home

M/s Children Code

Publisher Information

M/s Children Code is a software developer located in Mohali, Punjab in India*. The company is a primary distributor of unwanted software.
Authority:
COMODO CA Limited

Valid from:
2/10/2014 2:00:00 AM

Valid to:
2/11/2015 1:59:59 AM

Subject:
CN=M/s Children Code, O=M/s Children Code, STREET="Plot No. F-125,", STREET="Sector 74,", STREET="Industrial Area, Phase 8B", L=Mohali, S=Punjab, PostalCode=160071, C=IN

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
355cdfd525f643928f3a5700d87f0799

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MsChildrenCode.N, PUP.Installer.MsChildrenCode.I, PUP.Startup.MsChildrenCode.F, PUP.Installer.MsChildrenCode.F, PUP.Startup.MsChildrenCode.K, PUP.MsChildrenCode.J, PUP.Installer.MsChildrenCode.J, PUP.MsChildrenCode.M, PUP.MsChildrenCode.L, PUP.MsChildrenCode.H, PUP.MsChildrenCode.G, PUP.MsChildrenCode.Installer (M), PUP.MsChildrenCode (M), PUP.MsChildr.Installer (M), PUP (M)
100.00%

VIPRE Antivirus
Backdoor.Win32.Ircbot.gen, Trojan.Win32.Generic, MyWebSearch.J
35.71%

ESET NOD32
Win32/Packed.Themida (variant), Win32/MediaMine (variant), Win64/BitCoinMiner (variant), Generik.KCTTFBX (variant), Win32/Injector.BFYA (variant)
35.71%

Qihoo 360 Security
Win32/Trojan.3a9, Win32/Trojan.c2b, Win32/Trojan.96d, Win32/Virus.Downloader.da4, Win32/Trojan.8b6, HEUR/Malware.QVM19.Gen
28.57%

McAfee
Artemis!ABE97C48A963, Artemis!2BD7EB2B1464, Artemis!D722CD14F932, Artemis!FFCF0BC8B030, Artemis!60211C4E209A, Artemis!94549BB50885
21.43%

MicroWorld eScan
Gen:Variant.Symmi.39392, Gen:Variant.Graftor.127164, Trojan.GenericKD.1752894, Gen:Variant.Graftor.152596
21.43%

Bitdefender
Gen:Variant.Symmi.39392, Gen:Variant.Graftor.127164, Trojan.GenericKD.1752894, Gen:Variant.Graftor.152596
21.43%

Lavasoft Ad-Aware
Gen:Variant.Symmi.39392, Gen:Variant.Graftor.127164, Trojan.GenericKD.1752894, Gen:Variant.Graftor.152596
21.43%

Emsisoft Anti-Malware
Gen:Variant.Symmi.39392, Gen:Variant.Graftor.127164, Trojan.GenericKD.1752894, Gen:Variant.Graftor.152596
21.43%

F-Secure
Gen:Variant.Symmi.39392, Gen:Variant.Graftor.127164, Trojan.GenericKD.1752894, Gen:Variant.Graftor.152596
21.43%

1 / 68      (Adware)
diagnostics.exe (RndBtnDemo Application)  (20804d55fd8f42f72d08005a81290867)

1 / 68      (Adware)
compatibility.exe  (289a612fc417a71468af09d318db589a)

1 / 68      (Adware)
plg0.dll  (fa4ad6659331709e6bef8b1ad16c63da)

1 / 68      (Adware)
deinstaller.exe  (683ebc19fa3e82e55939b58b1553ae20)

1 / 68      (Adware)
taskswatch.exe  (2bd7eb2b1464c59d0628de3ab0279f11)

1 / 68      (Adware)
videousage.exe  (c3f3c81af64177120411481e3c2a1daa)

1 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (f364d3e22c14c3007a07f863e47597d0)

1 / 68      (Adware)
prerun.exe (RndBtnDemo Application)  (8db4e748289b5d9137e7ffb4d135ef05)

1 / 68      (Adware)
postrun.exe (RndBtnDemo Application)  (56db4e490a7bf967ad99dc4b0034c595)

1 / 68      (Adware)
prefetch.exe (BrowsingSmarter)  (19cd4b1ced42af18b6e7fac6ef001a46)

1 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (9f633be9285d1327944f799af78fc9d8)

1 / 68      (Adware)
installer.exe  (a8baa8cc5a8934f5b14a8ba5f0ab2f22)

1 / 68      (Adware)
deinstaller.exe  (23af1a1d6e04883a74719b3244a3e73d)

1 / 68      (Adware)
prefetch.exe (Advertising NU)  (7f6cf3523676ca4f458d82f045ee52a7)

1 / 68      (Adware)
videousage.exe  (e2c2d4fbb014ba4d11e30f8dfc669c5a)

6 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (5167573e703bd0aff229ebc853710c55)

1 / 68      (Adware)
installer.exe  (9650d467f0a7d0d062d3a836287ce9f8)

24 / 68    (Adware)
install_update.exe (Software Update by Double Opt Media)  (55a01c1f809747d188408f62c2b6cf72)

14 / 68    (Adware)
install_update.exe (Software Update by Double Opt Media)  (07618cab1264fccd7c13583f28d858a9)

1 / 68      (Adware)
prerun.exe (RndBtnDemo Application)  (58c99a3e3a51424dd464c764a6cdc669)

3 / 68      (Adware)
postrun.exe (Transparent Button Demo by Carboni Software)  (c427148ef12a2964d73daae8c9cc773e)

1 / 68      (Adware)
diagnostics.exe (RndBtnDemo Application)  (aa54f121483645e09ca89e22af6cd139)

4 / 68      (Adware)
prefetch.exe (Software Update by Double Opt Media)  (bb671377ddca2b72918c08824c46701b)

6 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (68a1d5a3388ef305df9e054ace300f28)

3 / 68      (Adware)
silent_v2.exe (RndBtnDemo Application)  (a17059e8af0c8cb426de73b0d91dcd23)

12 / 68    (Adware)
taskswatch.exe  (773a4d636d80245d5b7e4e2e3658ecfd)

1 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (46fd151daded2271dcd4d044d78321ed)

17 / 68    (Adware)
processusage.exe  (d1c016423e3f5c14a1c6ce39f29403e8)

1 / 68      (Adware)
uninstall.exe (Setup Factory Runtime by Indigo Rose)  (036f859f89bc9ed0f5cbd459e33dc9f2)

9 / 68      (Adware)
prefetch.exe (DoubleOptMedia)  (bbf7203de079469c4962fcf6491a35c4)

 
Latest 30 of 42 files

Downloads URLs for files signed by M/s Children Code.

8 / 68      (Adware)
http://downloads.doubleoptmedia.com/g8v2g.exe  (471869398f0a392fd008eb159934d15f)

9 / 68      (Adware)
http://downloads.doubleoptmedia.com/g8v2j.exe  (bbf7203de079469c4962fcf6491a35c4)

9 / 68      (Adware)
http://downloads.doubleoptmedia.com/dg8v2.exe  (94549bb50885ff8709b1793c59c5b515)

7 / 68      (Adware)
http://downloads.doubleoptmedia.com/g8v2c.exe  (17c9f84b20b61deecbaf3057e59bf67e)

8 / 68      (Adware)
http://downloads.doubleoptmedia.com/dg8v2.exe  (abe97c48a963af4bb4526d8010d22e88)

9 / 68      (Adware)
http://113.171.224.210/.../dg8v2.exe  (94549bb50885ff8709b1793c59c5b515)

21 / 68    (Adware)
http://downloads.doubleoptmedia.com/wg8v2.exe  (2bd7eb2b1464c59d0628de3ab0279f11)

9 / 68      (Adware)
http://113.171.224.210/.../g8v2j.exe  (bbf7203de079469c4962fcf6491a35c4)

14 / 68    (Adware)
http://r.nusoftinstalls.com/clk?partner=36&subid_1=lax1CJSHhNf7y8SSdRACGN348sXCuLTjEiIMNzEuNTAuNjYuMTk5KAEwhtjwngU.&subid_2=&subid_3=video  (install_update(1).exe)

The following websites host and distribute files published by M/s Children Code.

downloads.doubleoptmedia.com

r.nusoftinstalls.com

The following publishers (by Authenticode signature organization name) are related.

M/s Tech AnB

* Note, the details and description above are based on the code signing digital signature issued to M/s Children Code by COMODO CA Limited on February 10, 2014 with the serial number '355cdfd525f643928f3a5700d87f0799'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.