home

Uninstall.exe

qksee

Jinnan Wu

The application Uninstall.exe by Jinnan Wu has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program qksee by Taiwan Shui Mu Chih Ching Technology Limited.
Publisher:
Qksee Pvt Ltd.  (signed by Jinnan Wu)

Product:
qksee

Version:
3.1.0.0

MD5:
a878ecb7ed3f12a2431e8793cbb202e2

SHA-1:
2346b8c7255f8cf14d44900726358f58331c8ed5

SHA-256:
926732b1bba567a69b29ea70a12d7945f00df399138bb3f84f6a24d31b8c923b

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/5/2024 7:22:48 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Elex.Qksee (M)
16.8.13.5

File size:
1.4 MB (1,456,408 bytes)

Product version:
3.1.0.0

Copyright:
Copyright (c) 2015 Qksee Pvt Ltd. All Rights Reserved.

Original file name:
Uninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\qksee\uninstall.exe

Digital Signature
Signed by:
Jinnan Wu

Authority:
thawte, Inc.

Valid from:
4/18/2016 9:00:00 PM

Valid to:
1/17/2017 9:59:59 PM

Subject:
CN=Jinnan Wu, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
02C9891C691E3A392587D448059C2998

File PE Metadata
Compilation timestamp:
4/20/2016 2:27:12 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:JZySHIeyNFBN6vQQoHcRExuXhlJm9KIKZHiP401SHC9QaOlXC2RTGegmYevMkmAf:3ySoReAKjS1jQaOR3TGsmSDCKZdJ

Entry address:
0xB5252

Entry point:
E8, 32, BB, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, FF, 75, 0C, 6A, 00, FF, 75, 08, 68, F5, C7, 4B, 00, E8, 05, 00, 00, 00, 83, C4, 10, 5D, C3, 55, 8B, EC, 83, EC, 20, 57, 6A, 07, 33, D2, 59, 33, C0, 8D, 7D, E4, 89, 55, E0, F3, AB, 5F, 39, 45, 0C, 75, 15, E8, 1D, 0E, 00, 00, C7, 00, 16, 00, 00, 00, E8, CB, 73, 00, 00, 83, C8, FF, C9, C3, FF, 75, 14, 8D, 45, E0, FF, 75, 10, C7, 45, E4, FF, FF, FF, 7F, FF, 75, 0C, C7, 45, EC, 42, 00, 00, 00, 50, 89, 55, E8, 89, 55, E0, FF, 55, 08, 83, C4, 10, C9, C3, E9, 2A...
 
[+]

Code size:
899.5 KB (921,088 bytes)

Program Uninstaller
Program name:
qksee

Display publisher:
Taiwan Shui Mu Chih Ching Technology Limited

Uninstall string:
C:\Program Files (x86)\qksee\uninstall.exe


Remove Uninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.