Qzoneinteractive

Publisher Information

Qzoneinteractive is a software publisher located in Gwangjin-gu, Seoul in Korea*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 3 additional code signing certificates issued to this publisher.
Remove Qzoneinteractive Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
11/14/2011 9:00:00 AM

Valid to:
11/14/2012 8:59:59 AM

Subject:
CN=Qzoneinteractive, OU=EC Team, O=Qzoneinteractive, L=Gwangjin-gu, S=Seoul, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
51790de8cff3fb8e48d3e671f9021d0b

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Qzoneinteractive, PUP.Qzoneinteractive (M)
78.26%

Comodo Security
UnclassifiedMalware, Heur.Suspicious, TrojWare.Win32.Agent.~tgr, TrojWare.Win32.Trojan.Agent.Gen
34.78%

ESET NOD32
Win32/Adware.Kraddare.GK (variant), Win32/Adware.Kraddare.FJ (variant)
26.09%

Malwarebytes
Adware.Korad, Trojan.Banker, Adware.KorAd
17.39%

VIPRE Antivirus
Trojan.Win32.Generic
17.39%

IKARUS anti.virus
Trojan-Banker.Win32.Banker, Trojan-Downloader.Win32.Genome, Trojan-Spy.Banker, Trojan.SuspectCRC
17.39%

Panda Antivirus
Trj/Genetic.gen, Trj/CI.A, Suspicious file
17.39%

MicroWorld eScan
Application.Generic.409765, Application.Generic.439804, Trojan.Generic.KD.810582
13.04%

McAfee
GenericTRA-BM!79ED120A3AC1, Generic PUP.t, GenericTRA-AF!DEAD6A3FCD34
13.04%

Trend Micro House Call
ADW_KRADDARE, ADW_CLOUDPOP
13.04%

1 / 68      (PUP)
uninstall_cloudpop.exe  (3875f90bd6906fc6386f47579507bd2f)

1 / 68      (PUP)
SNSlide.exe (SNSlide Module)  (4e64ba32129b679376885ef29d33cdf2)

1 / 68      (PUP)
SNUpdate.exe (SNUpdate Module)  (cab7b3074b68f2423d0835e76f151847)

1 / 68      (PUP)
snchksvc.exe  (f2f40bfc83dae71480a06f5d36766aac)

1 / 68      (PUP)
cloudpop_.exe  (d23db8dd79ba96652f03e56f9b9082de)

1 / 68      (PUP)
QZUpdate.exe (QZUpdate Module)  (51e003ac25d9909598b1982a54fa3ab9)

1 / 68      (PUP)
QZDownMgr.dll  (bc0a66e99da7ae5f4db35f1f4b5aa0bf)

1 / 68      (PUP)
IEQZone.dll  (ea51953351b9b744bfa57f596657d7fb)

1 / 68      (PUP)
cloudpop_rapi001.exe  (a604ed6788b06b165580883544ebb668)

1 / 68      (PUP)
b808e4a2-b290-4617-89a2-292b5e20af9d.exe  (25d895121b276230ec75776bbac99223)

1 / 68      (PUP)
QuickZone.exe (QuickZone Module)  (81350499a2b55686eb191f710082e749)

1 / 68      (PUP)
QZoneRemove.exe (QZoneRemove Module)  (4665e8da55462fa0d83fe9e0f5161620)

1 / 68      (PUP)
qznewver.exe (qznewver Module)  (c5db51da709011fb1c12d1530c7b2a56)

1 / 68      (PUP)
KongGaCtrl.dll  (99ff07fb68132698a4c3cba0f77c7de9)

3 / 68      (PUP)
KGAUpdate.exe (KGAUpdate Module)  (b45b4c1619dbb398bb23180b69a3b607)

4 / 68      (PUP)
KGAUninst.exe (KGAUninst Module)  (17cfdaa80fbf8aad4a5832ddbe47fe11)

3 / 68      (PUP)
KGAAlert.exe (KGAAlert Module)  (bfd40688f88104ec907cbb5b5884c394)

5 / 68      (PUP)
KongGaSvcApp.exe (KongGaSvcApp Module)  (b052b3db990c850c1d6ddf1fce80fd2f)

10 / 68    (PUP)
uninstall.exe  (9abcc869260bb82fea880a62d842f4e9)

23 / 68    (PUP)
cloudpop.exe  (dead6a3fcd343d016db2c290d7f677f6)

29 / 68    (PUP)
cloudpop_attpo.exe  (325d666953bc85c5bad14a61df8daa24)

28 / 68    (PUP)
adhelp_zhfhsk.exe  (79ed120a3ac19046a518b3172dfc8399)

1 / 68      (PUP)
kgachksvc.exe  (7031db3946ecb273a90d66c2ae979bc4)

The certificates below are also signed by Qzoneinteractive.

07F8FA305F2BC9DE492EE1D748E01DDE  (Dec 15, 2014 to Feb 14, 2016)

0ED8386A77DD8C93F3CA811C375EA680  (Nov 30, 2013 to Dec 31, 2014)

7F237568BB838B3E163705A7365EEC19  (Nov 03, 2012 to Dec 04, 2013)

Remove Qzoneinteractive Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Qzoneinteractive by Thawte, Inc. on November 14, 2011 with the serial number '51790de8cff3fb8e48d3e671f9021d0b'.