UCF

Publisher Information

UCF is a software developer located in "Haeundae-gu ", Busan in Korea*. Thre are 3 additional code signing certificates issued to this publisher.
Remove UCF Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
5/18/2011 9:00:00 AM

Valid to:
5/18/2012 8:59:59 AM

Subject:
CN=UCF, O=UCF, L="Haeundae-gu ", S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
0eedb7f87e47e32e8fa0e92699dc69ad

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

VIPRE Antivirus
Trojan.Win32.Generic, Trojan.Win32.Generic.pak!cobra, Kraddare
100.00%

Reason Heuristics
PUP.Startup.UCF.M, PUP.Service.UCF.L, PUP.UCF.F, PUP.UCF.K, PUP.UCF (M)
100.00%

Trend Micro House Call
TROJ_FRAUD.GI, TROJ_GEN.RCEH1GE, TROJ_FAKEAV.EQA, PAK_Generic.001, TROJ_GEN.R0CBC0OIS14
83.33%

avast!
Win32:Adware-AZI [Adw]
83.33%

Comodo Security
UnclassifiedMalware
83.33%

ESET NOD32
Win32/Adware.Kraddare.GZ (variant), Win32/Adware.Kraddare.CC, Win32/Adware.Kraddare.CG (variant), Win32/Adware.Kraddare.AQ (variant)
83.33%

McAfee
Artemis!FD3B67054532, Generic FakeAlert.hh, Artemis!755A8C8A36A9, Artemis!A355F233BF71
66.67%

Malwarebytes
Adware.DownManager, Rogue.Micropop, Adware.K.RealCleaner, Rogue.K.WindowPC
66.67%

Trend Micro
TROJ_FRAUD.GI, TROJ_FAKEAV.EQA, PAK_Generic.001, TROJ_GEN.R0CBC0OIS14
66.67%

Kingsoft AntiVirus
Win32.Troj.Kraddare.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.Troj.Generic.(kcloud), Win32.Troj.Adwaregd.kf.(kcloud)
66.67%

14 / 68    (Adware)
sotab.dll  (a355f233bf717fef55957a727fcd58d3)

35 / 68    (Adware)
windowpcU.exe (windowpc by UCF)  (755a8c8a36a97c338b33dec4927f2666)

43 / 68    (Adware)
datamodify.EXE  (d9fd3fd4ac002b835acefb37ab425c82)

3 / 68      (Adware)
sotab.exe  (fbb87ecb575f5f587f5f5099bf8bad73)

8 / 68      (Adware)
mpopservice.exe (MPopServic by UCF)  (be14f1664e31c931afa960a66b4dd93e)

41 / 68    (Adware)
downmanagerU.exe (downmanagerU by UCF)  (fd3b67054532e53fd79ae407b6f47a22)

The certificates below are also signed by UCF.

5C486B28674FE118251400311CA913D9  (Jul 03, 2013 to Aug 03, 2014)

515CF82EE849A6D6D3BE2DBC94DC062A  (May 09, 2012 to Jul 09, 2013)

7EF60F738FD75ED16633695ABC394E46  (Dec 13, 2011 to May 22, 2012)

Remove UCF Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to UCF by Thawte, Inc. on May 18, 2011 with the serial number '0eedb7f87e47e32e8fa0e92699dc69ad'.