Zhiming Chai

Publisher Information

Zhiming Chai is a software publisher located in Nanchang, Jiangxi in China*.
Authority:
StartCom Ltd.

Valid from:
11/15/2011 6:43:22 PM

Valid to:
11/15/2013 2:14:44 PM

Subject:
E=ncuchenfeng@gmail.com, CN=Zhiming Chai, L=Nanchang, S=Jiangxi, C=CN, Description=566223-9hK1L2O1nyxQKgrV

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
0494

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
76.92%

Qihoo 360 Security
Trojan.Generic, HEUR/Malware.QVM06.Gen, Win32/Trojan.Adware.37e
69.23%

ESET NOD32
Win32/PSWTool.IEPasswordsRevealer (variant), Win32/InstallMonetizer.AN
46.15%

VIPRE Antivirus
Trojan.Win32.Generic
30.77%

AVG
HackTool
30.77%

avast!
NSIS:InstMonetizer-AU [PUP]
30.77%

Rising Antivirus
PE:Trojan.Win32.Generic.148FA794!344958868, PE:Trojan.Win32.Generic.151F49E0!354372064, PE:Trojan.Win32.Generic.14BBCFA7!347852711
30.77%

Avira AntiVirus
SPR/PassView.N
15.38%

Fortinet FortiGate
Riskware/IEPasswordsRevealer
15.38%

Comodo Security
Heur.Suspicious
15.38%

4 / 68      (PUP)
setup_screen.exe (Splendid Desktop Helper by CFSoft)  (b53fcd360edd6e1b4c73014f79018060)

0 / 68
setup_piano.exe (Baby Computer Piano by CFSoft)  (901494c8130017c88d58679f81e26cbc)

1 / 68
Childpiano.exe (Baby Computer Piano by CFSoft)  (44f4e56937d90e1f2d8c11b8985d735a)

3 / 68
Childpiano.exe (Baby Computer Piano by CFSoft)  (cda90ae2bbba0b8fc87393e552fe6826)

0 / 68
setup_piano.exe (Baby Computer Piano by CFSoft)  (9ca4e74becc17a8ac206996505c681ef)

0 / 68
modifylogo.exe (Easy Logon Screen Changer by CFSoft)  (291e9a2312e74077a26c67d82d6d7594)

1 / 68
dynamicwp.exe (Dynamicwallpaper by CFSoft)  (e1614c07d731e7ce710ec42c142564b7)

2 / 68
Childpiano.exe (Baby Computer Piano by CFSoft)  (a3dabdc314eeb414666c656857ebae47)

8 / 68      (PUP)
setup_dynamicwp.exe (Desktop Wallpaper Changer by CFSoft)  (2c0e0c1857bcb8c78e558e0c64c0ef1e)

4 / 68      (inconclusive)
modifylogo.exe (Easy Logon Screen Changer by CFSoft)  (75278cb1df7d93732d208f4147270ab8)

0 / 68
setup_screen.exe (Splendid Desktop Helper by CFSoft)  (15b4eea40c06de4b448fa092704eec3f)

8 / 68      (Malware)
lookpass.exe (Super Asterisk password viewer by CFSoft)  (1a08dc06547ead17f1f93d9e2687caf1)

2 / 68
dynamicwp.exe (Dynamicwallpaper by CFSoft)  (100a09dfc6e0560dbaae18ff48fb87a3)

9 / 68      (PUP)

0 / 68
modifylogo.exe (Easy Logon Screen Changer by CFSoft)  (ae1c3cf6abf7b317bef02e19dda8e87c)

3 / 68      (PUP)
setup.exe (Baby Computer Piano by CFSoft)  (89e11b53936ec4c020cd432228ce6e17)

0 / 68
dynamicwp.exe (Dynamicwallpaper by CFSoft)  (22316e8f4550c574ba96054a2051afef)

3 / 68      (inconclusive)
lookpass.exe (Super Asterisk password viewer by CFSoft)  (32c7a0fcfa99136345a10bd2a7606836)

4 / 68      (inconclusive)
cfsoftiehook.dll  (288b328dd495faedab43eba3c33da101)

0 / 68
Childpiano.exe (Baby Computer Piano by CFSoft)  (c4b73d70976ecbefcc06f2d57c560ad2)

* Note, the details and description above are based on the code signing digital signature issued to Zhiming Chai by StartCom Ltd. on November 15, 2011 with the serial number '0494'.