Qzoneinteractive

Publisher Information

Qzoneinteractive is a software publisher located in Gwangjin-gu, Seoul in Korea*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
11/30/2013 9:00:00 AM

Valid to:
12/31/2014 8:59:59 AM

Subject:
CN=Qzoneinteractive, O=Qzoneinteractive, L=Gwangjin-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0ed8386a77dd8c93f3ca811c375ea680

Scanner detections:
Detections  (90% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Qzoneinteractive, PUP.Qzoneinteractive, PUP.Qzoneinteractive (M), PUP.Qzoneinteractive.Installer (M), PUP.Qzoneint.Installer (M), PUP (M)
83.33%

ESET NOD32
Win32/Adware.Kraddare.FJ (variant), Win32/AdWare.Kraddare.JP (variant)
52.38%

Comodo Security
ApplicUnwnt
50.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
45.24%

Baidu Antivirus
Adware.Win32.Kraddare
45.24%

AVG
Generic
42.86%

Trend Micro House Call
TROJ_GEN.F47V0206, TROJ_GEN.F47V0212, Suspicious_GEN.F47V0718, TROJ_GEN.F47V0708, Suspicious_GEN.F47V0123
38.10%

VIPRE Antivirus
Trojan.Win32.Generic
23.81%

McAfee
Artemis!AED0669D20B5, Artemis!F50C6E1CD124, Artemis!9909B6E71BA1, Artemis!5737A9039647, Artemis!753A2F0F5900
23.81%

MicroWorld eScan
Gen:Variant.Adware.Symmi.36013, Gen:Variant.Strictor.75892, Gen:Variant.Graftor.172431
19.05%

1 / 68      (Malware)
o2s_namu9.exe (O2PopSetup Module)  (045badce5f9e427684d42f25eae4581d)

1 / 68      (PUP)
onp_solution8.exe (O2PopSetup Module)  (298b6ecd1b152f29fdb91a721fea1bd2)

1 / 68      (PUP)
o2s_namu7.exe (O2PopSetup Module)  (065564ea6c3a48dbe7afd886a3d6b0fd)

1 / 68      (PUP)
onoffp_solution3.exe (O2PopSetup Module)  (ce34989adbe7ba17aadea1bfb621119f)

1 / 68      (PUP)
OnOffPop.exe (OnOffPop Module)  (f2011b8a2a0c9a5b96b6f9b0f63a49fc)

1 / 68      (PUP)
o2s_namu5.exe (O2PopSetup Module)  (7e93b97614cc6f850fbcba52c651050b)

1 / 68      (PUP)
o2s_namu4.exe (O2PopSetup Module)  (535cf2d8ee68ca97334a903331d34845)

5 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (142ba5c9f1fa04a879e46523cb17ed7f)

17 / 68    (PUP)
O2Update.exe (O2Update Module)  (c88e31b74c0c1815f5fdfd91dadbddb3)

16 / 68    (PUP)
O2Guard.exe (O2Guard Module)  (b41a326486aa38f415a7d8a2226e94f8)

9 / 68      (PUP)
OnOffPop.exe (OnOffPop Module)  (ff5b7965482208459d4f8bdbc6d90e86)

5 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (c87345d0b01e3c22f6033692571c9d41)

5 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (a2d4d85f35db45bc2a5a219868a6e681)

17 / 68    (PUP)
O2Update.exe (O2Update Module)  (106e2167b8c6d89111e408dd025f3a28)

16 / 68    (PUP)
O2Guard.exe (O2Guard Module)  (e6dc4d04bbd4939937d306a2e0b66c50)

3 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (44bff7f392b1384b4b97731b5f5f2a44)

17 / 68    (PUP)
O2Update.exe (O2Update Module)  (753a2f0f59007f30cc791f36cdf51601)

16 / 68    (PUP)
O2Guard.exe (O2Guard Module)  (5737a90396473d0b6de5d422b27c16ae)

9 / 68      (PUP)
OnOffPop.exe (OnOffPop Module)  (9909b6e71ba1dcd14d9d852f01f1d98a)

4 / 68      (PUP)
O2Update.exe (O2Update Module)  (6954c3b39468b451579cf4b6b5156875)

5 / 68      (PUP)
O2Guard.exe (O2Guard Module)  (f50c6e1cd1247cc575849adc8b90d845)

4 / 68      (PUP)
OnOffPop.exe (OnOffPop Module)  (67f331e885796d0b9bee3a3a46d123e6)

2 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (4b2e15985a8068154c2cfaa57c5643fe)

6 / 68      (PUP)
RemoveTAM.exe (RemoveTAM Module)  (de687046c622a94ca57e696e772770f6)

13 / 68    (PUP)
TheAM.exe (TheAM)  (aed0669d20b50da34939495d3da24fce)

1 / 68      (PUP)
criteonow.toast.exe  (c899b7d9d79fc2c5576e5f7b43e4782c)

4 / 68      (PUP)
O2Sch.exe (O2Sch Module)  (834a3d732b7c502021923fbc3dd0ffdd)

4 / 68      (inconclusive)
O2Update.exe (O2Update Module)  (2aa3b805139a825f9b16ddb22ec875ad)

4 / 68      (inconclusive)
O2Guard.exe (O2Guard Module)  (36367e5d7806952a02e74968fc9a32c6)

4 / 68      (PUP)
OnOffPop.exe (OnOffPop Module)  (45da981dcaac5daa9552919520f7ab8f)

 
Latest 30 of 42 files

The certificates below are also signed by Qzoneinteractive.

07F8FA305F2BC9DE492EE1D748E01DDE  (Dec 15, 2014 to Feb 14, 2016)

7F237568BB838B3E163705A7365EEC19  (Nov 03, 2012 to Dec 04, 2013)

51790DE8CFF3FB8E48D3E671F9021D0B  (Nov 14, 2011 to Nov 14, 2012)

* Note, the details and description above are based on the code signing digital signature issued to Qzoneinteractive by Thawte, Inc. on November 30, 2013 with the serial number '0ed8386a77dd8c93f3ca811c375ea680'.