home

CJ Mooter Inc.

Publisher Information

CJ Mooter Inc. is a software publisher located in Gangnam-gu, Seoul in Korea*. The company is a primary distributor of unwanted software. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
5/1/2013 9:00:00 AM

Valid to:
8/1/2014 8:59:59 AM

Subject:
CN=CJ Mooter Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CJ Mooter Inc., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
67b841ad06bf7c23c9b3bc83920c4f94

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CJMooter (M), PUP.CJMooter.Installer (M), PUP (M)
100.00%

1 / 68      (Adware)
WinExpand_nmog.dll (WinExpand_nmog Module)  (9bd48a212bfa400a11219646b2317135)

1 / 68      (Adware)
WinExpandPu_nmog.dll (WinExpandPu_nmog Module)  (288beca62027c525267e05fc4bf4410f)

1 / 68      (Adware)
winexpandsetup_cyold.exe (WinExpandSetup_cyame by CJMooter)  (6f90459dacb63ad87e4dfdd78c3004d3)

1 / 68      (Adware)
winxpendup_s4fhk.exe  (85189ef837ab7fa8b27234111e2bfb4a)

1 / 68      (Adware)
WinExpand_s4fhk.dll (WinExpand_s4fhk Module)  (82aaf588089a88fb94a86ba6796b9ac1)

1 / 68      (Adware)
WEUninstall_s4fhk.exe (WEUninstall_s4fhk by CJMooter)  (b4266434fdf42d50d8e6a04b421f3766)

1 / 68      (Adware)
winxpendup_s2uzg.exe  (f4fd966b1043454c975f680efe857cb9)

1 / 68      (Adware)
WinExpand_s2uzg.dll (WinExpand_s2uzg Module)  (96f3ac86304a6e2a53ee58493fb78d02)

1 / 68      (Adware)
WEUninstall_s2uzg.exe (WEUninstall_s2uzg by CJMooter)  (474f3c7dfa9a30a2a10a04d3c53c6815)

1 / 68      (Adware)
winxpendup_s2ind.exe  (3e50990f327e4ba88d1b4567b672fcb8)

1 / 68      (Adware)
WEUninstall_s2ind.exe (WEUninstall_s2ind by CJMooter)  (deaa72c70ad4fdff72ef1c4de0dbf02d)

1 / 68      (Adware)
WinExpandSetup_vipdisk.exe (WinExpandSetup_vipdisk by CJMooter)  (2e619e69cd794f4480b049e94e3dc4ef)

1 / 68      (Adware)
WinExpand_s2ind.dll (WinExpand_s2ind Module)  (88e20e96462f18d1aa42383dc40a84dc)

1 / 68      (Adware)
winexpanddmn_nwcod.dll  (b2b2515916a606a2268de2d8ca6e01e3)

1 / 68      (Adware)
WinExpandSetup_utillzzang.exe (WinExpandSetup_utillzzang by CJMooter)  (50e8d7a3610f83bb7046428838ef7a64)

1 / 68      (Adware)
WinExpandSetup_softwareupdate.exe (WinExpandSetup_softwareupdate by CJMooter)  (905fb151d20e301daaf91bf6c3990e40)

1 / 68      (Adware)
WinExpandSetup_dudusoft.exe (WinExpandSetup_dudusoft by CJMooter)  (c9f09d755d7ef41952cfd1830c242b07)

1 / 68      (Adware)
WinExpand_s4swe.dll (WinExpand_s4swe Module)  (9ab98a6730fa5a4d5722e2bc8e27e7a7)

1 / 68      (Adware)
WinExpandSetup_smartinfo.exe (WinExpandSetup_smartinfo by CJMooter)  (3a0c9ea6d27d19c2730942c74185f351)

1 / 68      (Adware)
WinExpandSetup_ipchecker.exe (WinExpandSetup_ipchecker by CJMooter)  (8e4036ea10aba9666a28ca449231c2d1)

1 / 68      (Adware)
WinExpand_s2lif.dll (WinExpand_s2lif Module)  (a8b29bf5ea9e65b8cc3809270ca0818b)

1 / 68      (Adware)
winxpendup_nmog.exe (WinxpandUpdate_nmog)  (e6c49a0a1c3196b7b1743fe021702e46)

1 / 68      (Adware)
winstend_nmog.EXE (winstend_nmog)  (1a1bc9fc421b36c3e8933835d5de97f4)

1 / 68      (Adware)
winxpendup_s4dnp.exe  (b896731ae4919dd7aef89a84d65e4c73)

1 / 68      (Adware)
WinExpand_s4dnp.dll (WinExpand_s4dnp Module)  (97f7568d085ba5b43ca6dea22b0e5a47)

1 / 68      (Adware)
WEUninstall_s4dnp.exe (WEUninstall_s4dnp by CJMooter)  (21e32fd2a35c95da9450db47a3e61ddf)

1 / 68      (Adware)
WinExpandSetup_utilshare.exe (WinExpandSetup_utilshare by CJMooter)  (1aa552ec00bc27835a8882fabb78d948)

1 / 68      (Adware)
winxpendup_nwgn.exe (WinxpandUpdate_nwgn)  (96cec1b19a5b774ca60ac50cb051112c)

1 / 68      (Adware)
WinExpandSetup_downhelper.exe (WinExpandSetup_downhelper by CJMooter)  (cf1d57201037d62973fc72525cbd3e42)

1 / 68      (Adware)
winxpendup_s4sse.exe  (472d85155bb8c564109fd38658952576)

 
Latest 30 of 90 files

The certificates below are also signed by CJ Mooter Inc..

58E039409EC65745DFE47259A1A2B422  (Apr 20, 2012 to Jul 21, 2013)

3D0DAED61E180A0536952254A8C14AAD  (Apr 14, 2011 to Jun 13, 2012)

3337DF1FA8FB0F79AFD72AA77BC85A4F  (Mar 26, 2010 to May 26, 2011)

* Note, the details and description above are based on the code signing digital signature issued to CJ Mooter Inc. by VeriSign, Inc. on May 01, 2013 with the serial number '67b841ad06bf7c23c9b3bc83920c4f94'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.