home

yearsoft

Publisher Information

yearsoft is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
6/21/2013 9:00:00 AM

Valid to:
6/22/2014 8:59:59 AM

Subject:
CN=yearsoft, OU=IT Team, O=yearsoft, L=Ansan-si, S=Gyeonggi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1d640099747b7b0113e4e8a226d9c798

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M)
100.00%

1 / 68      (Adware)
subssetup.exe (yearsoft)  (2d7ec93e277994123f81262de305b37c)

1 / 68      (Adware)
zowon.exe (Sub Shop by yearsoft)  (95fe695562cb6e53cae0d1605b67f5ec)

1 / 68      (Adware)
voavv.exe (Sub Shop by yearsoft)  (f21f81d52544b9c3a9c0f9b7dbcc82cf)

1 / 68      (Adware)
novanov.exe (Sub Shop by yearsoft)  (bdd221469f354acbbca372c7e1838d14)

1 / 68      (Adware)
pancytan.exe (Sub Shop by yearsoft)  (03453467fb320afceeb0343b914376e0)

1 / 68      (Adware)
pranczorep.exe (Sub Shop by yearsoft)  (1bb641d8e7e8622c2f167539c7429624)

1 / 68      (Adware)
subssetup.exe (yearsoft)  (1f914025acdd9990754c317e1dc89201)

1 / 68      (Adware)
tauberrep.exe (Sub Shop by yearsoft)  (4a642d5409a837d727285e88b5c68005)

1 / 68      (Adware)
virangrep.exe (Sub Shop by yearsoft)  (de6af821302ac485fee8a747502e926c)

1 / 68      (Adware)
virang.exe (Sub Shop by yearsoft)  (6c09fdb4392e171ca94d43b028743392)

1 / 68      (Adware)
acoolerrep.exe (Sub Shop by yearsoft)  (5b16c001a64013ef5056ad2d833d551e)

1 / 68      (Adware)
subashop.exe (Sub Shop by yearsoft)  (46bcc826adf33988648a16e13bd8d0ae)

1 / 68      (Adware)
acoolersvr.exe (Sub Shop by yearsoft)  (a9b062318cc3587357f4043e86b9303d)

1 / 68      (Adware)
submsetup.exe (yearsoft)  (8d199ea9200dac61dd063ec19eaae8a3)

1 / 68      (Adware)
polding.exe (Sub Shop by yearsoft)  (cc6a46e108bafb72e95ec66e97d1b89b)

1 / 68      (Adware)
yunjong.exe (Sub Shop by yearsoft)  (4fdc3112b8771f064172237da07da268)

1 / 68      (Adware)
subashop.exe (Sub Shop by yearsoft)  (bf312a6d24b3cea2973444aa5d3fb3fa)

1 / 68      (Adware)
ocidpop.exe (Sub Shop by yearsoft)  (55ed49910beeedb527433a816efd917b)

1 / 68      (Adware)
mitoshrep.exe (Sub Shop by yearsoft)  (d82ccb65121ddd07edf464c246b48191)

1 / 68      (Adware)
yggarwalrep.exe (Sub Shop by yearsoft)  (2a686413d2a95abd077d7b56a638fe73)

1 / 68      (Adware)
yggarwal.exe (Sub Shop by yearsoft)  (5719ddbe08a786ecf25dc2f0c8db3e9c)

1 / 68      (Adware)
qevhdr.exe (Sub Shop by yearsoft)  (b5ed347a1669c1d9ec86fa7895779123)

1 / 68      (Adware)
nineplusr.exe (Sub Shop by yearsoft)  (8297c7af41a2ab8fa7e790bfbccab632)

1 / 68      (Adware)
subssetup.exe (yearsoft)  (71c14def3fb272e3026b470f610acc11)

1 / 68      (Adware)
wakefunrep.exe (Sub Shop by yearsoft)  (ec1324a39051dbe1759d9b7594d8b9e1)

1 / 68      (Adware)
wakefun.exe (Sub Shop by yearsoft)  (acba899fb8e151b3eaa32c28f73b5fc8)

1 / 68      (Adware)
wakefunsvr.exe (Sub Shop by yearsoft)  (0b9df63f9516207a0c652d1fdcc82f93)

1 / 68      (Adware)
subashop.exe (Sub Shop by yearsoft)  (38fd5a4022243d55ba776e8afb319652)

1 / 68      (Adware)
subssetup.exe (yearsoft)  (2148b8c2cecdbe017495268abe3794f4)

1 / 68      (Adware)
acoolersvr.exe (Sub Shop by yearsoft)  (73ec09db100e1ea8f2512d4608ecdef4)

 
Latest 30 of 309 files

The following certificate is also signed by yearsoft.

028FB214E3C57F518427378946E58BA7  (Jul 17, 2013 to Jul 18, 2014)

* Note, the details and description above are based on the code signing digital signature issued to yearsoft by Thawte, Inc. on June 21, 2013 with the serial number '1d640099747b7b0113e4e8a226d9c798'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.