home

SIAD

Publisher Information

SIAD is a software publisher located in Kangnam-gu, Seoul in Korea*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
8/1/2012 9:00:00 AM

Valid to:
8/2/2013 8:59:59 AM

Subject:
CN=SIAD, O=SIAD, L=Kangnam-gu, S=SEOUL, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
67ea27332727640170a0539a5745d745

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.SIAD (M), PUP.SIAD.Installer (M), PUP (M)
92.00%

Kaspersky
not-a-virus:AdWare.Win32.Kraddare
10.00%

Bkav FE
W32.Clod123.Trojan, W32.Clodf5d.Trojan, W32.HfsAdware, W32.Clod55d.Trojan
8.00%

avast!
Win32:PUP-gen [PUP], NSIS:Malware-gen [Trj], Other:PUP-gen [PUP]
8.00%

VIPRE Antivirus
Backdoor.Win32.Ircbot.gen, Trojan.Win32.Generic
6.00%

Avira AntiVirus
TR/Spy.887344, TR/Agent.232176
6.00%

G Data
Gen:Trojan.Heur.2yXa40aWcxdG, Win32.Trojan.Agent.8H7BIH, Win32.Trojan.Agent.86GN1W
6.00%

AhnLab V3 Security
PUP/Win32.Kwinstart, Win-PUP/Helper.Kwinstart.232176, Win-PUP/Helper.Kwinstart.232176.B
6.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
6.00%

IKARUS anti.virus
Trojan.Win32.Spy, not-a-virus:AdWare.Win32.Kraddare
4.00%

1 / 68      (Malware)
setup_jamong_silent.exe  (f7e1df4c9c0a0964589ac90c5b743425)

1 / 68      (Malware)
setup.exe  (ebee8cbb49d8049aad228e3e3e3a695b)

1 / 68      (Malware)
kwinso.exe  (ae4a28ed67038b81a0afb67790390d04)

1 / 68      (Malware)
setup.exe  (420bbb6182ad26c68f67bb44c9e711e3)

1 / 68      (Malware)
setup2.exe  (b94cbcd622fc5689408f3b009430c7cc)

1 / 68      (Malware)
setup.exe  (68cdb1df41ae75000b8b97fb6e349abc)

1 / 68      (Malware)
linkdoumivb.dll  (a51fbdbdd56600d6cd10d8becbf402ca)

1 / 68      (Malware)
wlivep.dll  (1d340caee4f52a257ad4a891e8c40d69)

1 / 68      (Malware)
iestt.dll  (48c03cc53970dba88c1230ccd40c35a4)

1 / 68      (Malware)
kwinso.dll  (4cab223f8fe1a190fd25d2d9c5e07807)

1 / 68      (Malware)
iestt_uninstall.exe  (547b87a56b6cddcddbcff6dc7f045aa0)

1 / 68      (Malware)
iestartvb.dll  (d3769a72596b9236db4b8532ead6b0c2)

1 / 68      (Malware)
iestartv.exe  (ffbc375c43c5dfd0a26475c7339f80e5)

1 / 68      (Malware)
iestart.exe (IESTART)  (07fdfbcabc649a814294eba64b390562)

1 / 68      (Malware)
setup.exe  (ab6b6804879081d194ecffcaee0e537c)

1 / 68      (Malware)
kwinstartagent.exe  (35bc44b547ef5cc1837de313be005701)

1 / 68      (Malware)
iestt_uninstall.exe  (c0545740e650082d8aa444f8ac1bef26)

1 / 68      (Malware)
wlivep.dll  (7095ea60f748741b691c5fa5b234406c)

1 / 68      (Malware)
wlivep.dll  (1e87e0855c8241bc6581b2639957b1d5)

1 / 68      (Malware)
iestartv.exe  (62fbe315b4c70134dbfc649989f45f4d)

1 / 68      (Malware)
iestartagent.exe  (807a4019af470d9ea92e85032e5ed625)

1 / 68      (Malware)
iestart.exe  (5baaa0a3bb3535ca1ae5185cfba25bfa)

1 / 68      (Malware)
iestt.exe  (a15d8904828e5439bec12c7bb0a4b70a)

1 / 68      (Malware)
kwinso_uninstall.exe  (e5de0d3f8d7f6f3a2a4822792a0c6d32)

1 / 68      (PUP)
kwinso_uninstall.exe  (ce28b1fd4d5968b706fcbd8de8d5a5ba)

1 / 68      (PUP)
wlivep.dll  (c9ed4c5fd40e367f70800922df697a8d)

1 / 68      (PUP)
uninstall.exe  (cab47f8e4cef00fc35d8a7d6c9770d15)

1 / 68      (PUP)
kwinstartagent.exe  (15d59ab0a90596ae6ca01ce5cadde6a3)

1 / 68      (PUP)
kwinstartagent.exe  (f0625aa0a70522a3a1fdfa79b24c8160)

1 / 68      (PUP)
kwinstart.exe  (fa61125a7f48f192f2eef93a160b723c)

 
Latest 30 of 55 files

The certificates below are also signed by SIAD.

746E3FB5BDC7FC48081092F38968826B  (Oct 30, 2014 to Oct 30, 2016)

3B7192356B8F6D522CB98EA56A4E5D26  (Aug 01, 2013 to Sep 01, 2014)

381CE30ED8472A4E13661E6BC55432C5  (May 30, 2011 to May 30, 2012)

* Note, the details and description above are based on the code signing digital signature issued to SIAD by Thawte, Inc. on August 01, 2012 with the serial number '67ea27332727640170a0539a5745d745'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.