JP Media Group

Publisher Information

JP Media Group is a software publisher located in Gangnam-gu, Seoul in Korea*. The company is a primary distributor of unwanted software. Thre are 2 additional code signing certificates issued to this publisher.
Remove JP Media Group Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
10/28/2012 9:00:00 AM

Valid to:
12/28/2014 8:59:59 AM

Subject:
CN=JP Media Group, OU=EC Team, O=JP Media Group, L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
61f1a0d73ef91ea0ed864432a96cac0a

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.JPMediaGroup.P, PUP.Startup.JPMediaGroup.K, PUP.Startup.JPMediaGroup.N, PUP.JPMediaGroup.H, PUP.JPMediaGroup.J, PUP.JPMediaGroup (M)
100.00%

ESET NOD32
Win32/Adware.CloverPlus.AB (variant), Win32/Adware.CloverPlus.AD (variant)
86.00%

Avira AntiVirus
TR/Symmi.8856, Adware/CloverPlus.AB.15, TR/Symmi.31567.11, Adware/Graftor.Elzob.15121.3, TR/Agent.bta, Adware/CloverPlus.AB.26
84.00%

McAfee
Artemis!04D5CB5C37BF, Artemis!8017A8DD2380, Artemis!5C202F28EA34, Artemis!E9CFCA7E225B, Artemis!F09D62FAD892, Artemis!D7C98CCF7FF1, Artemis!8EBB8B5BB5F1, Artemis!089BAA564DA5, Artemis!AE2BDDB5D54E, Artemis!D8B9B3888FD5, Artemis!0D7A0179BD39, Artemis!1343665F0FBA, Artemis!6373491EEB3E, Artemis!B6371A4FEC57, Artemis!09F76F2384A3, Artemis!98EBC9CD09C7
82.00%

Fortinet FortiGate
Riskware/CloverPlus, W32/Genome.AB!tr.dldr, Adware/CloverPlus, W32/Runagry.AB!tr.bdr
82.00%

AhnLab V3 Security
PUP/Win32.WinKeyword, PUP/Win32.CloverPlus, PUP/Win32.MulDown
76.00%

McAfee Web Gateway
Artemis!04D5CB5C37BF, Artemis!8017A8DD2380, Artemis!5C202F28EA34, Artemis!E9CFCA7E225B, Artemis!F09D62FAD892, BehavesLike.Win32.PUP.dh
72.00%

Sophos
Generic PUA LJ, Generic PUA JL, Generic PUA FI, Generic PUA DL, Clover Plus, Generic PUA GJ, Generic PUA FP, Generic PUA BK
72.00%

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
70.00%

AVG
Generic5, Generic6
68.00%

36 / 68    (Adware)
WinKeyword.EXE  (acb279b890958699283a66a13b225b7f)

1 / 68      (Adware)
winkeyword_up.exe  (7a1b313ffc59cfa1b8ec2901794d6606)

1 / 68      (Adware)
wkv3_i02d.exe  (3e5edb5eac9c71cb43cd40cb0ab0d808)

1 / 68      (Adware)
install_poten1.exe  (f0d424ff265206238aa9914cadd23d07)

1 / 68      (Adware)
winkeyword_up.exe  (466adfc8c552ad9f8d2140f09fb6df57)

36 / 68    (Adware)
WinKeyword.EXE  (54fd475f502cc934f73b4e7eb66b42b7)

1 / 68      (Adware)
btivuninstall.exe  (da5be77672264243f02dc93b96230ce6)

1 / 68      (Adware)
bt_neo1.exe  (93ebe345984179c1cd718e53dbc0d5dd)

1 / 68      (Adware)
kkw10v412.exe  (bfbe167096cc318e8af6fc3895a81cf9)

15 / 68    (Adware)
bt_neo4.exe  (98ebc9cd09c737f2824f2a94b3ac3c17)

30 / 68    (Adware)
wd_id01.exe  (e9859d3826ae798d330534105d34003f)

28 / 68    (Adware)
btiupv32.exe  (b01d8fdc35f7166abcdc4aaf6c499175)

29 / 68    (Adware)
btipv32.exe  (232751e6b7bec9fec7211e4d5d03f459)

28 / 68    (Adware)
btipv32.exe  (09f76f2384a33aec38e75529ac4d1417)

23 / 68    (Adware)
bt_neo8.exe  (b6371a4fec57321c285e3b83f37a93d0)

26 / 68    (Adware)
wd_id11.exe  (cce6d80fc352d339b961d7b4d48fbab5)

31 / 68    (Adware)
WinKeyword.EXE  (e1b5ed26237051a2c7a6e43c9bc7a74f)

24 / 68    (Adware)
install_neo4.exe  (808e33b0eb64c9ad57c541631e5226d8)

33 / 68    (Adware)
cpinstall_ecu1.exe  (74aaa7d185af0cf6d0f80d3cc1ed8978)

33 / 68    (Adware)
bt_ecu1.exe  (a94667ba5aac331e8d8238bda62303b9)

31 / 68    (Adware)
wd_id10.exe  (60dcc603873124a21be31608767ce7db)

19 / 68    (Adware)
bt_ecu3.exe  (04a92aaf31494efcba3c03fc0d044d5d)

16 / 68    (Adware)
bt_neo6.exe  (6373491eeb3e912bfcb0e2be5c6a862a)

30 / 68    (Adware)
wd_id02.exe  (f4ee94efff4c2b512474f06851b0d0b5)

9 / 68      (Adware)
bt_ecu4.exe  (4d52ca69ee5400a810a6623a91b37074)

26 / 68    (Adware)
btiupv32.exe  (6abd55fbdf818686ccb5a3c1d3f40309)

16 / 68    (Adware)
btipv32.exe  (1343665f0fba1b2e9ffb2ee2c38fed6e)

16 / 68    (Adware)
btivuninstall.exe  (0d7a0179bd39b35928d831914df2c090)

19 / 68    (Adware)
bt_ecu2.exe  (d8b9b3888fd513cba6a870150954433f)

11 / 68    (Adware)
btiupv32.exe  (ae2bddb5d54ecf33a269e2e3dad8b836)

 
Latest 30 of 51 files

The certificates below are also signed by JP Media Group.

5DCA728C6C583BA5620015FA14BE4148  (Nov 25, 2014 to Jan 24, 2017)

0264FB9EF73388FA8CADCF87B14D7C00  (Nov 21, 2011 to Nov 21, 2012)

Remove JP Media Group Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to JP Media Group by Thawte, Inc. on October 28, 2012 with the serial number '61f1a0d73ef91ea0ed864432a96cac0a'.