Liyan Liu

Publisher Information

Liyan Liu is a software developer located in Wenzhou, Zhejiang in China*. The company is a primary distributor of unwanted software. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
DigiCert Inc

Valid from:
7/22/2014 8:00:00 AM

Valid to:
7/27/2015 8:00:00 PM

Subject:
CN=Liyan Liu, O=Liyan Liu, L=Wenzhou, S=Zhejiang, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02ca146aed05062a5f6c4ac5628bbc00

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.LiyanLiu.E, PUP.LiyanLiu.Q, PUP.Service.LiyanLiu.N, PUP.BHO.LiyanLiu.G, PUP.LiyanLiu.N, PUP.LiyanLiu.P, PUP.LiyanLiu.J, PUP.ELEX.LiyanLiu (M), PUP.ELEX (M)
100.00%

VIPRE Antivirus
Threat.4788726, Elex Installer, Threat.4758034
44.83%

Baidu Antivirus
Adware.Win32.ELEX, Adware.Win32.Agent, Adware.Win64.Agent
44.83%

G Data
Win32.Application.SubTab, Adware.Agent.OKO, Win64.Application.SubTab, Adware.Agent.OFO, Win32.Application.SearchProtect.AE
31.03%

ESET NOD32
Win32/Thinknice.E potentially unwanted application, Win32/ELEX.AV potentially unwanted application, Win32/Thinknice.B potentially unwanted application
24.14%

AhnLab V3 Security
PUP/Win32.SearchProtect, PUP/Win32.Helper, Adware/Win32.Agent, Win32/Kashu.E
24.14%

Malwarebytes
PUP.Optional.IePluginService.A, PUP.Optional.SupTab.A, PUP.Optional.Skytech.A, PUP.Optional.IEPluginService.A
24.14%

Dr.Web
Trojan.Click3.9479, Trojan.Click3.8536, Trojan.Damaged.1, Adware.Mutabaha.50, Trojan.StartPage1.6314, Adware.Mutabaha.277
20.69%

Agnitum Outpost
PUA.Agent, Trojan.Click, Riskware.Agent
20.69%

avast!
Win32:SupTab-A [Adw], Win32:SupTab-C [Adw], Win32:Kukacka, Win32:SaliCode
17.24%

1 / 68      (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (758be5fcc7e58d9801d7c0968d7fa0b4)

1 / 68      (Adware)

1 / 68      (Adware)
uninstall.exe (TODO: <Product name>)  (01965378cd05c796ffe6ab2c57aac96d)

1 / 68      (Adware)
uninstall.exe (TODO: <Product name>)  (73dfb4975a2f1c0c4dda060645b40473)

1 / 68      (Adware)

1 / 68      (Adware)
searchprotect64.dll (2.0.1.739 by Skytech Co.)  (756de1db3cb1648749550dc9ff2d87ec)

1 / 68      (Adware)

1 / 68      (Adware)
uninstall.exe (TODO: <Product name>)  (af4147f02575b444163370e1fe62d493)

1 / 68      (Adware)

1 / 68      (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (33177b33ad2862b270f07105555dbfd7)

1 / 68      (Adware)
hpui.exe  (27e8c007d313a8826296cdde1cb54a5b)

1 / 68      (Adware)
suptab_v5.8.8.777_noblank_amy.exe  (ab4163130de91601226abb74c7171063)

1 / 68      (Adware)
suptab_v5.8.8.777_noblank_amy.exe  (d036409d9ed4cb2bc6d42c3d923916bb)

1 / 68      (Adware)
uninstall.exe (TODO: <Product name>)  (caa4e5e4247128e2795d73fd86764d70)

1 / 68      (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (a48e952e74d0930f1e2cd647aa35edcf)

1 / 68      (Adware)
hpui.exe  (2773f75f4b9ab3c3e89565c703423381)

4 / 68      (Adware)
bhoenabler.exe  (06d36b75e385f9fdb24f78b0ca712646)

3 / 68      (Adware)
suptab_v5.8.8.777_noblank_amy.exe  (65168093aa74504f0f7eb2d8661ec536)

21 / 68    (Adware)
uninstall.exe (TODO: <Product name>)  (54e10280f3af69f4a5c62dd8af9d21c5)

6 / 68      (Adware)
searchprotect64.dll (2.0.1.739 by Skytech Co.)  (756de1db3cb1648749550dc9ff2d87ec)

22 / 68    (Adware)
searchprotect32.dll (2.0.1.739 by Skytech Co.)  (65d79d935fbfcaee632e7aee203281c7)

16 / 68    (Adware)
RSHP.exe (RSHP IePlugin control by Skytech Co.)  (d0bf1a3bbdffb452ccce3381400162e3)

11 / 68    (Adware)
dpinterface64.dll (Skytech by Skytech Co.)  (cd5e356ae953ad415b7565b00e0cbd97)

12 / 68    (Adware)
dpinterface32.dll (Skytech by Skytech Co.)  (11a308829fff29098afb5405dcb22cda)

22 / 68    (Adware)
suptab.dll (SupTab by Thinknice Co. Limited)  (00788cf2be045f426d23b48a007d62d8)

17 / 68    (Adware)
windowssupportdll64.dll  (993173f11197998b469efd3c1a1926a4)

21 / 68    (Adware)

8 / 68      (Adware)
windowssupportdll32.dll  (798cff66accab7f2875971ece8845eb7)

18 / 68    (Adware)
hpui.exe  (155d246f227846deebebd599f30d584a)

The certificates below are also signed by Liyan Liu.

5E0B6377F33581B2B9F8E9C1C0BAB247  (Jan 25, 2016 to Jan 25, 2017)

06A374858107D7F624D3CC328C92248A  (Jul 22, 2014 to Jul 27, 2015)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Liyan Liu by DigiCert Inc on July 22, 2014 with the serial number '02ca146aed05062a5f6c4ac5628bbc00'.