home

Fu Yu

Publisher Information

Fu Yu is a software developer located in 浙江省, China*. The company is a primary distributor of unwanted software.
Authority:
WoSign CA Limited

Valid from:
3/12/2014 7:09:17 AM

Valid to:
3/12/2015 7:09:17 AM

Subject:
CN=Fu Yu, E=andreafuyu@gmail.com, L=丽水市, S=浙江省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
1dde9dd81089f1e49f8985695790cc53

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.FuYu.R, PUP.FuYu.J, PUP.FuYu.S, PUP.FuYu.Q, PUP.FuYu.DD, PUP.FuYu.O, PUP.FuYu.FF, PUP.FuYu.M, PUP.FuYu.P, PUP.FuYu.K, PUP.Skytech.FuYu (M), PUP.Skytech (M)
100.00%

Malwarebytes
PUP.Optional.SkyTech.A, PUP.Optional.WPM.A, PUP.Optional.Skytech.A
63.83%

Sophos
nbsp;
53.19%

Dr.Web
Adware.Mutabaha.48, Adware.Mutabaha.55
29.79%

Agnitum Outpost
PUA.Mutabaha
21.28%

Trend Micro House Call
TROJ_GEN.F47V0327, TROJ_GEN.F47V0328, TROJ_GEN.F47V0524, TROJ_GEN.F47V0608, Suspicious_GEN.F47V0612
14.89%

ESET NOD32
Win32/ELEX.AF (variant), Win32/ELEX.CP potentially unwanted (variant)
12.77%

Kaspersky
not-a-virus:AdWare.Win32.Agent
10.64%

avast!
Win32:Adware-BSU [PUP], Win32:Dropper-NYA [Drp]
8.51%

ESET NOD32
Win32/ELEX.AM potentially unwanted application, Win32/ELEX.AF potentially unwanted application
8.51%

1 / 68      (Adware)
7ist_qone8.exe (218_7ist by Skytech Co.)  (ea28de165cd89c7a2336d9bc57758664)

1 / 68      (Adware)
lly_webssearches.exe (220_smt by Skytech Co.)  (e3fdd06f5730e58728ea81ff0803bb63)

1 / 68      (Adware)
webssearches_2603_v2-af0e3248.exe (220_smt by Skytech Co.)  (e6ec21ba4a5d159301be26e96e21cc58)

1 / 68      (Adware)
smt_qone8_new.exe (220_smt by Skytech Co.)  (df4408e43931ff6fbc643b401aade663)

1 / 68      (Adware)
nsbit_qone8.exe (216_nsbit by Skytech Co.)  (b2d907dd3e4d061e2a1b028dc158c4d0)

1 / 68      (Adware)
wprotectmanager.exe (WindowsProtectManger control by Fuyu LIMITED)  (ea6a5a593a748399993bbd1cc7b4d473)

1 / 68      (Adware)
adv_38.exe (224_step by Skytech Co.)  (082d1c0fe2f866f2796cdbcb74f41cde)

1 / 68      (Adware)
adks_key-find_20140410.exe (265_adks by Skytech Co.)  (10e97d187435b40a3c2ab4f660e48598)

1 / 68      (Adware)
0b14a486-6a1f-470e-ae0d-4722a5cc7b9f (208_profr by Skytech Co.)  (5817e2d237402ae1f6684a170baddfb5)

1 / 68      (Adware)
nsbes_qone8.exe (215_nsbes by Skytech Co.)  (9e9ac9eed092e4eb79f427f09adb195b)

1 / 68      (Adware)
amt_awesomehp.exe (82_amt by Skytech Co.)  (02dfb26e38abec1eabef32158a3c3530)

1 / 68      (Adware)
rbm_sweet-page.exe (119_rbm by Skytech Co.)  (3a3c61ba57a1b9e194706661b92c8753)

1 / 68      (Adware)
wprotectmanager.exe (WindowsProtectManger control by Fuyu LIMITED)  (ea6a5a593a748399993bbd1cc7b4d473)

1 / 68      (Adware)
update.exe  (f86d8338f80d36f368e0e00cb04ce480)

1 / 68      (Adware)
air6a16.exe (209_air by Skytech Co.)  (a52397826236dada397d806f9c1526c0)

1 / 68      (Adware)
epom1_nationzoom_20131128171859.exe (211_epom1 by Skytech Co.)  (79fba98dfee265c340f7626f29bf0ea3)

6 / 68      (Adware)
uninstallmanager.exe (Skytech by Skytech Co.)  (86e4988d0dd84e9002b24b076758aa81)

6 / 68      (Adware)
amt_key-find.exe (239_amt by Skytech Co.)  (bd24670f21619f2614c4a0e5480d0d16)

6 / 68      (Adware)
vit_sweet-page.exe (30_vit by Skytech Co.)  (0677d507ab4f929438d1e8d31238c3dd)

5 / 68      (Adware)
nsbfr_qone8.exe (217_nsbfr by Skytech Co.)  (1eb68307e9cf6a4d65d2ce42d3bcf05d)

8 / 68      (Adware)
epom3_nationzoom_20131128171919.exe (213_epom3 by Skytech Co.)  (92528daad568eeafa7822f74d7c4a8e9)

8 / 68      (Adware)
qone8.exe (223_tt4u by Skytech Co.)  (f3db65691e51c34c3c3e687fb0243c41)

4 / 68      (Adware)
update.exe  (b95551c8e5a4637eda14953503773552)

12 / 68    (Adware)
wprotectmanager.exe (WindowsProtectManger control by Fuyu LIMITED)  (ea6a5a593a748399993bbd1cc7b4d473)

6 / 68      (Adware)
cvs_qone8.exe (204_cvs by Skytech Co.)  (e115e92d3384a54e80bb3e65175a48c9)

12 / 68    (Adware)
wprotectmanager.exe (WindowsProtectManger control by Fuyu LIMITED)  (7ff57af8e0e3e2c298988a135879a395)

12 / 68    (Adware)
wprotectmanager.exe (WindowsProtectManger control by Fuyu LIMITED)  (8e445893b21ae3a59d351b9746b63d73)

7 / 68      (Adware)
sien_qone8.exe (206_sien by Skytech Co.)  (5c9e174f5ec8ad2cf1b932fcf850e96c)

5 / 68      (Adware)
amt_webssearches.exe (233_amt by Skytech Co.)  (9b4d18e4573a354daac9fc6a59de9c46)

5 / 68      (Adware)
ild_qone8.exe (214_ild by Skytech Co.)  (46625db804af50e75aae87ff4b9124a1)

 
Latest 30 of 47 files

Downloads URLs for files signed by Fu Yu.

5 / 68      (Adware)
http://d1pg43ots40sgg.cloudfront.net/bundle/NationZoomYAC/.../nsbfr_qone8.exe  (1eb68307e9cf6a4d65d2ce42d3bcf05d)

1 / 68      (Adware)
http://cdn.airdlr9.com/downloads/offers/.../air_qone8B.exe  (a52397826236dada397d806f9c1526c0)

7 / 68      (Adware)
http://vzbucket.maxrevinstaller.com/Awsomehp/.../sien_qone8.exe  (5c9e174f5ec8ad2cf1b932fcf850e96c)

1 / 68      (Adware)
http://dmrm038s4vkzd.cloudfront.net/cl/inst/bundles/NationZoomYAC/.../nsbes_qone8.exe  (9e9ac9eed092e4eb79f427f09adb195b)

3 / 68      (Adware)
http://www.po114.us/hpnt/.../adks_qone8.exe  (690d4520abfb8e9a8facf48eceb2fb92)

4 / 68      (Adware)
http://www.po114.us/hpnt/.../wpc_sweet-page.exe  (24d8c6f9942809ccd20ea16cacd24c7f)

2 / 68      (Adware)
http://www.po414.net/hpnt/.../lly_webssearches.exe  (6f7e0be7d04f2dd7261d80db9cc579fd)

3 / 68      (Adware)
http://d3emsmln8xfj03.cloudfront.net/bundles/.../adks_qone8_20140410.exe  (690d4520abfb8e9a8facf48eceb2fb92)

3 / 68      (Adware)
http://d1t653m828c3x8.cloudfront.net/bundles/.../adks_qone8_20140410.exe  (690d4520abfb8e9a8facf48eceb2fb92)

The following websites host and distribute files published by Fu Yu.

dmrm038s4vkzd.cloudfront.net

www.po414.net

d1t653m828c3x8.cloudfront.net

d3emsmln8xfj03.cloudfront.net

vzbucket.maxrevinstaller.com

www.po114.us

The following publishers (by Authenticode signature organization name) are related.

Skytouch Technology Co., Limited

CLARALABSOFTWARE

Hefei Zhimingxingtong Software&Technology Co., Ltd.

Amonetize ltd.

Goobzo LTD

ReSoft LTD.

Visual Software Systems LTD

Conduit Ltd.

Outfox Tv Productions Pty Ltd

Crawler, LLC

Beijing AmazGame Age Internet Technology Co., Ltd.

Linkular LLC

Creative Island Media, LLC

Simply Tech Ltd

ClientConnect LTD

Ad Businness Crown Solutions S.L.

PriceGong Software Ltd

MicroSmarts LLC

EnhanceTronic

SIEN S.A.

JDI BACKUP LIMITED

Olacatala OU

Boxore OU

Jet Applications

Sendori, Inc

KEYDOWNLOAD LTD

Save Valet, LLC

NOSIBAY

MDS

Highlightly

30 of 67 publishers

* Note, the details and description above are based on the code signing digital signature issued to Fu Yu by WoSign CA Limited on March 12, 2014 with the serial number '1dde9dd81089f1e49f8985695790cc53'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.