home

Yanling Sun

Publisher Information

Yanling Sun is a software developer located in Beijing, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 22 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
6/1/2016 8:00:00 AM

Valid to:
11/26/2016 7:59:59 AM

Subject:
CN=Yanling Sun, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
160b6f060c70190331c421618bbe6994

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.HoHoSearch.YanlingS.Meta (M), PUP.Elex.Qksee.Meta (M), Adware.Elex, PUP.Elex.YanlingS.Meta (M), PUP.Elex (M), PUP.Elex.Qksee (M)
82.35%

Microsoft Security Essentials
Threat.Undefined
35.29%

ESET NOD32
Win32/Slugin.A virus, Win32/Floxif.H virus, Win32/ELEX.IH potentially unwanted application, Win32/ELEX.IM potentially unwanted application
29.41%

avast!
Win32:Patched-JI, Win32:Pioneer-C, Win32:Rootkit-gen [Rtk]
17.65%

Emsisoft Anti-Malware
Win32.SlugIn, Win32.Floxif
11.76%

F-Prot
W32/Slugin.B, W32/Floxif.B
11.76%

AVG
Win32/Slugin.A, Win32/Floxif.A
11.76%

McAfee
Trojan.Artemis!C49B0719A802, Trojan.Dropper-FIY!953BEC2B4D1A
11.76%

Norman
Win32.SlugIn.A, Win32.Floxif.A
11.76%

Kaspersky
Virus.Win32.Slugin, Virus.Win32.Pioneer
11.76%

1 / 68      (PUP)
qks.exe (dowtools by org)  (b3307acd152a1a6fc30d236a6f9bb8f2)

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (c49b0719a802e79f9ec511e7a3f64457)

1 / 68      (PUP)
qks.exe (dowtools by org)  (3e06d17fe89807c6bb89ba2af573c157)

4 / 68      (PUP)
{blocked}.tdl  (cb2247e35cf50ded610cacbfe06df427)

3 / 68      (PUP)
myuser.exe  (64d5b64e31c5311f59210b316aace1d4)

3 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (e2de688e985d291cf1c3378315e58b06)

10 / 68    (Malware)
qkseeSvc.exe (qksee by Qksee Pvt)  (953bec2b4d1a51fd062f9ee303d4eb60)

10 / 68    (Malware)
qkseeSvc.exe (qksee by Qksee Pvt)  (6d43f685c3e8a287208071586ee78a89)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (7c525ab280e4c48525bb083ab27d0a8b)

1 / 68      (PUP)
qksee.exe (qksee by Qksee Pvt)  (46add8b752411162a35b3a88002b2407)

1 / 68      (PUP)
myuser.exe  (e50f26f4007fda714cbf9b42ca4ca699)

1 / 68      (PUP)
qkdl.exe (qksee by Qksee Pvt)  (4a5843d96a3c15f7ec43c2ac260b0e09)

0 / 68
zlib1.dll (zlib)  (37dd21a8cc7c7e49528a161574380558)

1 / 68      (PUP)
qkdup.exe (qksee by Qksee Pvt)  (99ef6653b3f641f4e3d2cb66f7363cfe)

1 / 68      (PUP)
msuser.dll  (7e59082e07c334d5309fe80f7c6472b0)

1 / 68      (PUP)
qkseeSvc.exe (qksee by Qksee Pvt)  (c49b0719a802e79f9ec511e7a3f64457)

1 / 68      (PUP)
Uninstall.exe (qksee by Qksee Pvt)  (53d5828687c6ca20400ec0f36c780a52)

1 / 68      (PUP)
qks.exe (dowtools by org)  (948f14b284d1a8c2d5ae0d0f47e2880b)

The certificates below are also signed by Yanling Sun.

227563C63F354761547CF1DD1D98276D  (Sep 19, 2016 to Nov 26, 2016)

6D7483F12A472AE0B168E44181C4A3FF  (Aug 23, 2016 to Nov 26, 2016)

00E6CA70373BA4733E7AC647B1E706CB  (Jul 26, 2016 to Nov 26, 2016)

13A6FA7CBF8F0BB1D4AFBC1A52F40A5E  (Sep 01, 2016 to Nov 26, 2016)

3D44CC1794B6A4EFDCC679FBB2D75A84  (May 19, 2016 to Nov 26, 2016)

4904F5132EFD3FC8D387823426D7C2F1  (Jun 17, 2016 to Nov 26, 2016)

22720557422CC2118621FC347FDEC796  (Jul 05, 2016 to Nov 26, 2016)

0154680D4E85D2E60BC79CF3468929EE  (Sep 09, 2016 to Nov 26, 2016)

7753DA2538B2BDA687061866FBBA92EF  (Aug 17, 2016 to Nov 26, 2016)

77A2D6240DACFE13C1FE88D01396048D  (Aug 10, 2016 to Nov 26, 2016)

10 of 22 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Yanling Sun by thawte, Inc. on June 01, 2016 with the serial number '160b6f060c70190331c421618bbe6994'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.