UCF

Publisher Information

UCF is a software developer located in Haeundae-gu, Busan in Korea*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Remove UCF Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
5/9/2012 9:00:00 AM

Valid to:
7/9/2013 8:59:59 AM

Subject:
CN=UCF, O=UCF, L=Haeundae-gu, S=BUSAN, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
515cf82ee849a6d6d3be2dbc94dc062a

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.UCF.Installer (M), PUP.UCF (M)
100.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Generic.(kcloud)
26.00%

AVG
Generic5, MalSign.Skodna, Suspicion: unknown virus, Downloader.Zlob
26.00%

avast!
Win32:Adware-ARQ [PUP], Win32:Adware-AZI [Adw], Win32:Adware-ARM [Adw], Win32:Adware-ANI [Adw], Win32:Adware-AUH [Adw]
24.00%

Comodo Security
ApplicUnwnt, UnclassifiedMalware
24.00%

McAfee
Artemis!414994B3F15C, Artemis!4D1F8674B61E, Artemis!31833710D4E7, Artemis!173093680929, Artemis!DEAF523492E3, Generic FakeAlert.hh, Artemis!3D17CD9B7FD0
22.00%

McAfee Web Gateway
Artemis!414994B3F15C, Artemis!31833710D4E7, Artemis!173093680929, Artemis!DEAF523492E3, Heuristic.BehavesLike.Win32.Suspicious-DTR.G
22.00%

ESET NOD32
Win32/Adware.Kraddare.EB (variant), Win32/Adware.Kraddare.FV (variant), Win32/Adware.Kraddare.GZ (variant), Win32/Adware.Kraddare.CG (variant)
22.00%

AhnLab V3 Security
PUP/Win32.Security, PUP/Win32.SmartMode, PUP/Win32.UserChange, PUP/Win32.Downloader, PUP/Win32.WindowCure, PUP/Win32.UCF
22.00%

Malwarebytes
Rogue.Pcreport.K, Rogue.LiveService, Rogue.SystemService, Adware.Korad, Adware.K.SmartMode, Adware.Kraddare, Rogue.K.Vaccine
18.00%

1 / 68      (Adware)
userconditionreset.exe (by UCF)  (c4450b45d8c44c8061c6cb37a910c4ef)

1 / 68      (Adware)
pcsystemsetup_kongga.exe (pcsystem installer by UCF)  (94a4cd2342a5423e86cdd4e6da56851e)

1 / 68      (Adware)

1 / 68      (Adware)
microservice.exe (microservice by UCF)  (8e078f858101a7456de1d1e131cf68ce)

1 / 68      (Adware)

1 / 68      (Adware)
internetdownloadlauncher.dll (DownLauncher Module by UCF)  (0ad0e208257208c35024af74026bca20)

1 / 68      (Adware)
InternetDownload.EXE (InternetDownload by UCF)  (aa44d54a39686c9ab7fc45e518c8227e)

1 / 68      (Adware)
smartmode_setup_top2.exe (smartmode_setup by UCF)  (2afb74164428cbc0fae674f3bb4e1901)

1 / 68      (Adware)
microservice_setup_util.exe (microservice by UCF)  (9b4b030972a1abbc37484f9e29fa72ee)

1 / 68      (Adware)
smartmodeu.exe (smartmodeu by UCF)  (820a5f3135ef07aa336e081c537c6a07)

1 / 68      (Adware)
하이스피드.exe (highspeed installer by UCF)  (4107b9bb9b4b31ca8b680374b97d224a)

1 / 68      (Adware)

1 / 68      (Adware)
vaccinebarsetup_pop.exe (vaccinebar by UCF)  (4f8d06f895ecc4697e56cd50c0e7b2ac)

1 / 68      (Adware)

1 / 68      (Adware)
smartmode_setup_pop.exe (smartmode_setup by UCF)  (66959aec45d0496db11018f83dc24dc9)

1 / 68      (Adware)
pcsystemsetup_pop.exe (pcsystem installer by UCF)  (d4317fb69e65c36af763f1228c419db7)

1 / 68      (Adware)
pcpowersetup_pop.exe (pcpower installer by UCF)  (2c5c8cc6fa729d3c7885254d8848242e)

1 / 68      (Adware)

1 / 68      (Adware)
enteringsetup_upservice.exe (entering by UCF)  (23ad028b70f23d4dc6eff04ce5b2aacd)

1 / 68      (Adware)
infocoverBK.exe (infocoverBK by UCF)  (c95d8d16efd238a32a7e8bf2f3e4e9f5)

1 / 68      (Adware)
infocover.exe (infocover by UCF)  (29a8a94daca6e60921c41eb40739b103)

1 / 68      (Adware)
userstartu.exe (userstartu by UCF)  (1ac85b8f54b8b7bd7f1fe57524295d5a)

1 / 68      (Adware)

1 / 68      (Adware)
highspeedsetup_good2.exe (highspeed installer by UCF)  (363c910b635416a2228e109e6bbf2020)

1 / 68      (Adware)
system-serviceu.exe (system-serviceu by UCF)  (c1d5fac9359657d4fc31bbda90aaabab)

1 / 68      (Adware)
softwareupdate.exe (softwareupdate by UCF)  (8f3237d2c87f0f35eacbd11b03f47af3)

1 / 68      (Adware)
internetdownloadU.exe (internetdownloadU by UCF)  (e7d0a143a5464d56b9a4fa6950be3b64)

1 / 68      (Adware)
windowcomse.exe  (2c483156f4d39b96a0f47595802e884b)

1 / 68      (Adware)
speedsetse.exe  (849b55597a17dd622f78636247d36edb)

1 / 68      (Adware)
inforesetupdate.exe (by UCF)  (bbc5d8d851ccc661b94af2bde401f038)

 
Latest 30 of 110 files

The certificates below are also signed by UCF.

5C486B28674FE118251400311CA913D9  (Jul 03, 2013 to Aug 03, 2014)

7EF60F738FD75ED16633695ABC394E46  (Dec 13, 2011 to May 22, 2012)

0EEDB7F87E47E32E8FA0E92699DC69AD  (May 18, 2011 to May 18, 2012)

Remove UCF Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to UCF by Thawte, Inc. on May 09, 2012 with the serial number '515cf82ee849a6d6d3be2dbc94dc062a'.