home

Jinnan Wu

Publisher Information

Jinnan Wu is a software developer located in Beijing, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 50 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
4/29/2016 7:00:00 AM

Valid to:
1/18/2017 6:59:59 AM

Subject:
CN=Jinnan Wu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
65b3c9b68fc08bfb2f98399f8394af86

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Elex.JinnanWu.Meta (M), Adware.Elex.JinnanWu.Meta (M), PUP.HoHoSearch (M), Adware.Elex.Qksee.Meta (M), PUP.Elex.Qksee.Installer.Meta (M), Adware.Elex (M), Adware.Elex.Qksee (M), PUP.Elex.Qksee (M), PUP.Elex (M)
87.76%

Dr.Web
Adware.Mutabaha.1230, Win32.Wplugin.2, Adware.Mutabaha.1230, Adware.Mutabaha.1238, Adware.Mutabaha.1237, Adware.Mutabaha.1296, Win32.Wplugin.1
18.37%

Microsoft Security Essentials
Threat.Undefined
18.37%

McAfee
Virus.W32/HLLP.41472, Virus.W32/Wplugin, Trojan.Artemis!8BBF8521AB30, Trojan.RDN/Generic PUP.x
16.33%

ESET NOD32
Win32/ELEX.HW potentially unwanted application, Win32/Slugin.A virus, Win32/Agent.NAG virus, Win32/ELEX.HU potentially unwanted application
12.24%

Norman
Gen:Variant.Razy.38942, Win32.SlugIn.A, Trojan.GenericKD.3210863
12.24%

Emsisoft Anti-Malware
Gen:Variant.Razy.38942, Win32.SlugIn, Trojan.GenericKD.3210863
10.20%

F-Prot
W32/Neshta.A!Generic, W32/Slugin.B
10.20%

avast!
Win32:Crypt-SKC [Trj], Win32:Patched-JI
10.20%

F-Secure
Variant.Razy.38942, Win32.SlugIn.A
8.16%

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (8bbf8521ab302aba397a99edfde33e53)

1 / 68      (PUP)
dzkcmjw.exe  (5d184dcb8c8f99cfcdcdb06c1eeb575e)

1 / 68      (PUP)
qksee.exe (qksee by Qksee Pvt)  (bf71b3c3381b778abef7ad043e5f06a6)

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (8bbf8521ab302aba397a99edfde33e53)

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (854346c026b2815dc6fcb4f9672f7783)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (1366d5e0c4050364bc698556c0eedd77)

1 / 68      (PUP)
myuser.exe  (1c37d5468811779ee9c0392757009aaa)

1 / 68      (PUP)
qkdl.exe (qksee by Qksee Pvt)  (55ce23f906390bce181bef6b83c84c70)

1 / 68      (PUP)
dzkcmjw.exe  (a555c3f1e908c6f70beaba956c64a67f)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (5e4626964d54ae07751d3d6a8ffcfd4f)

1 / 68      (PUP)
dzkcmjw.exe  (fe26e6e34d019e60ee2a534d84f8c7db)

1 / 68      (PUP)
myuser.exe  (c16b2a1a55f76ae9af0f98ac2624b3fa)

1 / 68      (PUP)
Uninstall.exe (qksee by Qksee Pvt)  (a0c9d89734d8cc7b8c74a01f97b8ca62)

1 / 68      (PUP)
Uninstall.exe (qksee by Qksee Pvt)  (b8c9d9fe15682b70d891f0aca6de9291)

1 / 68      (PUP)
myuser.exe  (5b04f98ee8434f688bf9dd00995de366)

1 / 68      (PUP)
exnvd.exe  (bbe95720aab08780fb15d551fdd129ab)

1 / 68      (PUP)
dzkcmjw.exe  (9855b25a4031504662bc3a2283c8b38a)

1 / 68      (PUP)
Uninstall.exe (qksee by Qksee Pvt)  (8649ea6e6b657535d0d3c8cc571d9973)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (880cada8939daa08b9dee52aec679318)

1 / 68      (PUP)
qksee.exe (qksee by Qksee Pvt)  (33d8fec8bb62a6794da8cbb255d5c648)

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (51e33eb5ded788a2dcc0778511ce7791)

1 / 68      (PUP)
myuser.exe  (32be50afe5284a1ba024a1fe46be8ed3)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (b382ebdd585fa7d54111cd9cfae29558)

0 / 68
zlib1.dll (zlib)  (cb6c9d0615b956d2f07ba905ec830a74)

2 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (f5a1cbef44c5af35dfa6c8246f73b36e)

1 / 68      (PUP)
qks.exe  (5359db925c3d626f48ebb5cea999a50e)

1 / 68      (PUP)
Uninstall.exe (qksee by Qksee Pvt)  (aabb9c0493c7c7e5b6deec9d0a55fe2c)

1 / 68      (PUP)
qksee.exe (qksee by Qksee Pvt)  (a1e875eed5a48f86575fdc9703331aa9)

1 / 68      (PUP)
qkdl.exe (qksee by Qksee Pvt)  (c467c23d4c5f53e4ba139e41a5ab95f2)

1 / 68      (PUP)
myuser.exe  (60590ba832513585a8bb7044a141af05)

 
Latest 30 of 84 files

The certificates below are also signed by Jinnan Wu.

6ECBC3532E98D7E46FBB30356BBC3891  (Aug 16, 2016 to Jan 18, 2017)

705DA81E30855999BF51AE10B6CD259A  (Aug 30, 2016 to Jan 18, 2017)

02C9891C691E3A392587D448059C2998  (Apr 19, 2016 to Jan 18, 2017)

18229C0F3250464B242D5DD76615C1EC  (Jan 18, 2016 to Jan 18, 2017)

1C616CDB4B340E2663ED8917D6C79F59  (Jul 07, 2016 to Jan 18, 2017)

1DFEB55D3D5F00F08ECABA69C8A687CA  (Aug 03, 2016 to Jan 18, 2017)

2ACD3D3D3B8DB87E84787577AE013208  (Sep 13, 2016 to Jan 18, 2017)

4E2606B2C9EA9EF64A37654A8FAC0D71  (Jun 16, 2016 to Jan 18, 2017)

6660F513F20AD5EFE5316715A1FD2B7F  (Jun 28, 2016 to Jan 18, 2017)

6D8446650B66D918337964A70120EAC2  (Sep 14, 2016 to Jan 18, 2017)

10 of 50 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Jinnan Wu by thawte, Inc. on April 29, 2016 with the serial number '65b3c9b68fc08bfb2f98399f8394af86'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.