Thinknice Co. Limited

Publisher Information

Thinknice Co. Limited is a software developer located in Hong Kong*. The company is a primary distributor of unwanted software. Thre are 19 additional code signing certificates issued to this publisher.
Remove Thinknice Co. Limited Malware - Powered by Reason Core Security
Authority:
GlobalSign nv-sa

Valid from:
11/26/2013 7:34:13 AM

Valid to:
11/27/2014 7:34:13 AM

Subject:
CN=Thinknice Co. Limited, O=Thinknice Co. Limited, L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218a5ef69a65044fe28125681d829b5efe

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ThinkniceCoLimited.N, PUP.ThinkniceCoLimited.O, PUP.ThinkniceCoLimited.J, PUP.ThinkniceCoLimited.K, PUP.Installer.ThinkniceCoLimited.G, PUP.Service.ThinkniceCoLimited.N, PUP.ThinkniceCoLimited.P, PUP.Installer.ThinkniceCoLimited.P, PUP.ThinkniceCoLimited.G, PUP.Thinknice.ThinkniceCo (M), PUP.Thinknice.ThinkniceCo.Installer (M)
100.00%

G Data
Win64.Application.SubTab, Win32.Application.SubTab, Adware.PUQG, Adware.Agent.OFO, Adware.Generic.954811
84.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent
76.00%

Baidu Antivirus
Trojan.Win64.Thinknice, Adware.Win32.Agent, Adware.Win32.ELEX, Adware.Win32.Thinknice, Adware.Win64.Thinknice, PUA.Win64.Thinknice
72.00%

Malwarebytes
PUP.Optional.Skytech.A, PUP.Optional.SupTab.A, PUP.Optional.IePluginService.A, PUP.Optional.IEPluginService.A
72.00%

Sophos
Elex, Generic PUA GG, PUA 'Elex' (of type Adware)
66.00%

Dr.Web
Adware.Mutabaha.50, Adware.Toolbar.244, Adware.Elex.4, Trojan.Damaged.1, Threat.Undefined, Trojan.Click3.8659, Trojan.Click3.8518
62.00%

Agnitum Outpost
Riskware.Agent, PUA.Agent
54.00%

Vba32 AntiVirus
AdWare.Agent, AdWare.Agent.aizo, BScope.Trojan-Dropper.Injector
54.00%

ESET NOD32
Win64/Thinknice, Win32/Thinknice, Win32/ELEX.AD (variant), Win32/ELEX.AR potentially unwanted, Win32/Thinknice (variant)
50.00%

1 / 68      (Adware)

32 / 68    (Adware)

1 / 68      (Adware)
suptab.exe  (a9884bb529a3959099c3054a1016936d)

30 / 68    (Adware)
suptab.dll (SupTab by Thinknice Co. Limited)  (34d3a78d52c3966605d70560da98ca57)

18 / 68    (Adware)
dpinterface32.dll (Skytech by Skytech Co.)  (937d81f689899593e6178c73f8801e97)

1 / 68      (Adware)
spappsv64.dll (1.0.3.128 by Skytech Co.)  (47dc47bb051998dcdd664cd2a44feef4)

1 / 68      (Adware)
spappsv32.dll (1.0.3.128 by Skytech Co.)  (c5d525e515640a11972ff18d44ade4fe)

1 / 68      (Adware)
searchprotect64.dll (1.0.3.61 by Skytech Co.)  (fcf8ff6879a85a8356b894b7669ac70e)

1 / 68      (Adware)
searchprotect32.dll (1.0.3.104 by Skytech Co.)  (b463ddf8d75e8c59f4480339fb40c39a)

35 / 68    (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (0793ba08ae8e1cdc8b4391a6ab13fcb0)

21 / 68    (Adware)
dpinterfacef32.dll (Skytech by Skytech Co.)  (2f0f4b48068dd6176b3a4ce2d67c747c)

22 / 68    (Adware)
dpinterface64.dll (Skytech by Skytech Co.)  (de6cfce5131db55eb0e979db4f5cd9ed)

18 / 68    (Adware)
dpinterface32.dll (Skytech by Skytech Co.)  (1d5a07c1fc270e60e0f95981883316fd)

1 / 68      (Adware)
bhoenabler.exe  (623749370cd6d5324b40c219906f843c)

1 / 68      (Adware)
suptab.exe  (825b2a648041857af56fc6af376747d7)

22 / 68    (Adware)
bhoenabler.exe  (18475a7051d78e337a990a6a12b8b856)

3 / 68      (Adware)
bhoenabler.exe  (537c2d9e03af2dc94bb871b9e60c877b)

30 / 68    (Adware)
searchprotect64.dll (1.0.3.265 by Skytech Co.)  (3f2b4096619b645d55532a76ea0f4e30)

36 / 68    (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (17dcad4517941ae35302212b608d185a)

22 / 68    (Adware)
dpinterfacef32.dll (Skytech by Skytech Co.)  (c5c1193c0b2e6cbd1c4a32ec07bdf39d)

18 / 68    (Adware)
dpinterface32.dll (Skytech by Skytech Co.)  (c5b6d325037b97066009e4dbab638247)

23 / 68    (Adware)
spappsv64.dll (1.0.3.390 by Skytech Co.)  (d2bc9178eedb147be75518853bea3922)

22 / 68    (Adware)
dpinterface64.dll (Skytech by Skytech Co.)  (9e6638f73d0cc10be92aae3e7d5ec5b9)

25 / 68    (Adware)
suptab.exe  (f36ed4a2ceefb8adca5b001e02dbfb9c)

14 / 68    (Adware)
searchprotect32.dll (1.0.3.265 by Skytech Co.)  (5d1739f562ab5f2c309a3e84e820ae4f)

29 / 68    (Adware)
suptab.dll (SupTab by Thinknice Co. Limited)  (047147dcf8b4a6b156f3569561868d2c)

16 / 68    (Adware)
dpinterface32.dll (Skytech by Skytech Co.)  (55cb2ac2812c268b70f6e6b82a694d54)

32 / 68    (Adware)

7 / 68      (Adware)
spappsv64.dll (1.0.3.418 by Skytech Co.)  (996d84fa4b4e45ae275ca46c54789329)

 
Latest 30 of 131 files

The certificates below are also signed by Thinknice Co. Limited.

11217F5D78EB081C1FE7C04946666204BE06  (Oct 26, 2015 to Oct 26, 2016)

1121D2AE6A557DB6C6DE9BDAEDDB1183AD8D  (Nov 02, 2015 to Oct 26, 2016)

112175F6B82B38EEBD83DD9A926C16D3E13A  (Nov 06, 2015 to Oct 26, 2016)

1121EA71CE9AA02FCB71E233D6DC728A4404  (Jan 11, 2016 to Oct 26, 2016)

11212696BF73C6640B1188BE21057FCC1911  (Jan 13, 2016 to Oct 26, 2016)

1121D3BC361BF16B81DBA025D699054D18C8  (Jan 05, 2016 to Oct 26, 2016)

1121A326E70D96DAA79FCFFE0D5CA846233E  (Dec 04, 2015 to Oct 26, 2016)

1121E80480FBAC32877A3B5962019CE1B6E0  (Dec 21, 2015 to Oct 26, 2016)

1121ABBFCF51E6C447C9BAA6DB78B079D51C  (Dec 17, 2015 to Oct 26, 2016)

11217ACBA611E937E144BFF893CA6B395A62  (Jan 28, 2016 to Oct 26, 2016)

10 of 19 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Remove Thinknice Co. Limited Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Thinknice Co. Limited by GlobalSign nv-sa on November 26, 2013 with the serial number '11218a5ef69a65044fe28125681d829b5efe'.