home

Xin Zhou

Publisher Information

Xin Zhou is a software publisher located in Beijing, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 128 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
10/23/2015 3:00:00 AM

Valid to:
10/23/2016 2:59:59 AM

Subject:
CN=Xin Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
659a8a3384285135321373ababe9503d

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.XinZhou (M), PUP (M)
94.00%

Dr.Web
Adware.Mutabaha.906, Adware.Mutabaha.937, Adware.Mutabaha.937, Win32.FloodFix.7
34.00%

ESET NOD32
Win32/ELEX.FW potentially unwanted application, Win32/Floxif.H virus, Win32/ELEX.HC potentially unwanted application, Win32/ELEX.HD potentially unwanted application
20.00%

Microsoft Security Essentials
Threat.Undefined
12.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent, Virus.Win32.Pioneer, not-a-virus:AdWare.Win32.ELEX
10.00%

avast!
Win32:Pioneer-C, Win32:Evo-gen [Susp], Win32:PUP-gen [PUP]
10.00%

Norman
Win32.Floxif.A, Application.Elex.AN
10.00%

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
8.00%

VIPRE Antivirus
Threat.4760052, Threat.5085608
8.00%

F-Secure
Win32.Floxif.A, Riskware.Application.Elex.AN
8.00%

1 / 68      (Malware)
tmp0000000303a2018bb25252d0  (2292315bc31cbce8db841baa71c6677d)

1 / 68      (Malware)
tmp000000e31977dc4139cb3bac  (9c0c0edd86cb3706618252369687b32e)

1 / 68      (Malware)
acgpro.exe  (9f5b9cb0e9c667bcb8bd78b9076df951)

1 / 68      (Malware)
task.exe  (21df10a3123ef0affe5ff3eb6e4313ef)

1 / 68      (Malware)
server.exe  (d52c711721ff9d74ed2bed8de27771dc)

5 / 68      (PUP)
acgpro.exe  (2c0939f563c6a34c1627f5267ef37821)

1 / 68      (PUP)
gtkfree.exe  (be3f03a01249311473b6883b6259058a)

13 / 68    (PUP)
acgpro.exe  (04135c06d5eed8cbe3ffd849e1398a67)

14 / 68    (PUP)
gtkfree.exe  (bafb2be8ba1353cac42981e2f89212b2)

5 / 68      (PUP)
server.exe  (6ddd26656bc444ef3b91615da6781951)

4 / 68      (PUP)
task.exe  (791a1b8e1731fdbb800428905b7bcb21)

6 / 68      (PUP)
server.exe  (33245042587f590e985a1dc08b5be945)

1 / 68      (PUP)
server.exe  (3387d29c48e1932377725e188aadde0e)

1 / 68      (PUP)
task.exe  (fc19b250945a7a605aa02db5669d4085)

1 / 68      (PUP)
acgpro.exe  (40537b235d5f8d2410a48963c271ca8a)

1 / 68      (PUP)
acgpro.exe  (3eba707a22d4b39e3c9986fa08434399)

1 / 68      (PUP)
gtkfree.exe  (e8dc66e63d7f2e7322e9f1e629540fe8)

1 / 68      (PUP)
gtkfree.exe  (d2339bc43870cabcebf188416728a569)

1 / 68      (PUP)
acgpro.exe  (ba02dd98d9752e26e4a1e1f53a8da158)

1 / 68      (PUP)
server.exe  (635c488f7899f43383bbe5c837604f33)

4 / 68      (PUP)
task.exe  (0d30e72ef176c651ab21ee7e478002cc)

4 / 68      (PUP)
gtkfree.exe  (72eb69a95fefc56462c8f4dd3095999c)

13 / 68    (PUP)
gtkfree.exe  (cca69e69828edf62aa9e4f801ace133f)

3 / 68      (PUP)
task.exe  (549d790b9e91e475a63611ee90683f97)

2 / 68      (PUP)
acgpro.exe  (83badef8575e0a109e907b6b8d417db4)

2 / 68      (PUP)
gtkfree.exe  (be3f03a01249311473b6883b6259058a)

3 / 68      (PUP)
task.exe  (fc19b250945a7a605aa02db5669d4085)

2 / 68      (PUP)
task.exe  (fb1849e5736c4c168dddd46efab25c6a)

2 / 68      (PUP)
server.exe  (6241e628ba2d9e5f136bd2f1c4522edc)

1 / 68      (PUP)
task.exe  (777762195021014c17c69e02a3666a20)

 
Latest 30 of 50 files

The certificates below are also signed by Xin Zhou.

34EC9565805F34204C6966FB81E36BA1  (Oct 20, 2016 to Mar 23, 2017)

4CEAF4F1B7C2E1B181B9A1ED937F62A8  (Apr 19, 2016 to Mar 23, 2017)

1DB458BF0A340397741D916531FF4BF9  (May 16, 2016 to Mar 23, 2017)

35D1EE4E830E9AD6F6434327DEEF72FB  (Dec 16, 2016 to Mar 23, 2017)

367B2279015EA17AAEF655811E3FA5B5  (Aug 24, 2016 to Mar 23, 2017)

3A949EF03D9DD2D150B24B274FF6D7B4  (Sep 18, 2016 to Mar 23, 2017)

6B69B926445760937BFECE1A309DB4C3  (Nov 02, 2016 to Mar 23, 2017)

02609DC24BF7E7A35D9D62E80D1DA238  (May 17, 2016 to Mar 23, 2017)

060873F28E2AA77EB227ED0206DE534D  (Oct 31, 2016 to Mar 23, 2017)

1DC5A0A37C46BA7234C449900ACC757B  (Jul 11, 2016 to Mar 23, 2017)

10 of 128 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Xin Zhou by thawte, Inc. on October 23, 2015 with the serial number '659a8a3384285135321373ababe9503d'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.