Taiming Li

Publisher Information

Taiming Li is a software publisher located in Shennongjia, Hubei in China*. The company is a primary distributor of unwanted software. Thre are 6 additional code signing certificates issued to this publisher.
Authority:
DigiCert Inc

Valid from:
12/8/2014 1:00:00 AM

Valid to:
12/16/2015 1:00:00 PM

Subject:
CN=Taiming Li, O=Taiming Li, L=Shennongjia, S=Hubei, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
06c261849de7a4965d53fc6325143e03

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Ma Lin.TaimingLi (M), PUP.Ma Lin.ELEX (M), PUP.ELEX.TaimingLi (M), PUP.ELEX.TaimingLi.Installer (M), PUP.ELEX.TaimingL (M), PUP.ELEX (M)
100.00%

Malwarebytes
PUP.Optional.MyStartSearch.A, PUP.Optional.Omniboxes.ShrtCln, PUP.Optional.OurSeaching.A, PUP.Optional.MyStartSearch.ShrtCln
55.10%

herdProtect (fuzzy)
a variant of 277a8797f9a942a55211aa244bdcb34d327479b0, a variant of 4aa272f2926686e6f4be5a0d46565acfbd601509, a variant of ab3e4bc6fa02ec83ba44c78ab06671b6c7e91478
53.06%

Bkav FE
W32.HfsAdware
48.98%

Dr.Web
Adware.Mutabaha.288, Adware.Mutabaha.335, Adware.Mutabaha.361, Adware.Mutabaha.597, Adware.Mutabaha.573, Adware.Mutabaha.545
44.90%

Quick Heal
PUA.MSJDGBTIR.OD6
34.69%

NANO AntiVirus
Riskware.Win32.Mutabaha.dunath, Riskware.Win32.Amonetize.dugudt, Riskware.Win32.Mutabaha.dumnnc
18.37%

ESET NOD32
Win32/ELEX.CL potentially unwanted, Win32/ELEX.EC potentially unwanted (variant), Win32/ELEX.CL potentially unwanted (variant)
12.24%

Baidu Antivirus
Adware.Win32.ELEX
10.20%

Fortinet FortiGate
Riskware/Elex, Adware/Amonetize
8.16%

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (0dad00696dc78f3d6725e71a8d8bdaf6)

1 / 68      (Adware)
9b43.exe (4154_dig2_oursurfing by Welnk.com)  (6855261a03e259bd4a39a995f987f018)

1 / 68      (Adware)
nsk19e2.tmp  (f898e3a2ad5f48d979db4f914050aea3)

1 / 68      (Adware)
eip_oursurfing.exe (4171_eip_oursurfing by Welnk.com)  (2d8cc75e2e423e76c9893d569ed406bc)

1 / 68      (Adware)
setup_magic_ct.exe (4187_pjr_oursurfing by 7th)  (303514335ff71ce52b7a026969303676)

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (6b957fb65322c44d509ee24858ad9fbe)

1 / 68      (Adware)
e7a8.exe (4189_dig2_oursurfing by 7th)  (f1388df56ae5554e65b4f6505c15683c)

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (c7b25639ca59a0ab18e10ad899f63ec0)

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (fb0704f848b006977c6bdb82201e93a7)

1 / 68      (Adware)
nsta42f.tmp  (6ca87e2313457e0ca7dc39fed9784eb9)

1 / 68      (Adware)
nsnf3a5.tmp  (3151f530e2e1fc2bbc84f9ffdad31b6e)

1 / 68      (Adware)
nsnb0eb.tmp  (a35c13c348e7b9d6f6981844c7324991)

1 / 68      (Adware)

1 / 68      (Adware)
nsbfr_oursurfing.exe (4126_nsbfr_oursurfing by 7th)  (bd96f43e5724411510295661e45c3cb6)

1 / 68      (Adware)
sien_mystartsearch.exe (3906_sien_mystartsearch by 7th)  (63a53b59e281df3ac093adc5ea6d47a1)

1 / 68      (Adware)
nsbit_oursurfing.exe (4124_nsbit_oursurfing by 7th)  (f606361d3d06caffd718b3c312bbe97c)

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (064031316d55a702926cce3e7e007264)

1 / 68      (Adware)
rbm_istartsurf.exe (4175_rbm_istartsurf by Welnk.com)  (2d61405be0b78d16989d0b551006e84d)

1 / 68      (Adware)
oursurfing.exe (4200_age_oursurfing by Welnk.com)  (4604dbc3442d2d79a8edadf59f35862d)

1 / 68      (Adware)
setup.exe (4191_45e_oursurfing by 7th)  (94937afa1da106ca6fcc2e2d718aeade)

7 / 68      (Adware)
306.exe (4091_brd_istartsurf by Software Removal tool)  (d198564ca64f41cb9cc98cd8a4ff9572)

6 / 68      (Adware)

6 / 68      (Adware)
freeistartsurf.exe (4177_free_istartsurf by Welnk.com)  (d5236d5295fd066c56e5abdbc1d0b3cb)

6 / 68      (Adware)

7 / 68      (Adware)
426.exe (4209_tt4u_oursurfing by Software Removal tool)  (0f32da0b6637d77dd6c141a5e133f626)

6 / 68      (Adware)
nsbes_oursurfing.exe (4125_nsbes_oursurfing by 7th)  (12392ea0746bb7b74529b97690554032)

7 / 68      (Adware)
vau6606.tmp.exe (4208_ium6_mystartsearch by Welnk.com)  (d6d554d82aecc4512a1881471ad66ca7)

6 / 68      (Adware)
bdo_mystartsearch.exe (4015_bdo_mystartsearch by 7th)  (fc63f8c41f3e6c66c4717f91457b8e48)

6 / 68      (Adware)
bdo_mystartsearch.exe (4015_bdo_mystartsearch by 7th)  (fc63f8c41f3e6c66c4717f91457b8e48)

 
Latest 30 of 49 files

Downloads URLs for files signed by Taiming Li.

11 / 68    (Adware)
http://113.171.224.213/.../cmi_mystartsearch.exe  (146fe0b302682c058d4dc6faa868b0f1)

11 / 68    (Adware)
http://113.171.224.169/.../cmi_mystartsearch.exe  (146fe0b302682c058d4dc6faa868b0f1)

6 / 68      (Adware)

3 / 68      (Adware)

7 / 68      (Adware)

7 / 68      (Adware)

5 / 68      (Adware)

6 / 68      (Adware)
http://4threquest.me/.../310714_a9.exe  (5166906c5097e306246f7b7b33cc0243)

19 / 68    (Adware)
http://4threquest.me/.../310714_a9.exe  (4f67f13b02782d916509b32f18cc0289)

9 / 68      (Adware)

11 / 68    (Adware)

The following websites host and distribute files published by Taiming Li.

The certificates below are also signed by Taiming Li.

02BD768E4FBA54F7F5E7E9498BFB170E  (Dec 08, 2014 to Dec 16, 2015)

0A0537F4F1A08644FF90C24CAB917A1E  (Dec 08, 2014 to Dec 16, 2015)

04F817ECED7C7D0D9DB1AF7BB16932F1  (Dec 08, 2014 to Dec 16, 2015)

0895B92BC339D60B3B6DD4375EF2BA08  (Dec 08, 2014 to Dec 16, 2015)

0EF3DD8A71CE910929DF8FB28DB3BFD6  (Dec 08, 2014 to Dec 16, 2015)

07285DD3D7C717F258A4296418AE255F  (Dec 07, 2014 to Dec 16, 2015)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Taiming Li by DigiCert Inc on December 08, 2014 with the serial number '06c261849de7a4965d53fc6325143e03'.