Woolik technologies ltd

Publisher Information

Woolik technologies ltd is a software developer located in Or Yeuda, Israel*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Remove Woolik technologies ltd Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
7/24/2013 9:00:00 PM

Valid to:
7/25/2014 8:59:59 PM

Subject:
CN=Woolik technologies ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Woolik technologies ltd, L=Or Yeuda, S=israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
233d2998915945a85914a5071b609336

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Wooliktechnologiesltd.H, PUP.Babylon.Task.I, PUP.Installer.Wooliktechnologiesltd.F, PUP.Wooliktechnologiesltd.Q, PUP.Wooliktechnologiesltd.G, PUP.Wooliktechnologiesltd.K, PUP.Wooliktechnologiesltd.J, PUP.Montiera.Wooliktechnologies (M), PUP.Montiera.Wooliktechnologies.Installer (M)
100.00%

Dr.Web
Adware.Babylon.12, Trojan.StartPage.56734, DLOADER.Trojan, Adware.Babylon.10, Adware.Babylon.14
56.52%

ESET NOD32
Win32/Toolbar.Babylon, Win32/Toolbar.Babylon (variant)
56.52%

Malwarebytes
PUP.Optional.Babylon.A, PUP.Optional.BabSolution.A, PUP.Optional.PCFixSpeed.A, PUP.Optional.Delta.A
52.17%

Trend Micro House Call
TROJ_GEN.F47V0726, TROJ_GEN.F47V0916, TROJ_GEN.F47V0927, TROJ_GEN.F47V1014, TROJ_GEN.R0CBB04L913, TROJ_GEN.F47V1017, TROJ_GEN.F47V0912
47.83%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
47.83%

Bkav FE
W32.Clod2b6.Trojan, W32.Clod96b.Trojan, W32.Clod599.Trojan, W32.Clod004.Trojan, W32.Clodbef.Trojan, W32.Cloda72.Trojan, W32.Clod411.Trojan
43.48%

Comodo Security
Application.Win32.Babylon.ag, Application.Win32.Babylon.id, Application.Win32.SearchRes.tg, Application.Win32.Babylon.ac
39.13%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen, Downloader.Agent
34.78%

Agnitum Outpost
I-Worm.Chir.B, Trojan.Agent, PUA.Toolbar.Babylon, PUA.Downloader
34.78%

1 / 68      (Adware)
onlytb.exe  (fd89cf92a698d101c7cca24429df6862)

1 / 68      (Adware)
setup.exe (Setup Module by Babylon)  (8bb4935d6dcfc452833b180e0d816d00)

1 / 68      (Adware)
BUSolution.dll (BU Dynamic Link Library)  (58eaadae1000537a52c1eb5de6d34985)

17 / 68    (Adware)
pcfixspeed_0509-e1347670.exe  (773db2d47c0556009e1642e6ec71d96a)

13 / 68    (Adware)
air71d.exe  (e32f7eb50053552ca87b70885123c349)

9 / 68      (Adware)
dale.exe  (1c59d8d173650a2c2858783eb52eb22d)

4 / 68      (Adware)
enhancedNT.dll (enhancedNT)  (c832cca094f955a548c9e8afa12c6f62)

1 / 68      (Adware)
130214_b4.exe  (33ca9785b4db85594e96bc59e183210c)

2 / 68      (Adware)
130214_b4.exe  (d9df24536e21336a9e2171d5f7b646c0)

12 / 68    (Adware)
tbtika.exe  (aa2ae1ae0b97efd2681a79cdabd0f39d)

4 / 68      (Adware)
enhancedNT.dll (enhancedNT)  (806c31db5f8d1ba3998a8df26882b7d2)

13 / 68    (Adware)
optitb.exe  (d1de3417c65153cc3fa958a47c15bc1f)

8 / 68      (Adware)
toolbar26706653.exe  (ddaf09528ef4af5749438d50a54b5ad1)

19 / 68    (Adware)
toolbar16827749.exe  (7c91f45f00f4d2584cf17dd57f015e7f)

15 / 68    (Adware)
searchgoltb.exe  (4b5b56bbc4d472d52c03c7dc6c33026d)

10 / 68    (Adware)
onlytb.exe  (6d8834a7524229fd96e45a16442ad78f)

15 / 68    (Adware)
dokotb.exe  (e552f27b051084d083c11df82bf1d333)

2 / 68      (Adware)
fntupdtr.exe  (5d213ec175b9c1be6b5f245c17a294eb)

5 / 68      (Adware)
BUSolution.dll (BU Dynamic Link Library)  (b418fcaafdc829a5b83123ea8404bab4)

1 / 68      (Adware)
busolformontiera.dll  (b2bcb8a8cb04a094c41e4c79070a2f99)

49 / 68    (Adware)
setup.exe (Setup Module by Babylon)  (d4fae9bd0e8abd119d3c83dc3e826bc2)

11 / 68    (Adware)
babmaint.exe  (e7831e33c81eb10a8f7ba3b608383724)

3 / 68      (Adware)
uninst1.exe (Uninstaller by Babylon)  (25e5512a65b55d216c58769e29c016ba)

Downloads URLs for files signed by Woolik technologies ltd.

15 / 68    (Adware)
http://media.opencandy.com/p/908/.../SearchGolTB.exe  (4b5b56bbc4d472d52c03c7dc6c33026d)

2 / 68      (Adware)
http://s3.amazonaws.com/.../BaiduAV.exe  (d9df24536e21336a9e2171d5f7b646c0)

1 / 68      (Adware)
http://s3.amazonaws.com/.../BaiduAV.exe  (33ca9785b4db85594e96bc59e183210c)

The following websites host and distribute files published by Woolik technologies ltd.

The following certificate is also signed by Woolik technologies ltd.

7F992DC68CD6D89798B6148730F501CD  (Sep 15, 2014 to Aug 22, 2015)

The following publishers (by Authenticode signature organization name) are related.

Remove Woolik technologies ltd Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Woolik technologies ltd by VeriSign, Inc. on July 24, 2013 with the serial number '233d2998915945a85914a5071b609336'.