home

Demo IC

Publisher Information

Demo IC is a software developer located in Tel-Aviv, Israel*. The company is a primary distributor of unwanted software.
Authority:
COMODO CA Limited

Valid from:
2/19/2014 2:00:00 AM

Valid to:
2/20/2015 1:59:59 AM

Subject:
CN=Demo IC, O=Demo IC, STREET=28 Lilinblum St., L=Tel-Aviv, S=Tel-Aviv, PostalCode=6513307, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
0852572dbf6f9c3f6c48623ac5fc3f8a

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.installCore, PUP.installCore, PUP.Bundler.installCore, PUP.installCore.Installer, PUP.installCore.DemoIC, PUP.installCore.DemoIC (M), PUP.installCore.DemoIC.Installer (M), PUP.installCore (M)
100.00%

VIPRE Antivirus
Threat.4786018, InstallCore
90.91%

Avira AntiVirus
ADWARE/InstallCore.Gen9, ADWARE/InstallCore.Gen7, ADWARE/InstallCore.Gen4, PUA/InstallCore.Gen, PUA/InstallCore.Gen7, TR/Dropper.Gen
60.61%

ESET NOD32
Win32/InstallCore.PD potentially unwanted application, Win32/InstallCore.QW potentially unwanted application, Win32/InstallCore.QF potentially unwanted application, Win32/InstallCore.UN potentially unwanted application
48.48%

Vba32 AntiVirus
Malware-Cryptor.InstallCore.gen, Downware.InstallCore
42.42%

ESET NOD32
Win32/InstallCore.RA (variant), Win32/InstallCore.WX potentially unwanted (variant), Win32/InstallCore.QH (variant), Win32/InstallCore.PL potentially unwanted (variant)
30.30%

Comodo Security
Application.Win32.InstallCore.DZ, Application.Win32.InstallCore.DSR, Application.Win32.InstallCore.EAK, Application.Win32.Installcore.RC
24.24%

Dr.Web
Trojan.MulDrop5.38104, Trojan.InstallCore.215, infected with Trojan.Packed.24524, Trojan.MulDrop5.38502, Trojan.InstallCore.699
21.21%

NANO AntiVirus
Riskware.Win32.InstallCore.dmiylv, Riskware.Win32.InstallCore.drfvtp, Riskware.Win32.InstallCore.drfvxp
9.09%

Zillya! Antivirus
Adware.InstallCore.Win32.156
6.06%

1 / 68      (Adware)
demo_softxpand_dark.exe  (98d67ff9020e8cef8ce487a53f37657a)

1 / 68      (Adware)
kingsoftoffice_setup_v1.0.6.21875_918_demo.exe  (1acfeecbd914de27703cc9c2dc964176)

1 / 68      (Adware)
search_segment_1.exe (Installer Software)  (94807871974e11cac1c644109766fb7e)

1 / 68      (Adware)
icreinstall_video_to_mp3_installer_7.36.exe  (3abd98b3dc735da75c2c11e3528c2d5f)

7 / 68      (Adware)
v9_v1.0.7.23277_661_demo.exe  (db85568075c50eef9ace93fa06c55a5a)

6 / 68      (Adware)
kingsoftoffice_setup_v1.0.7.23277_353_demo.exe  (fdddfb77a5e2bcb6d792142024314c48)

7 / 68      (Adware)
demo_viview_un_multi.exe  (73f61835acfdb9f280267fcd41a6ef3f)

7 / 68      (Adware)
demo_beebox_th.exe  (5a3d89503d7c0bf1d0c63dc601264397)

4 / 68      (Adware)
demo_auto_fromdocstopdf_3675.exe (Soft by Internet)  (68ebf605968678a09e5d9b189d883387)

6 / 68      (Adware)
icreinstall_demo__maxthon.exe  (51bcdadf8a083fa04ff4a86b54933ae7)

9 / 68      (Adware)
icreinstall_demo_pricemeter_un.exe  (53b85663565b06b91946b1446b421a1a)

6 / 68      (Adware)
icreinstall_demo_issearch_browser.exe  (6de739e016bca797465673f46b02d69c)

5 / 68      (Adware)
safefinder_v3_setup_v1.0.7.23277_174_demo.exe (My Program)  (8066e23a2bbbd74abbab1ae8dcde68e7)

5 / 68      (Adware)
elex - demo_v9.exe (My Program)  (d108452877016129e14c80e9842399b8)

5 / 68      (Adware)
flashlightbtns_d2m_setup_v1.0.5.18248_demo.exe  (24916f1ee0694132d8954f90928bc84b)

5 / 68      (Adware)
nortonsecuritycp1_d2m_setup_v1.0.6.21875_749_demo.exe  (2f9ccc8f7bf052a07c3f7343243e1abc)

6 / 68      (Adware)
flappyfishoptinmenu_d2m_setup_v1.0.7.23277_492_demo.exe  (02e1c161a6483ecdd559c558a8743ed8)

5 / 68      (Adware)
gameo_v2_setup_v1.0.7.23277_331_demo.exe  (08ba13dde32c09260558ba9f69e5b1a7)

6 / 68      (Adware)
safefinder_v1_setup_v1.0.7.23277_109_demo._e_xe  (25b5d9dbf45087a1c5c709f4439ce05a)

7 / 68      (Adware)
demo_auto_is_bing_2978.exe (Installer)  (a34ebd1038d3dc605c04822964890dd5)

6 / 68      (Adware)
demo_searchprotect_un.exe  (42f0d923762f088847c3aedd8b0325f4)

5 / 68      (Adware)
icreinstall_demo_sweetpage.exe  (942e250618b4f70d2849612cc29cedda)

8 / 68      (Adware)
demo_installer.exe  (9f72cb3c5b9c0d8c7fe5c2e17cc346e3)

2 / 68      (Adware)
testprimum.exe (Web by Internet Web)  (639acd37e2faee6cf7573080d89d91b4)

3 / 68      (Adware)
test.exe (Generic by Internet)  (b2f528d66b3b1a0a8fc090091740bb7d)

3 / 68      (Adware)
infigo-cleaner_setup_v1.0.1.34594_908_stub.exe (Installer Generic by Prog web)  (ed6221f69f0590d6a1bacf495f92d68c)

2 / 68      (Adware)
demo_nc_dtm_stormwatch.exe (%VENDOR% Downloader by %VENDOR%)  (b19a3c3166fc4f54eda82bbde8b328e2)

2 / 68      (Adware)
demo_dtm_stormwatch.exe (%VENDOR% Downloader by %VENDOR%)  (cd2f417993689b248b4bf237c1d17c54)

5 / 68      (Adware)
demo_auto_optimizerpro_un_2529.exe (Internet Installer by %VENDOR%)  (322baec47219e400f7937dc5fefc80f6)

5 / 68      (Adware)
icreinstall_coolrom.exe  (579377234cdce81e8fd2e55686083252)

 
Latest 30 of 33 files

Downloads URLs for files signed by Demo IC.

5 / 68      (Adware)
http://dnld.ironcustapps.com/cust/SimilarGroup/.../FlashlightBtns_d2m_Setup_v1.0.5.18248_demo.exe  (24916f1ee0694132d8954f90928bc84b)

5 / 68      (Adware)
http://dnld.ironcustapps.com/cust/.../NortonSecurityCP1_D2M_Setup_v1.0.6.21875_749_demo.exe  (2f9ccc8f7bf052a07c3f7343243e1abc)

6 / 68      (Adware)
http://dnld.iccustapps.com.s3.amazonaws.com/cust/Mobilecoreapps/.../FlappyFishOptInMenu_d2m_Setup_v1.0.7.23277_492_demo.exe  (02e1c161a6483ecdd559c558a8743ed8)

6 / 68      (Adware)
http://dnld.iccustapps.com/cust/.../Demo_SearchProtect_UN.exe  (42f0d923762f088847c3aedd8b0325f4)

5 / 68      (Adware)
http://dnld.iccustapps.com.s3.amazonaws.com/cust/.../Demo_auto_OptimizerPro_UN_2529.exe  (322baec47219e400f7937dc5fefc80f6)

3 / 68      (Adware)
http://dnld.iccustapps.com/cust/.../Demo_Unchecky.exe  (c886f442e05951c781f8a3c56a0e74ea)

4 / 68      (Adware)
https://www.dropbox.com/s/.../WinZipSetup_v1.0.4.22710_409_stub.exe  (7db57eaa7cc7d40ebd9374d16f106aa0)

The following websites host and distribute files published by Demo IC.

dnld.iccustapps.com.s3.amazonaws.com

dnld.iccustapps.com

dnld.ironcustapps.com

www.dropbox.com

The following publishers (by Authenticode signature organization name) are related.

CoolAppDownloads

Participatory Culture Foundation

IronPremium

STMSetup

WorldSetup

ISfreemium

iS-NS

Asap Tech Help LLC

* Note, the details and description above are based on the code signing digital signature issued to Demo IC by COMODO CA Limited on February 19, 2014 with the serial number '0852572dbf6f9c3f6c48623ac5fc3f8a'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.