c2c582478c0dd7d9375b0312280)

1 / 68      (Adware)
chocosupporterh.dll (by OPEN.s)  (6176d5632cbb67069b50a8a266ca168b)

1 / 68      (Adware)
IEsearchhelp.exe (IEsearchhelp by OPN)  (da795039f4fab006e0735c4bfbd7d9a1)

1 / 68      (Adware)
powersearch003.exe (powersearch by OPN.co.,ltd)  (4f2ec86ac3b8d47d59c58ccd2de90ea5)

1 / 68      (Adware)
iesearchtool.exe (IEsearchtool by OPN.co.,ltd)  (00d39770cfb4a1f653be50d26d46845b)

7 / 68      (Adware)
setup_files2.exe (microadbar by OPN.co.,ltd)  (d2c1b33785bb52afbfbe51f6391d7b05)

6 / 68      (Adware)
powersearch.exe.bak2 (powersearch by OPN)  (c0498544d600b821942002069d20c6a3)

6 / 68      (Adware)
powersearch.exe (powersearch by OPN)  (bb5d36df4eaed043b1d503d217d1cff8)

2 / 68      (Adware)
winst.exe (winsigntool by OPN)  (4fdec23c708dcffcd4e6567c5a00221b)

5 / 68      (Adware)
hadarea.dll  (5d71d28e587432548002b64b9fadf05f)

14 / 68    (Adware)
iesearchhelp004.exe (IEsearchhelp by OPN.co.,ltd)  (005c011607924a16e6f99821b1dc0f1e)

11 / 68    (Adware)
tadarea.dll  (0280d9f8832e0985f31cac410ce2fd20)

5 / 68      (Adware)
IEsearchtool.exe (IEsearchtool by OPN)  (c6fbf1bc22d47ec7cdf11f6a1f8d2901)

11 / 68    (Adware)
hna.dll  (faded2b68e474118e9319f05f520bc04)

21 / 68    (Adware)
powersearch006.exe (powersearch by OPN.co.,ltd)  (f22745e8e80c05dffacbfb1bd60fa921)

6 / 68      (Adware)
microadbar013.exe (microadbar by OPN.co.,ltd)  (8b1d9398950e6148ed2a41f6d3cae8e8)

1 / 68      (Adware)
winapp.exe.bak2 (Winapp for Windows by OPN)  (35b0238896a992d38cde70e09c62f56c)

 
Latest 30 of 47 files

The certificates below are also signed by OPEN.co., ltd.

5106D7E3FBF1E6CEC1B36F2B94378E7C  (Dec 09, 2011 to Jan 08, 2013)

6C7B063829C3429B03759FEF1CAA5B82  (Nov 11, 2010 to Dec 12, 2011)

689CF4033CD2A9B34E786D27865C6878  (Nov 20, 2009 to Nov 21, 2010)

Remove OPEN.co., ltd Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to OPEN.co., ltd by Thawte, Inc. on December 24, 2012 with the serial number '548aad77f8523322625f42520037ea48'.