INSAFE

Publisher Information

INSAFE is a software publisher located in Gangnam-gu, Seoul in Korea*. The company is a primary distributor of unwanted software. There is one additional code signing certificate issued to this publisher.
Remove INSAFE Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
9/11/2013 9:00:00 AM

Valid to:
9/12/2014 8:59:59 AM

Subject:
CN=INSAFE, OU=IT Team, O=INSAFE, L=Gangnam-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
3e4f1f53251433d38dec22008a6b91d8

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.INSAFE, PUP.INSAFE (M)
100.00%

MicroWorld eScan
Gen:Variant.Adware.Graftor.140284
12.00%

Bitdefender
Gen:Variant.Adware.Graftor.140284
12.00%

Agnitum Outpost
PUA.Kraddare
12.00%

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.140284
12.00%

F-Secure
Gen:Variant.Adware.Graftor.140284
12.00%

VIPRE Antivirus
Trojan.Win32.Generic
12.00%

Avira AntiVirus
Adware/Graftor.140284.11, Adware/Graftor.140284.3
12.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.140284
12.00%

ViRobot
Adware.Gearext.416288, Adware.MouseControlSvc.416808.C
12.00%

1 / 68      (Adware)
rcprovider.exe  (6cd7882c393b8e2618fa7c2ac216cad2)

1 / 68      (Adware)
windirector.sys  (869674d91f65bb8143f1053321394679)

1 / 68      (Adware)
rcprovider.sys  (98e5c841b7debab5780b3840df3b33ee)

1 / 68      (Adware)
myipview.sys  (ae29496c22020db3f263ba85dd4e0bfa)

1 / 68      (Adware)
mousecontrolsvc.sys  (f363c9b76b2cf6d2fe694387c3305057)

1 / 68      (Adware)
gext_fileidc.dll  (6db27f42b735b1050ccffc40e0603f50)

1 / 68      (Adware)
gext_bangabmoa.dll  (54564f5aa071a327a0fbd74a12ecda38)

1 / 68      (Adware)
gearext_uninst.exe  (480db252c8fedf61600708fda3c3eefb)

1 / 68      (Adware)
gearexts.exe  (153a050e7b6a8185ba804fc2a189f5a2)

24 / 68    (Adware)
gearext.exe (GearExtention)  (7124443fea02ebb33db8927c8e2638bd)

1 / 68      (Adware)
mouserelease_sch.exe  (efd0880f04e7e29a35a114689e509fd6)

1 / 68      (Adware)
gearexts.exe  (36adf71f35bbc989367cc9fc6db4b877)

1 / 68      (Adware)
mouserelease_uc.exe  (84a25c0af89a6ee9fb31fa883620195a)

1 / 68      (Adware)
gearextu.exe  (58c5e47609b0c7da8f56ca01ab420b45)

1 / 68      (Adware)
mouserelease_dd.sys  (af2975c0c0711b0b3b19457af7836eeb)

1 / 68      (Adware)
gearext.sys  (0ffb157938bc12db55690bb6976f6c36)

1 / 68      (Adware)
ripmqmnri.exe (INISafe)  (11f0d7538d75c0785e86ee65cb3a042c)

1 / 68      (Adware)
mrmontquqrsp.exe  (7293bb56de0465c42bc04f3bbf29edf6)

1 / 68      (Adware)
gemegnmqmp.exe  (20f00b779c059b031a1c4409a83af090)

24 / 68    (Adware)
gearext.exe (GearExtention)  (352b30547481c19446bdbab35de8628b)

1 / 68      (Adware)
myipview_uninst.exe  (424f4d7e2388c731b9ff93725f6bb13e)

1 / 68      (Adware)
gearext_uninst.exe  (d021a4c467f708de0e29ad9c6f00e07a)

1 / 68      (Adware)
gearextu.exe  (881c40342fb9a5077d7b5af6a4f5d251)

1 / 68      (Adware)
gearexts.exe  (affe28096f2d2f8ba148294bffe7c346)

1 / 68      (Adware)
barovisit_uninst.exe  (770ac9eb167b94dd8328751911b15321)

1 / 68      (Adware)
barovisit.exe  (6131fad4d47c8894e5a64552b0ecc522)

1 / 68      (Adware)
networkau.exe  (80f40cba22e5752622cda19450665d0e)

1 / 68      (Adware)
networkas.exe  (5dd02417fc564e7078e4169ee4cd5444)

1 / 68      (Adware)
networka.exe  (cbc9e2fad89a96abebfc4a824c4be068)

1 / 68      (Adware)
tenrrsste.exe (PC Software)  (47510c39b76d07d610b09c9700d5830b)

 
Latest 30 of 308 files

The following certificate is also signed by INSAFE.

3D79358F1CB0629C9595F33E197E886F  (Sep 15, 2014 to Oct 16, 2015)

The following publishers (by Authenticode signature organization name) are related.

Remove INSAFE Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to INSAFE by Thawte, Inc. on September 11, 2013 with the serial number '3e4f1f53251433d38dec22008a6b91d8'.