Skytouch Technology Co., Limited

Publisher Information

Skytouch Technology Co., Limited is a software publisher located in Hong Kong*. The company is a primary distributor of unwanted software. Thre are 31 additional code signing certificates issued to this publisher.
Remove Skytouch Technology Co., Limited Malware - Powered by Reason Core Security
Authority:
GlobalSign nv-sa

Valid from:
7/8/2013 10:29:59 AM

Valid to:
7/9/2014 10:29:59 AM

Subject:
CN="Skytouch Technology Co., Limited", O="Skytouch Technology Co., Limited", L=HongKong, S=HongKong, C=HK

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11216078022fa91c0eb61326e0e8fdbe9c30

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SkytouchTechnologyCoLimited.H, PUP.Service.SkytouchTechnologyCoLimited.H, PUP.SkytouchTechnologyCoLimited.I, PUP.SkytouchTechnologyCoLimited.R, PUP.ELEX.SkytouchTechnologyCo (M)
100.00%

McAfee
Artemis!FCD5C26ED2DE, RDN/Generic PUP.x!bmc, RDN/Generic.dx!crf, Adware-Bprotect, Artemis!E2A0FAD868A5, RDN/Generic PUP.x!bf3
57.14%

Trend Micro House Call
TROJ_GEN.R03LH0AHH13, TROJ_SPNR.3CKH13, TROJ_GEN.R0CBB01JG13, TROJ_FRS.BMA000JA13, TROJ_GEN.F47V0805, ADW_STASER, TROJ_SPNR.0BJQ13
57.14%

McAfee Web Gateway
Artemis!FCD5C26ED2DE, RDN/Generic PUP.x!bmc, RDN/Generic.dx!crf, Adware-Bprotect, Artemis!E2A0FAD868A5, RDN/Generic PUP.x!bf3
57.14%

VIPRE Antivirus
Trojan.Win32.Generic, BProtector, Elex Installer
57.14%

Kingsoft AntiVirus
Win32.Troj.Undef.(kcloud), Win32.Troj.Generic.a.(kcloud), Win32.Heur.KVMF90.hy.(kcloud), Win32.Troj.StartPage.ci.(kcloud)
57.14%

Malwarebytes
Trojan.Staser, PUP.Optional.Wsys.A, Trojan.Dropper, PUP.Optional.Elex.A, Trojan.Downloader
52.38%

Comodo Security
TrojWare.Win32.Trojan.Agent.Gen, TrojWare.Win32.Staser.RPV, ApplicUnwnt, Heur.Suspicious, TrojWare.Win32.StartPage.~CJAB
52.38%

Trend Micro
TROJ_GEN.R0CBC0OIP13, TROJ_SPNR.3CKH13, TROJ_FRS.BMA000IR13, TROJ_FRS.BMA000JA13, ADW_STASER, TROJ_SPNR.0BJQ13, TROJ_SPNV.01JG13
52.38%

Fortinet FortiGate
Riskware/PUP_x, W32/STASER.A!tr, W32/VMProtBad.A, W32/Dloadr.DSY!tr, W32/Staser.QAF!tr, W32/StartPage.CJAB!tr, W32/Staser.FV!tr
52.38%

1 / 68      (Adware)
Setup.exe (eDownload Module)  (c34945e5f5b2270b554816cf313d7df1)

1 / 68      (Adware)
media_player_classic.exe (eDownload Module)  (159bac54c5fc69ccd605aafc0b0a3837)

1 / 68      (Adware)
amt_ar_qone8.exe  (741560f8d3db33742a7bcabf8c25c70f)

1 / 68      (Adware)

1 / 68      (Adware)
adks_ar_qone8_20131022.exe  (31db95190350a91470bca5127fec0e9a)

1 / 68      (Adware)
_eupdate_2601.exe  (06099b3e873b63d4cb48fc6a4497432b)

1 / 68      (Adware)

1 / 68      (Adware)
_eupdate_13.3.2.2700.exe  (42d781277ee5a76a5ecce9a57abf2dfb)

1 / 68      (Adware)
eGdpSvc.exe (Wsys Control by Wsys Co.)  (2ecf3dd6af03a9ae544f92994138eb26)

42 / 68    (Adware)
amt_ar_qone8.exe  (90f1bc2840596a48305f7ca1c8fcd974)

44 / 68    (Adware)
air3345.exe  (b060fd4af709d75e99423cbdb05b33bf)

27 / 68    (Adware)
_eupdate_13.3.2.2700.exe  (331de39b80019a55da553830a92b3195)

34 / 68    (Adware)

40 / 68    (Adware)
tugs_ar_qone8.exe  (21a59f3cd8ba8fc49f1f6c6efef027b8)

47 / 68    (Adware)
smt_ar_dosearches.exe  (e752ed18f17d55119f5c41e40176d525)

31 / 68    (Adware)
eGdpSvc.exe (Wsys Control by Wsys Co.)  (d0a07092b61451556297eb9fe5cd51bd)

18 / 68    (Adware)
eGdpSvc.exe (Wsys Control by Wsys Co.)  (e2a0fad868a56b5c10f920114f3d19f9)

18 / 68    (Adware)

40 / 68    (Adware)
egdpsvc.exe (Wsys Control by Wsys Co.)  (d0f52960ae4f2b30008f7ce7f115095d)

37 / 68    (Adware)
egdpsvc.exe (Wsys Control by Wsys Co.)  (8ebc03727f28645d509101aa078c749c)

24 / 68    (Adware)
eUpdate.exe  (fcd5c26ed2de78e8737816370b01e248)

Downloads URLs for files signed by Skytouch Technology Co., Limited.

1 / 68      (Adware)

44 / 68    (Adware)

24 / 68    (Adware)

The following websites host and distribute files published by Skytouch Technology Co., Limited.

The certificates below are also signed by Skytouch Technology Co., Limited.

11210C5FFE3CC0A399CEA5CA83FFC0772D2B  (Dec 31, 2015 to Jul 19, 2016)

11219261AFE8E45AD83D901FD68EAE39CE69  (Dec 24, 2015 to Jul 19, 2016)

11212C9A4FCD7971980A0F909560D5BE6710  (Nov 27, 2015 to Jul 19, 2016)

112117933FAD21E4DA5C35DEEFF058F2EF4A  (Nov 10, 2015 to Jul 19, 2016)

1121E965E4C4992F9D73057FEB78C4D49A6B  (Jan 15, 2016 to Jul 19, 2016)

1121D99EB534095C60E2A76088C0C6927518  (Nov 25, 2015 to Jul 19, 2016)

1121B2CD5929AD4EBDCDE4576D862B440BC2  (Dec 17, 2015 to Jul 19, 2016)

11218B3B24CD809C4CA8EEFB221E47ED883C  (Jan 28, 2016 to Jul 19, 2016)

11214F4F43DF5BAC939C2FCF50D76A085CE0  (Jan 06, 2016 to Jul 19, 2016)

1121319255A74AAF79F67109B77C092E6107  (Jan 08, 2016 to Jul 19, 2016)

10 of 31 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Remove Skytouch Technology Co., Limited Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Skytouch Technology Co., Limited by GlobalSign nv-sa on July 08, 2013 with the serial number '11216078022fa91c0eb61326e0e8fdbe9c30'.