刘晋岐

Publisher Information

刘晋岐 is a software developer located in 山东省, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. There is one additional code signing certificate issued to this publisher.
Authority:
WoSign CA Limited

Valid from:
8/6/2015 9:49:02 AM

Valid to:
4/6/2016 9:49:02 AM

Subject:
CN=刘晋岐, L=威海市, S=山东省, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
1ca25aa8298dfe9dae8947c1567faf72

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, Trojan.Downloader (M), PUP.ELEX.Bundler.Meta (M), Adware.Amonetize, PUP..Reputation, PUP.Search.Bundler.Meta (M), PUP.MyStartSearch.Meta (M), PUP.ELEX.Bundler (M)
97.78%

Malwarebytes
PUP.Optional.OurSeaching.A, PUP.Optional.IStartSurf.A, PUP.Optional.MyStartSearch.ShrtCln, PUP.Optional.IStartSurf.ShrtCln, PUP.Optional.Omniboxes.ShrtCln
48.89%

Microsoft Security Essentials
BrowserModifier:Win32/SupTab
31.11%

ESET NOD32
Win32/ELEX.EC potentially unwanted (variant), Win32/ELEX.CL potentially unwanted (variant), Win32/ELEX.EQ potentially unwanted (variant)
26.67%

Dr.Web
Adware.Mutabaha.572, Adware.Mutabaha.545, Adware.Mutabaha.288, Adware.Mutabaha.597, Adware.Mutabaha.657
24.44%

Baidu Antivirus
Adware.Win32.ELEX
22.22%

Avira AntiVirus
ADWARE/ELEX.A.76, TR/Crypt.ZPACK.152686, TR/Crypt.ZPACK.153896, ADWARE/ELEX.A.115, ADWARE/Similagro.AO
20.00%

VIPRE Antivirus
Trojan.Win32.Generic
17.78%

Sophos
Generic PUA GM (PUA), Generic PUA AK (PUA), Generic PUA DK (PUA), Generic PUA HD (PUA)
17.78%

NANO AntiVirus
Riskware.Win32.Mutabaha.dulzhd, Riskware.Win32.Mutabaha.dvewga, Riskware.Win32.Mutabaha.dvbqeg, Riskware.Win32.Mutabaha.dvjvay
15.56%

1 / 68      (Malware)

1 / 68      (PUP)
amt_omniboxes.exe (4308_amt_omniboxes by Welnk.com)  (4c383583577307c178aa0b67a36e6856)

1 / 68      (Malware)

1 / 68      (Malware)
amt_oursurfing.exe (4438_amt_oursurfing)  (0bd453c9285c01292b687eaecc0f6017)

1 / 68      (PUP)
amt_omniboxes.exe (4308_amt_omniboxes by Welnk.com)  (4e9b01a50200225f1f305e7a290ffe16)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (Malware)

1 / 68      (PUP)
smt_oursurfing.exe (4307_smt_oursurfing by Welnk.com)  (6130c33767936b06071e4cd901c5a119)

1 / 68      (Malware)
oursurfing.exe (4396_2sq2_oursurfing)  (1ac8b6736dfab2adf32e50a95d9ec6b3)

1 / 68      (Malware)
lly1_istartsurf.exe (4364_tug1_istartsurf)  (904c0257aaf7a6b3a44079233b277160)

1 / 68      (PUP)
smt_istartsurf.exe (4306_smt_istartsurf by Welnk.com)  (5bec954b1fcbeb3b80caf23c53d5645b)

1 / 68      (Malware)

1 / 68      (PUP)
adv_46.exe (4367_ima_istartsurf by Welnk.com)  (b727d28010e578e60d3949881076774e)

11 / 68    (PUP)
amt_omniboxes.exe (4360_amt_omniboxes)  (f0781a752a6408a1252951047f5ded59)

12 / 68    (PUP)
smt_oursurfing.exe (4338_smt_oursurfing by Welnk.com)  (9bed277b86edb25fe0704e2b016a420a)

13 / 68    (PUP)
oursurfing.exe (4441_2sq3_oursurfing)  (a27c88ab95cb1e5e7d09ea93a4ea79fb)

7 / 68      (PUP)
amt_oursurfing.exe (4432_amt_oursurfing by 7th)  (d55f4cf1aeeb55677b84fc7a4b77a692)

1 / 68      (PUP)
lly_mystartsearch.exe (4362_tugs_mystartsearch)  (ecd204ab5a7e9edcd913569ee80d86db)

19 / 68    (PUP)

4 / 68      (PUP)
oursurfing.exe (4379_eip_oursurfing by 7th)  (744dd7a6a92dd35741fd707c89ae01b4)

1 / 68      (Malware)
lly_istartsurf.exe (4363_tugs_istartsurf)  (cbe11320319a6f2a0033e77c6bba9aa6)

1 / 68      (Malware)
adv_46.exe (4386_ima_istartsurf)  (b0f4056512407ddf560ff07ad6992b80)

3 / 68      (PUP)
smt_istartsurf.exe (4356_smt_istartsurf)  (7290bfad580dcb2ba4b05cd4801691e6)

1 / 68      (PUP)
oursurfing.exe (4395_2sq1_oursurfing)  (e5bed0137cb5961b469f2b07f51dc547)

1 / 68      (PUP)
0pljatvnq3.exe (4316_2sq_oursurfing by Welnk.com)  (63d73fd21ad9ec17c44e367d348251f9)

1 / 68      (PUP)
oursurfing.exe (4397_2sq3_oursurfing)  (fcd830e778711719e9b5397197c61b0f)

3 / 68      (PUP)
aee9.tmp.exe (4381_eit_oursurfing by 7th)  (8da272c7a7db71a3f1c3637a75d53d70)

6 / 68      (PUP)
smt_oursurfing.exe (4358_smt_oursurfing)  (fb7101234a352d110e5ab45a3f799344)

1 / 68      (Malware)
adv_76.exe (4387_ima_mystartsearch)  (ea83247e0cc7786449f3b0da40df5573)

 
Latest 30 of 45 files

Downloads URLs for files signed by 刘晋岐.

1 / 68      (Malware)
http://www.girlliuxiaowei.com/.../smt_istartsurf.exe  (8fcce955ce6cd3cf3ea6892528c1832b)

1 / 68      (PUP)

3 / 68      (PUP)
http://www.girlliuxiaowei.com/.../eit_oursurfing.exe  (8da272c7a7db71a3f1c3637a75d53d70)

1 / 68      (Malware)

19 / 68    (PUP)

7 / 68      (PUP)

1 / 68      (Malware)

1 / 68      (Malware)

The following websites host and distribute files published by 刘晋岐.

The following certificate is also signed by 刘晋岐.

2336976FA6ACE529EABBB8A5F86A2BFD  (Mar 06, 2015 to Mar 06, 2016)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to 刘晋岐 by WoSign CA Limited on August 06, 2015 with the serial number '1ca25aa8298dfe9dae8947c1567faf72'.