Akorea

Publisher Information

Akorea is a software publisher located in Haeundae-gu, Busan in Korea*. The company is a primary distributor of unwanted software. Thre are 4 additional code signing certificates issued to this publisher.
Remove Akorea Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
6/28/2013 9:00:00 AM

Valid to:
7/29/2014 8:59:59 AM

Subject:
CN=Akorea, O=Akorea, L=Haeundae-gu, S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
47808d51bd832e4e938de40e8abcfacb

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, Unnamed.Threat.50, Unnamed.Threat.73, PUP.Installer.Akorea.G, PUP.Akorea.M, PUP.Installer.Akorea.X, PUP.Akorea (M), PUP.Akorea.Installer (M)
100.00%

McAfee
Generic FakeAlert.hh, Artemis!618EE8086707, FakeAlert-PZ, Generic FakeAlert.cp, Artemis!42F87C8672A5, Artemis!26A62719363C, Artemis!A69B16F23368
44.12%

Malwarebytes
Adware.Kraddare, Rogue.K.VaccineTop, Adware.Korad, Rogue.SpeedCleaner, Adware.CO.KR, Rogue.PCSupporter, Rogue.Korad
44.12%

Bitdefender
Gen:Variant.Graftor.53956, Gen:Variant.Strictor.47128, Gen:Variant.Strictor.42338, Application.Generic.576090, Gen:Variant.Adware.Graftor.129002
44.12%

SUPERAntiSpyware
Adware.Kraddare, Trojan.Agent/Gen-FraudScan
44.12%

Avira AntiVirus
TR/Symmi.31506.9, TR/Strictor.47128, TR/Graftor.53956.86, TR/Symmi.31506.61, TR/Graftor.53956.53, TR/Strictor.38159.26, TR/Graftor.53956.70
44.12%

McAfee Web Gateway
Heuristic.BehavesLike.Win32.Suspicious-DTR.G, Artemis!618EE8086707, BehavesLike.Win32.FakeAlert.cc, BehavesLike.Win32.FakeAlert.lc
44.12%

Emsisoft Anti-Malware
Gen:Variant.Graftor.53956, Gen:Variant.Strictor.47128, Gen:Variant.Strictor.42338, Gen:Variant.Adware.Graftor.129002, Gen:Variant.Graftor.128793
44.12%

G Data
Gen:Variant.Graftor.53956, Gen:Variant.Strictor.47128, Gen:Variant.Strictor.42338, Application.Generic.576090, Gen:Variant.Adware.Graftor.129002
44.12%

F-Secure
Gen:Variant.Adware.Graftor.129002, Gen:Variant.Strictor.47128, Gen:Variant.Strictor.42338, Application.Generic.576090, Gen:Variant.Graftor.128793
44.12%

1 / 68      (Adware)
vprotectu.exe (vprotect updater by AKorea)  (dddea878ace5b871f1ba940bc14b39df)

1 / 68      (Adware)
vprotectstart.exe (vprotect starter by AKorea)  (2e59cd20d03428db21989ffe4d6eb6f0)

1 / 68      (Adware)
vprotect.exe (vprotect by AKorea)  (7cd58621b86d5913d91e72dcf6aa5339)

1 / 68      (Adware)
uninst_vprotect.exe (vprotect by AKorea)  (d9eeea259257e8695c1807e58c8836a7)

1 / 68      (Adware)
EGutil.dll (vprotect by AKorea)  (a86cb5002eb34d667034399804579c98)

1 / 68      (Adware)
vaccineup.exe (vaccineup by AKorea)  (18710acd20a25b16c0827571ac1bcbd2)

1 / 68      (Adware)
uninst_boansite.exe (uninst_boansite by AKorea)  (65b054156b301f3d5ed1141f708806db)

1 / 68      (Adware)
boansitedm.exe (boansitedm by AKorea)  (5381ba9c220bb6d90cbe7ce605c9b29b)

1 / 68      (Adware)
boansiteBK.exe (boansiteBK by AKorea)  (fdcf009681cda90673bf19eb069696dc)

1 / 68      (Adware)
pointboansetup_pop.exe (pointboan installer by AKorea)  (04f915cf5389ac7a42684b26d698b8e6)

1 / 68      (Adware)

1 / 68      (Adware)
boansystemsetup_pop.exe (boansystem installer by AKorea)  (9b0b1d6ae3e41d4b7d9bcd9d3933450b)

1 / 68      (Adware)
boanlitesetup_pop.exe (boanlite installer by AKorea)  (7819e269c61ec1e93fa86c95fc04554b)

1 / 68      (Adware)

1 / 68      (Adware)
uninst_livecleaner.exe (uninst_livecleaner by AKorea)  (8b4095f2b235d3b506ad8b1038b9b0f8)

1 / 68      (Adware)
livecleanerU.exe (livecleaner by AKorea)  (b22495e1010ef588a5e0a60c4f427c28)

1 / 68      (Adware)
livecleaner.EXE (livecleaner by AKorea)  (0997b9aa2cdc9d47a3a7be710161ce2c)

1 / 68      (Adware)
livecleanerse.exe (by Akorea)  (d146eeab234610e393ed6905339de676)

1 / 68      (Adware)
vaccinetopsvc.exe (vaccinetop by AKorea)  (c27f6c47c85984c35c4fe418d636fd65)

32 / 68    (Adware)

22 / 68    (Adware)
pcsupporter.EXE (pcsupporter by AKorea)  (a69b16f23368490c9b22af5e1537d9ab)

39 / 68    (Adware)

34 / 68    (Adware)
68963.malware (pcsupporter by AKorea)  (a962274ef9823aa5ad78272398265bb4)

33 / 68    (Adware)
64172.malware (uninst_pcsupporter by AKorea)  (26a62719363c5594daeecb238e785e9e)

27 / 68    (Adware)
64170.malware (pcsupporter by AKorea)  (42f87c8672a5135aa97653c292fb299b)

29 / 68    (Adware)
64164.malware (by AKorea)  (a8fccd8f93e5844bb84b80f9d6907e5c)

37 / 68    (Adware)
64157.malware (pcsupporter installer by AKorea)  (e469263960be7500840dce11ff8f91cc)

39 / 68    (Adware)

36 / 68    (Adware)
windatareset.exe (by Akorea)  (28c78c4cb26814fa9aedca537411b2c1)

36 / 68    (Adware)
스피드클리너.exe (speedcleaner installer by AKorea)  (241b4d65513b78a201bbaa93b717d4e9)

 
Latest 30 of 34 files

The certificates below are also signed by Akorea.

2FAE031CEAF57B56615A3998DEB1D1FD  (May 05, 2012 to Jul 05, 2013)

5D613064725D2995334F25A0F88211D1  (May 19, 2011 to May 19, 2012)

1FD4E6E2D3011881D4A22C6056559DA3  (May 28, 2010 to May 29, 2011)

57AA8D37BE793A2E6812E737241714A8  (Apr 08, 2009 to Apr 09, 2010)

Remove Akorea Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Akorea by Thawte, Inc. on June 28, 2013 with the serial number '47808d51bd832e4e938de40e8abcfacb'.