home

UCF

Publisher Information

UCF is a software developer located in "Haeundae-gu ", Busan in Korea*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
5/18/2011 9:00:00 AM

Valid to:
5/18/2012 8:59:59 AM

Subject:
CN=UCF, O=UCF, L="Haeundae-gu ", S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0eedb7f87e47e32e8fa0e92699dc69ad

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.UCF (M), PUP.UCF.Installer (M), PUP (M)
100.00%

1 / 68      (Adware)
topboanU.exe (topboan updater by UCF)  (f3ae687daf1c3f2a62112470d2a3c7ff)

1 / 68      (Adware)
conditionaldata.EXE  (534a927b86afcc7f175166f4770789d8)

1 / 68      (Adware)
smartsafersetup_very.exe (smartsafer installer by UCF)  (4d168f1ac649216ec8cc4ca1d61a1c4a)

1 / 68      (Adware)
smartmode_se.exe (smartmode_se by UCF)  (847619047f4bd261127425ac9af6b27d)

1 / 68      (Adware)
firstvaccinesetup_king.exe (firstvaccine Installer by UCF)  (80fbe84d1f1015ff17b31a345a642dc2)

1 / 68      (Adware)
smartmode_setup_first.exe (smartmode_setup by UCF)  (8f87b3f0658f02b922f6193ea655cc2c)

1 / 68      (Adware)
downmanager_setup.exe (downmanager installer by DG Networks)  (4d4dc889b6e6a44afdd345151a4d80e3)

1 / 68      (Adware)
smartmode.dll (SmartModeT Module)  (1fd749cae8e6e0c87b7b47f47298b2b2)

1 / 68      (Adware)
uninst_keepprotect.exe (uninst_keepprotect by UCF)  (20ffde4ea38457e752cc08d18d5fc859)

1 / 68      (Adware)
uninst_easyboan.exe (uninst_easyboan by UCF)  (bb0d35c35981200d08d4f23356e04157)

1 / 68      (Adware)
MicropopU.exe (MicropopU by UCF)  (c4b09f326c630e51e7effea8f0ce2952)

1 / 68      (Adware)
EGutil.dll (multicare by UCF)  (3d1abc9527c933eb5ef88e1f187dbf2d)

1 / 68      (Adware)
MicropopU.exe (MicropopU by DG Networks)  (7efb7c1e646461ead068123c7ea2a55b)

1 / 68      (Adware)
smartmode.dll (SmartModeT Module by UCF)  (243c59987bea35a871360ff612a96c72)

1 / 68      (Adware)
tmp000000017cf805c111501c1f (SmartModeT Module by UCF)  (1646fe6cf4f6ce9961d5ce8a27dc5c0c)

1 / 68      (Adware)
smartmode.dll (SmartModeT Module)  (d5c310c32ea05f31b4efcd6fae3660cc)

1 / 68      (Adware)
easysafesetup_perfect.exe (easysafe installer by UCF)  (568571abbbd7703d5af3d601c28e0e9b)

1 / 68      (Adware)
checkcleansetup_soft.exe (checkclean installer by UCF)  (59cc7fa1a4ce3d05145cbb6b12274223)

1 / 68      (Adware)
WindowPCEngine.EXE  (dcf4b764dadecf4fb3b8ba3b251481d5)

1 / 68      (Adware)
WindowPC.EXE  (a7d62ad03fcf4f88db15245ad82b5ea4)

1 / 68      (Adware)
4154536_7z921.exe (utilzoa file downloder by UCF)  (cc0c8505011f491a905750c86e7800bc)

1 / 68      (Adware)
smartmode.dll (SmartModeT Module)  (49c9d54f76cb395726989c3e36ec8e9e)

1 / 68      (Adware)
systemposy.exe (SmartSupporter by UCF)  (4f0d0cb7bcd91ea9974756eaa766b645)

1 / 68      (Adware)
uninst_topboan.exe (uninst_topboan by UCF)  (db5dd2a01364a82f5b1717d171db173b)

1 / 68      (Adware)
zlib1.dll (zlib)  (4dc5c09aee2a3ce5311b7d545f202c18)

1 / 68      (Adware)
scom1.dll  (a1e145bf6534d953d158efb0eb941b5e)

1 / 68      (Adware)
ReadHwpDocDll.DLL (ReadHwpDocDll by UCF)  (2318f4ba430d58def70891ca990d4899)

1 / 68      (Adware)
msBinStringReader.DLL (msBinStringReader by UCF)  (24c7d436951465582c47b7d588c02a52)

1 / 68      (Adware)
mftSearch.DLL (mftSearch by UCF)  (00001f0d9c26052c753b7ebaaccf4645)

1 / 68      (Adware)
boancheckU.exe (boancheck updater by UCF)  (403599d4f25fe64de254e1e9ac0cdf88)

 
Latest 30 of 80 files

The certificates below are also signed by UCF.

5C486B28674FE118251400311CA913D9  (Jul 03, 2013 to Aug 03, 2014)

515CF82EE849A6D6D3BE2DBC94DC062A  (May 09, 2012 to Jul 09, 2013)

7EF60F738FD75ED16633695ABC394E46  (Dec 13, 2011 to May 22, 2012)

* Note, the details and description above are based on the code signing digital signature issued to UCF by Thawte, Inc. on May 18, 2011 with the serial number '0eedb7f87e47e32e8fa0e92699dc69ad'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.