home

秦皇岛讯特计算机科技有限公司

Publisher Information

秦皇岛讯特计算机科技有限公司 is a software publisher located in 秦皇岛市, 河北省 in China*.
Authority:
WoSign eCommerce Services Limited

Valid from:
11/22/2012 7:35:24 AM

Valid to:
11/24/2013 4:03:06 AM

Subject:
E=917009@qq.com, CN=秦皇岛讯特计算机科技有限公司, O=秦皇岛讯特计算机科技有限公司, L=秦皇岛市, S=河北省, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1049cd2e62d4be

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Trend Micro House Call
TROJ_GEN.RCBH1BO, HV_DOWNLOADER_CH160366.UVPA, TROJ_GEN.R047H01FI13, TROJ_GEN.R047H06B415, TROJ_SPNV.03GS13
62.50%

McAfee
Artemis!1B1F4CCA3F53, RDN/FakeAV-Y.bfr!c, Generic.dx!15A4A9560DF9, Artemis!88B91A4A16B8, Artemis!B3A4964DBAA7
62.50%

Comodo Security
Heur.Suspicious, UnclassifiedMalware, ApplicUnwnt
50.00%

Quick Heal
TrojanDownloader.Genome.dhni, (Suspicious) - DNAScan, AdWare.Popuper.r5 (Not a Virus)
37.50%

VIPRE Antivirus
Trojan.Win32.Generic
37.50%

G Data
NSIS.Adware.BundleDL, Win32.Application.Agent.DXVFSO, Adware.Generic.512772
37.50%

NANO AntiVirus
Trojan.Win32.RDN.cqlmkj
37.50%

Panda Antivirus
Suspicious file, Trj/CI.A
37.50%

Avira AntiVirus
TR/Dropper.Gen2, TR/Agent.683160, Adware/Agent.539008
37.50%

IKARUS anti.virus
Trojan.Dropper, Win32.Malware, Trojan.Win32.Spy
37.50%

0 / 68
huobao_1_7844.exe  (f9863c277c4f9e3543d7ff3c09230885)

0 / 68
meinv_1_7766.exe  (886d60bd5a81d42b15fa0dd549e3f6b3)

0 / 68
rshowapp.exe (reconfig Module)  (2173a0c72af0870cf830d4026982d398)

0 / 68
meinv_1_7766.exe  (ce675af7fb5b02a8778bed322a943862)

15 / 68    (PUP)
doshow_76_1292.exe  (df882d167c430779750fd3324ed47973)

16 / 68    (PUP)
doshow_61_130514.exe  (b3a4964dbaa77c25369c49bd5b1eb71b)

0 / 68
resetup.dll  (086d6dba689f40fdcb5e13d8e2b752fd)

0 / 68
meinv_1_7844.exe  (50b1149fedaaecbd37764f34cf335e8a)

0 / 68
meinv_1_7766.exe  (4fa3ede06744c8b415a7b76669566a8d)

0 / 68
rshowpp.exe  (c56160112f5fc180393d77772f6b2dfe)

0 / 68
duoshowui.dll  (f1cea878c4d7ec70e30c90089235c13e)

6 / 68      (Malware)
rshowpp.exe  (88b91a4a16b85d85ab84cfb2147bc2e6)

0 / 68
dushowui.dll  (6bf529431e078e342844a7ee32f3578d)

4 / 68      (inconclusive)
rshowapp.exe (reconfig Module)  (15a4a9560df9a3aac7c1e28e46572503)

4 / 68
resetup.dll  (7c678913d3c9d6346bc15030d3135755)

1 / 68
rshowapp.exe (reconfig Module)  (3038ee5192234577417d5c152bcfac9e)

0 / 68
resetup.dll  (e7f7b14a468e1f81fafc843ddab1be48)

11 / 68    (PUP)
av_11_1.exe  (1b1f4cca3f532cde3bfceddcb5c64a5a)

0 / 68
dushowui.dll  (fe171b6f6c027a167071eb85b78d19d9)

0 / 68
rshowpp.exe  (a43c5359bcc7cce91702571ddf0b587c)

0 / 68
rshowapp.exe (reconfig Module)  (5bf2ab53fb479fbe2fa2513375c23902)

0 / 68
boobacc.exe  (feb33fe5e764bc9164b0219a1f7e83ec)

6 / 68      (inconclusive)
Booba.exe  (19e68912e63145f68ada546ad5d85742)

* Note, the details and description above are based on the code signing digital signature issued to 秦皇岛讯特计算机科技有限公司 by WoSign eCommerce Services Limited on November 22, 2012 with the serial number '1049cd2e62d4be'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.