home

Taiming Li

Publisher Information

Taiming Li is a software publisher located in Shennongjia, Hubei in China*. The company is a primary distributor of unwanted software. Thre are 6 additional code signing certificates issued to this publisher.
Authority:
DigiCert Inc

Valid from:
12/8/2014 1:00:00 AM

Valid to:
12/16/2015 1:00:00 PM

Subject:
CN=Taiming Li, O=Taiming Li, L=Shennongjia, S=Hubei, C=CN

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
02bd768e4fba54f7f5e7e9498bfb170e

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Ma Lin.TaimingLi (M), PUP.Ma Lin.ELEX (M), PUP.ELEX.TaimingLi (M), PUP.ELEX.TaimingL (M), PUP.ELEX (M)
100.00%

Malwarebytes
PUP.Optional.Omniboxes.A, PUP.Optional.OurSeaching.A, PUP.Optional.IStartSurf.A
39.29%

ESET NOD32
Win32/ELEX.EH potentially unwanted (variant), Win32/ELEX.EC potentially unwanted (variant)
32.14%

Dr.Web
Adware.Mutabaha.572, Adware.Mutabaha.412
32.14%

Baidu Antivirus
Adware.Win32.ELEX
28.57%

herdProtect (fuzzy)
a variant of 1f918a666e79ad09fc4049e837805d16794d8f10, a variant of 14b66148abdfbe874069beb7d6edd9b2bb0873f6, a variant of fccc2e5d519652bb5c608ab8e20e6096e35f4f7e
21.43%

Bkav FE
W32.HfsAdware
17.86%

Quick Heal
PUA.MSJDGBTIR.OD6
14.29%

Arcabit
Application.Elex.1
14.29%

Bitdefender
Gen:Application.Elex.1
14.29%

1 / 68      (Adware)
nsw139e.tmp  (32b2b6d6773b22ba16184724988f11c3)

1 / 68      (Adware)
2eb78.exe (4138_dig2_oursurfing by Welnk.com)  (16604be32b61ad7f30e1e5e67bceb2f1)

1 / 68      (Adware)
nsbit_oursurfing.exe (4124_nsbit_oursurfing by 7th)  (e39b6eb7bbc8838349ca9c62cbda81ac)

1 / 68      (Adware)
HTabp.exe (3736_face_istartsurf by HTabp.com)  (7a24ea539f2dc0e1a3e0723415f4a522)

1 / 68      (Adware)
of_339_fr-i3-istartsurf.exe (3904_profr_istartsurf by 7th)  (09387e701721ce49a91fb22a75fd2b14)

1 / 68      (Adware)
nsz598d.tmp  (c852e5c109d55c5f528a8a39a7724fcc)

1 / 68      (Adware)
istartsurf.exe (4091_brd_istartsurf by Software Removal tool)  (0451a3a7e86a5ddea3fdc2b1ebcf1119)

1 / 68      (Adware)
426.exe (4133_tt4u_oursurfing by Welnk.com)  (fb73aecfbb6c1eb4cf9be3bc3f49d459)

1 / 68      (Adware)
nsbes_oursurfing.exe (4125_nsbes_oursurfing by 7th)  (5c558fb3d62aa03380fa7e53d8b1200b)

1 / 68      (Adware)
bdo_mystartsearch.exe (4015_bdo_mystartsearch by 7th)  (9402efb8cfbd3ff08ae67b2c6b271421)

1 / 68      (Adware)
csdi_oursurfing_soft_partner.exe (4122_age_oursurfing by Synergy (32-bit))  (0169dcbc0231fdee2688cae2d959d644)

26 / 68    (Adware)
bcd9b2.exe (3965_dig2_oursurfing by Synergy (32-bit))  (008e7662395f88893751c54a104c9ab5)

5 / 68      (Adware)
rbm_istartsurf.exe (4135_rbm_istartsurf by Welnk.com)  (bf2a0460a3e3e062e773b53d983d7ae5)

8 / 68      (Adware)
csdi_oursurfing_soft_partner.exe (4134_age_oursurfing by Welnk.com)  (59f3044b8c3d41dd37b32043ea56b877)

11 / 68    (Adware)
air_istartsurf.exe (4107_air_istartsurf by Software Removal tool)  (3cf575ccd2e7d6c382fe008db588d4b2)

5 / 68      (Adware)
istartsurf.exe (3907_pcs_istartsurf by 7th)  (df822f8e6bec3dad58fffb6012153376)

15 / 68    (Adware)
q5cq4mytcdit86t.exe (3963_icp_istartsurf by Synergy (32-bit))  (5538170b1df8f87b87bd8188a1773681)

7 / 68      (Adware)
n5ep5ply24z0ltl.exe (4132_icp_istartsurf by Welnk.com)  (0c37485b3472a08d07b66358ee255c86)

1 / 68      (Adware)
con_mystartsearch.exe (4077_con_mystartsearch by 7th)  (3276cf8acaf7d40692078f2815fefba2)

1 / 68      (Adware)
fdrs992vpm.exe (4060_exp1_oursurfing by 7th)  (2aec90cc36071eabbd0553492ccc6e82)

14 / 68    (Adware)
tt4u_oursurfing.exe (3966_tt4u_oursurfing by Synergy (32-bit))  (f0abdb1ad3ee10a47011ab9cf869af87)

1 / 68      (Adware)
1wzuddflueepotfro39jopwhdghb1wzuddflueepotfro39jopwhdghb_a9.exe (4045_pcm_istartsurf by Welnk.com)  (8e6f05971b4f0d0740b60f80d6c588b5)

2 / 68      (Adware)
7arm2r0xkg.exe (4014_exp_oursurfing by 7th)  (9b9558402f8ec8805e1fd6058eee3c19)

3 / 68      (Adware)
fsf_oursurfing.exe (3905_fsf_oursurfing by 7th)  (886d2d4aaf7da3d522b8f4899d0c1824)

5 / 68      (Adware)
tti_omniboxes.exe (4083_tti_omniboxes by Welnk.com)  (6191e8904a243ed4782067f459588941)

1 / 68      (Adware)
rbm_istartsurf.exe (4102_rbm_istartsurf by Synergy (32-bit))  (a9ccbf10ac5dd72f545601d2782c8916)

1 / 68      (Adware)
HTabp.exe (3736_face_istartsurf by HTabp.com)  (078dcca2c4927735383d3f36d31e2d96)

1 / 68      (Adware)
HTabp.exe (4116_cmi_mystartsearch by HTabp.com)  (fa263b99d105dde8f8ec6531377ec10a)

Downloads URLs for files signed by Taiming Li.

15 / 68    (Adware)
http://41.223.201.246/.../icp_istartsurf.exe  (5538170b1df8f87b87bd8188a1773681)

1 / 68      (Adware)
http://d2drfrdurj6mvo.cloudfront.net/.../face_istartsurf.exe  (078dcca2c4927735383d3f36d31e2d96)

1 / 68      (Adware)
http://4threquest.me/.../310714_a9.exe  (8e6f05971b4f0d0740b60f80d6c588b5)

1 / 68      (Adware)
http://d2drfrdurj6mvo.cloudfront.net/.../cmi_mystartsearch.exe  (fa263b99d105dde8f8ec6531377ec10a)

1 / 68      (Adware)
http://d2drfrdurj6mvo.cloudfront.net/.../nsbes_oursurfing.exe  (5c558fb3d62aa03380fa7e53d8b1200b)

15 / 68    (Adware)
http://d2drfrdurj6mvo.cloudfront.net/.../icp_istartsurf.exe  (5538170b1df8f87b87bd8188a1773681)

The following websites host and distribute files published by Taiming Li.

d2drfrdurj6mvo.cloudfront.net

4threquest.me

The certificates below are also signed by Taiming Li.

0A0537F4F1A08644FF90C24CAB917A1E  (Dec 08, 2014 to Dec 16, 2015)

04F817ECED7C7D0D9DB1AF7BB16932F1  (Dec 08, 2014 to Dec 16, 2015)

06C261849DE7A4965D53FC6325143E03  (Dec 08, 2014 to Dec 16, 2015)

0895B92BC339D60B3B6DD4375EF2BA08  (Dec 08, 2014 to Dec 16, 2015)

0EF3DD8A71CE910929DF8FB28DB3BFD6  (Dec 08, 2014 to Dec 16, 2015)

07285DD3D7C717F258A4296418AE255F  (Dec 07, 2014 to Dec 16, 2015)

The following publishers (by Authenticode signature organization name) are related.

Shulan Hou

Fuyuan Zhou

Xiaoqing Liu

Li Mo

Thinknice Co., Limited

Yuxin WANG

Search Vortex

Giner Tech Inc

Minidigital Technology Co., Limited

Thinknice Co. Limited

Banyan Tree Technology Limited

Skytouch Technology Co., Limited

Plain Savings

CLARALABSOFTWARE

EasyVpn

CNB TECHNOLOGIES LLC

* Note, the details and description above are based on the code signing digital signature issued to Taiming Li by DigiCert Inc on December 08, 2014 with the serial number '02bd768e4fba54f7f5e7e9498bfb170e'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.