home

DEV STAR OOO

Publisher Information

DEV STAR OOO is a software publisher located in Yaroslavl, Yaroslavskaya in Russia*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
COMODO CA Limited

Valid from:
3/3/2017 3:00:00 AM

Valid to:
6/24/2017 2:59:59 AM

Subject:
CN="""DEV STAR"" OOO", O="""DEV STAR"" OOO", STREET="Svoboda, 2, of.405", L=Yaroslavl, S=Yaroslavskaya, PostalCode=150000, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00f142edc2b0ac427f300f23c458143963

Scanner detections:
Detections  (60% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Bundler (M), Threat.Win.Reputation (M), Adware.Bundler.OO (M)
78.13%

Baidu Antivirus
Win32.Trojan.WisdomEyes.16070401.9500
21.88%

Sophos
Mal/FakeAV-SE, Troj/Zbot-EZJ
21.88%

IKARUS anti.virus
Trojan.Win32.Crypt
21.88%

Qihoo 360 Security
HEUR/QVM08.0.0000.Malware.Gen
21.88%

Avira AntiVirus
TR/Crypt.ZPACK.Gen
18.75%

Rising Antivirus
Malware.Obscure!1.9C59 (classic)
18.75%

Panda Antivirus
Generic Suspicious, Trj/Genetic.gen
18.75%

ESET NOD32
Win32/Kryptik.FPSZ trojan, Win32/Kryptik.FPUA trojan, Win32/GenKryptik.PUU trojan
15.63%

ESET NOD32
Win32/GenKryptik.YAG (variant), Win32/Kryptik.FPUA (variant)
15.63%

1 / 68      (PUP)
klyuchi_kaspersky-2017__smeralda.exe  (3d73f372e8942914e181d5fe6c8872af)

2 / 68      (PUP)
ios_jailbreak_tool_for_pc__erthida.exe  (69edf6d2dfe1f654e1d27afb9ef335c4)

1 / 68      (PUP)
darklightclient1_8.exe  (86733ef1f8d7e4fdb2c2de4ca8e9822e)

10 / 68    (Malware)
mstoolkit265stable__arlingto.exe  (a70a3098def2caf0de05065ee57642d9)

0 / 68
6gxrhqdodpjg.exe  (16ad6b63abac5730420e42eb594f2bb7)

0 / 68
kmspico-10-2-0__pipacti.exe  (7bdbbdb9f48223e13ec6899474b7dba8)

0 / 68
100_rabochiy_skript__artlepoo.exe  (e853f2f2363742cc3b3a7a28295d7bd0)

0 / 68
windows-loader-by-daz__uchlaena.exe  (a763e524b6a7ada7c31dd4a46782d9c8)

0 / 68
mstoolkit265stable__herskogo.exe  (42a0bb71ad5674d7860f13ff4d086d1f)

0 / 68
chewwga-0-9__merasia.exe  (28b1428da68488a2c0e8c22f6ba6fb91)

0 / 68
kmsauto-net-portable__arkinso.exe  (a9eb9cee07e8267714decf2a8cc857fc)

0 / 68
mstoolkit265stable__steroidea.exe  (20f9b7974ddb13f62b4310aa56c55c26)

0 / 68
9i3waxhq.exe  (6571ad3638828cd8d25ccdf8854c0397)

0 / 68
chewwga-0-9__dironda.exe  (578029216ea364057f458b496b8dcab3)

2 / 68      (PUP)
c-ops_hacks_updated_by_12glitch13.exe  (564e9f9fccbdb920043eb060dd649211)

0 / 68
kmspico-10-2-0__ortunella.exe  (f601753660215907256307a47fb9e23c)

0 / 68
m_a_2_2_1.exe  (303202e5c388de98a32e0f523b23bfc5)

11 / 68    (Malware)
1st_studio_masha_babko_masha_babko_siberian_mouse_18.exe  (2d192d41d751ca05e0c5a8d6116d6ef1)

0 / 68
{blocked}.exe  (6dcfd2fff6c40a2291068245a6a14b1b)

0 / 68
windows-loader-by-daz__ickerso.exe  (3a47e43086c02b23dae700308dc700dd)

2 / 68      (PUP)
steam_key__ddfello.exe  (dc37a7932d710b934058f6d65b8fa62a)

0 / 68
tkz_1_2_22.exe  (fe0fae94a87e7cadc33317bfaff038a9)

1 / 68      (PUP)
cs_go_keys.exe  (0820b1defce70cfc4227ae81741d9cf4)

1 / 68      (PUP)
proxy_gear_pro_3_0.exe  (55ecbe078eb85d6483d84f4ac2eab7bb)

0 / 68
crybot__hristiania.exe  (1b234c167c48ac614bfbd2b5c04cb6ac)

8 / 68      (inconclusive)
setup__lexicho.exe  (be28046ea198f5afbdcdcae0edd29039)

0 / 68
415d.tmp  (38b47aa3da23cf766594b36606a36833)

0 / 68
chit_na_kontru_siti_na_monetki_i_razblokirovka_orujiya.exe  (a468a37d8b09cbb8c2925010158fe73a)

2 / 68      (PUP)
cheatsmine__cropoli.exe  (e070eec66402c28b19bfb27d103505bc)

7 / 68      (inconclusive)
tv_player_classic_6_8_portable.exe  (6a4c8e4be684d7edd7f194130ac3f51c)

 
Latest 30 of 68 files

* Note, the details and description above are based on the code signing digital signature issued to DEV STAR OOO by COMODO CA Limited on March 03, 2017 with the serial number '00f142edc2b0ac427f300f23c458143963'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.