home

I-tree

Publisher Information

I-tree is a software publisher located in GyangJuSi, Gyeonggi-Do in Korea*.
Authority:
Thawte, Inc.

Valid from:
6/1/2012 9:00:00 AM

Valid to:
6/2/2013 8:59:59 AM

Subject:
CN=I-tree, O=I-tree, L=GyangJuSi, S=GyeongGi-do, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7337af43cf80de04a166d93aa7a70abe

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, PUP.InstallCore.CSH (L)
52.94%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, TrojanClicker.Agent
35.29%

avast!
Win32:PUP-gen [PUP], Win32:Malware-gen, Win32:Downloader-QSI [Trj]
29.41%

AVG
Skodna.Generic, Adware Skodna.Generic.YX
29.41%

Comodo Security
UnclassifiedMalware
23.53%

Avira AntiVirus
Adware/Kraddare.CG, TR/PSW.Banker.668152.b, TR/Dldr.Agent.658408, ADWARE/Kraddare.CG
23.53%

AhnLab V3 Security
PUP/Win32.WinBioTools, Win-PUP/Helper.RDplay.658408
23.53%

ESET NOD32
Win32/Adware.Kraddare.EV, probably unknown NewHeur_PE
23.53%

McAfee
Artemis!4068E6BE36C0, Artemis!67530E714E2F, Artemis!8985FB9DA382, Program.Artemis!0641412CD721
23.53%

Malwarebytes
Adware.Kraddare, Rogue.ComputerOptimize
17.65%

0 / 68
winbiotools_setup_07.exe (by WinbioTools)  (8eabf8299afdcfd06803948cb7e0aa00)

1 / 68      (PUP)
rundownplay_setup_10.exe (rundownplay by RunDownPlay)  (337748e7dc9e99031d2b2488f0408761)

1 / 68      (PUP)
winbiotools_setup_21.exe (WinbioTools by WinbioTools)  (060d4ae2114cfaf5f04debdb17431915)

0 / 68
computeroptimize_up.exe  (fde5d69134b8fc4e0d21528a462afda0)

0 / 68
computeroptimize.exe  (20f6c77962f5e99a010fdecb23fa8fd5)

1 / 68      (PUP)
winbiotools_setup_20.exe (WinbioTools by WinbioTools)  (bfbaafb55c19646cd235afdb02eccfb0)

1 / 68      (Malware)
winfree.exe  (23e06704a7fca4e387d2dc8ddc9af70e)

0 / 68
winbio_v3.dll  (f95b9033ef10943665ce931910c87004)

0 / 68
winbio.exe (TrueUpdate Client by Indigo Rose)  (d57ad214dfb14a775070df22a0e8bd40)

0 / 68
sqlite3.dll  (1052fcfb630c85a40f0feafa9d9af960)

0 / 68
winbiotools_setup_25.exe (WinbioTools by WinbioTools)  (afc5424c8e3e0f54926a8bc6f14e2c3d)

0 / 68
winbiotools_setup_23.exe (WinbioTools by WinbioTools)  (28ff59651905f99cebd2cf6df6e1cd1a)

0 / 68
winbiotools_setup_16.exe (WinbioTools by WinbioTools)  (0325f453b7320c1122f0ba8c73281f2a)

0 / 68
winbiotools_setup_12.exe (WinbioTools by WinbioTools)  (970e935d3113e090d1a09f15af10f436)

1 / 68      (Malware)
clear.exe  (7e049786efd483af2fae9748911f62b7)

1 / 68      (Malware)
clear.exe  (b0f5fe6a8eabbf87ba70e2ae5983b48e)

0 / 68
winbiotools_setup_24.exe (WinbioTools by WinbioTools)  (c9a087554f3c45a0f880190ed25be9b8)

0 / 68
winbiotools_setup_20.exe (WinbioTools by WinbioTools)  (81fe947d18f9b36d62cec53eb83a5dc3)

0 / 68
winbiotools_setup_08.exe (WinbioTools by WinbioTools)  (7d9cc100e9d1b2c80e305fefc35336e5)

0 / 68
winbiotools_setup_06.exe (WinbioTools by WinbioTools)  (048fdfa53d12e310adf8832fbf104f5a)

0 / 68
winbiotools_setup_01.exe (WinbioTools by WinbioTools)  (1fbb40d57bebc0715fde64b8154bf49b)

1 / 68      (Malware)
winfree.exe  (483318d8617a152a86c3f89198fb7161)

0 / 68
winbio.exe (TrueUpdate Client by Indigo Rose)  (877c885667dee7af1adeb09a6a227ed2)

0 / 68
sqlite3.dll  (e5776b478046ecdf6ecf90877f753a9b)

4 / 68      (PUP)
winbiotools.exe  (0641412cd721a1bebf566f5a6237067b)

1 / 68      (Malware)
winfree.exe  (c02fedb150974144e13a43dd97f4a051)

0 / 68
winbio_v1.dll  (85e70d51befa8fc813be88028d136f1e)

0 / 68
winbio.exe (TrueUpdate Client by Indigo Rose)  (2f7899a7076ce709e8aed69d147f6417)

0 / 68
sqlite3.dll  (6399da39078de33d96cfd04414c4d69d)

12 / 68    (PUP)
winbiotools.exe  (8985fb9da382d0b83ae08d45c944aae8)

 
Latest 30 of 41 files

* Note, the details and description above are based on the code signing digital signature issued to I-tree by Thawte, Inc. on June 01, 2012 with the serial number '7337af43cf80de04a166d93aa7a70abe'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.