home

아이비엔 (IBN)

Publisher Information

아이비엔 (IBN) is a software publisher located in Seongdong-gu, Seoul in Korea*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
thawte, Inc.

Valid from:
10/8/2015 9:00:00 AM

Valid to:
10/8/2018 8:59:59 AM

Subject:
CN=아이비엔 (IBN), OU=IT Team, O=아이비엔 (IBN), L=Seongdong-gu, S=SEOUL, C=KR

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4166f57fe9d68663f57a34ae0e960e6a

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

F-Prot
W32/Themida_Packed
53.66%

Reason Heuristics
Trojan.Agent (M)
48.78%

ESET NOD32
Win32/AdWare.KeywordFind (variant)
43.90%

K7 AntiVirus
Adware
41.46%

AVG
Generic, Vundo
34.15%

Qihoo 360 Security
HEUR/QVM39.1.Malware.Gen, QVM19.1.Malware.Gen, HEUR/QVM19.1.Malware.Gen, HEUR/QVM19.1.0000.Malware.Gen, HEUR/QVM39.1.0000.Malware.Gen
31.71%

VIPRE Antivirus
Backdoor.Win32.Ircbot.gen, Threat.4412848, Trojan.Win32.Generic
26.83%

ESET NOD32
Win32/AdWare.KeywordFind.D application
21.95%

Avira AntiVirus
TR/Crypt.TPM.Gen, ADWARE/KeywordFind.987904, ADWARE/KeywordFind.tapu, TR/Agent.975616
19.51%

Emsisoft Anti-Malware
Gen:Trojan.Heur.4yXa4KXWZ2eG, Application.Generic.1572454, Gen:Trojan.Heur.7yZa4KXWZ2eG, Gen:Variant.Barys.49354, Gen:Variant.Symmi.14532
17.07%

0 / 68
windgdotmp_6287  (16a804f17c2bd25b6edce8ea4f05676b)

0 / 68
windgdo.dll  (900b639037e66ae6de852664956263c4)

0 / 68
windgdoj.dll  (318c5b5cd1e32df3f19d48bb5516574b)

0 / 68
windgdo.dll  (a9805adb3165c9d808863eab1b6e66fa)

0 / 68
windgdo.dll  (0c7456c17ac8a4790f05c685e8ffafb2)

24 / 68    (PUP)
windgdotmp_9627  (38566000b51d4dc6cc411c5ab31536cf)

3 / 68      (PUP)
windgdoc.exe  (fc12bc396cc7511a5fc0bae15e075c73)

3 / 68      (PUP)
windv1c.exe  (92d86c485e513c827ff5d17923c7952b)

3 / 68      (PUP)
windgdoc.exe  (13ee3e6318b6bb2dc5dca36e0ea61bc9)

1 / 68      (Malware)
windv1j.dll  (23c18d21793033c792046fa6132bdaf5)

1 / 68      (Malware)
windgdoj.dll  (9c769ef4851593c370c34e0ce6997250)

3 / 68      (PUP)
windv1c.exe  (a4ed17f7fe91914825c0ffa5ca1d01b9)

1 / 68      (Malware)
setup_wdg.exe  (f84e22c6e406ab00d621a2b5f05dd652)

12 / 68    (PUP)
setup_wdv1up.exe  (c4cd4bed0d44eeb27d889602731690cf)

1 / 68      (Malware)
setup_wdg.exe  (1db7469dcec210b0851e5c497166155e)

4 / 68      (inconclusive)
windv1j.dll  (a45501ae785039d93486fca881d489e9)

1 / 68      (Malware)
uninstall.exe  (d2f288fb33e3208af224b81d14e3878c)

13 / 68    (PUP)
windv1.dll  (eedff81dbbf4f50a827dd3c4c98e1dd8)

6 / 68      (PUP)
windv1u.exe  (3392d0105973805eb1987d72461af138)

13 / 68    (PUP)
windgdo.dll  (14567e323664e5ab428179252380178e)

4 / 68      (inconclusive)
windgdoj.dll  (6212b2e44e10718a251e083bf020c5a9)

8 / 68      (PUP)
windgdou.exe  (64c7a4843835d39e7ab98992e60243b6)

1 / 68      (Malware)
uninstall.exe  (9e94a6f16ded81d04710c3fb8af75d97)

5 / 68      (PUP)
windv1c.exe  (8a3b0832598bdf87c578f79efe09ee6a)

3 / 68      (PUP)
windgdoc.exe  (17d3e1750e49092a1ff897170fcdc582)

1 / 68      (Malware)
setup_wdg5up.exe  (b03a1173c5004c6401d977428426570d)

1 / 68      (Malware)
54033  (8b01562522007d406af2043595d53174)

1 / 68      (Malware)
23011.tmp  (fb1a8a2421559202a22a353b898f919f)

1 / 68      (Malware)
2301  (151228c3194080eb7c404b2cae32c2e6)

4 / 68      (PUP)
windgdo_uninstall.exe  (4be368b3c0a0e8fc82daedfc909ccc2a)

 
Latest 30 of 46 files

Downloads URLs for files signed by 아이비엔 (IBN).

13 / 68    (PUP)
http://down.windv1.com/.../windv1.dll  (windv1.dll)

1 / 68      (Malware)
http://down.windv1.com/.../uninstall.exe  (d2f288fb33e3208af224b81d14e3878c)

6 / 68      (PUP)
http://down.windv1.com/.../windv1u.exe  (3392d0105973805eb1987d72461af138)

1 / 68      (Malware)
http://down.windv1.com/.../windv1j.dll  (windv1j.dll)

3 / 68      (PUP)
http://down.windv1.com/.../windv1c.exe  (92d86c485e513c827ff5d17923c7952b)

1 / 68      (Malware)
http://down.windgdo.com/.../uninstall.exe  (9e94a6f16ded81d04710c3fb8af75d97)

8 / 68      (PUP)
http://down.windgdo.com/.../windgdou.exe  (64c7a4843835d39e7ab98992e60243b6)

1 / 68      (Malware)
http://down.windgdo.com/.../windgdoj.dll  (windgdoj.dll)

13 / 68    (PUP)
http://down.windgdo.com/.../windgdo.dll  (windgdo.dll)

4 / 68      (inconclusive)
http://down.windgdo.com/.../windgdoj.dll  (windgdoj.dll)

1 / 68      (Malware)
http://down.windgdo.com/wdg3/.../windgdo.dll  (windgdo.dll)

6 / 68      (PUP)
http://down.windgdo.com/wdg3/.../windgdo.dll  (windgdotmp_1367)

10 / 68    (PUP)
http://down.windgdo.com/.../uninstall.exe  (df2e98e153900821e20cdc0be414d94d)

1 / 68      (Malware)
http://down.windgdo.com/wdg3/.../windgdoj.dll  (windgdoj.dll)

13 / 68    (PUP)
http://down.windgdo.com/wdg3/.../windgdoc.exe  (9b89b1cb477f34be09effd4aaa19b332)

The following websites host and distribute files published by 아이비엔 (IBN).

down.windgdo.com

The following publishers (by Authenticode signature organization name) are related.

winsys

* Note, the details and description above are based on the code signing digital signature issued to 아이비엔 (IBN) by thawte, Inc. on October 08, 2015 with the serial number '4166f57fe9d68663f57a34ae0e960e6a'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.