home

Eran Vaterfeld

Publisher Information

Eran Vaterfeld is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Eran Vaterfeld is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Eran Vaterfeld are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Authority:
COMODO CA Limited

Valid from:
7/10/2013 2:00:00 AM

Valid to:
7/11/2014 1:59:59 AM

Subject:
CN=Eran Vaterfeld, O=Eran Vaterfeld, STREET=Shtruk 15, L=Tel Aviv, S=Tel Aviv, PostalCode=64042, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00cf0201f072612c73f4f11fe23420b802

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware (M), PUP.WebPick (M)
100.00%

1 / 68      (Adware)
download.exe (SummerSoft)  (cce8a7f85876c1505bf3db0e764564f8)

1 / 68      (Adware)
download.exe (SummerSoft)  (ec64f3783b366e68e0a8441ff9d8d730)

1 / 68      (Adware)
setupespl.exe (existing actual by important recovery use four)  (8bc362acd72e24349c23a845bb8c3bd9)

1 / 68      (Adware)
setupespl.exe (existing actual by important recovery use four)  (197194b5c5e082dd65a1d82690c6e7e7)

1 / 68      (Adware)
extie_setup.exe (existing actual by important recovery use four)  (acd4edbe4eef31d23f3d14846429be5e)

1 / 68      (Adware)
+xyxdoxh.exe (StarApp)  (295525e77694f5d1ee3ef5ed2b36945a)

1 / 68      (Adware)
setupytb.exe (by profiler heart of software The)  (7acdb5025027e6cefb3cf335de5a74e0)

1 / 68      (Adware)
setupespl.exe (by profiler heart of software The)  (ff99416fd3a096269599331b230aae01)

1 / 68      (Adware)
setupbc.exe (by profiler heart of software The)  (a1ca3a3c376d2c5c34ee0523153d8b3a)

1 / 68      (Adware)
download.exe (SummerSoft)  (d2ea661b6ed081645e9f76f12267b87f)

1 / 68      (Adware)
00000000 (SummerSoft)  (6473c6bf9bb874b44af7b6b965e6ec77)

1 / 68      (Adware)
setupytb.exe (software by to generous of)  (b7aa36f9f16e157faed781b56cb390a3)

1 / 68      (Adware)
setuplh.exe (software by to generous of)  (b2d8d5638a3206886f527b625f387b2c)

1 / 68      (Adware)
setupespl.exe (software by to generous of)  (f8283eca9b0d532dbd797c92ba1365d2)

1 / 68      (Adware)
setupbc.exe (software by to generous of)  (376739c39b59af40c8c46cb3a63429cb)

1 / 68      (Adware)
setupytb.exe (disks between by security)  (d988e56eaa9880d81dc590a1112fa812)

1 / 68      (Adware)
setupespl.exe (disks between by security)  (27e5c9db0e8d0358162032643ad1750f)

1 / 68      (Adware)
setupbc.exe (disks between by security)  (8d7866980c53d0177551965c592c9138)

1 / 68      (Adware)
extie_setup.exe (disks between by security)  (2f8041cea02d96228020677ac9966c61)

1 / 68      (Adware)
setupespl.exe (disks between by security)  (99e495467410460622ca2b4b042e28e8)

1 / 68      (Adware)
download.exe (SummerSoft)  (ac3dd66f40bea28befd0c5e3efa76d28)

1 / 68      (Adware)
294823_.exe (modifying are channel either by Data)  (115126f2dc187eca83624ce5be9f39e2)

1 / 68      (Adware)
cartouche.exe (SummerSoft)  (0790c165545e28923de8fefc8340dba4)

1 / 68      (Adware)
setupnt.exe (information by DBMS)  (cffc6bbc58cde358e091304b51864052)

1 / 68      (Adware)
setuplh.exe (information by DBMS)  (035c80f2c1e24357127a2ac0b5472d05)

1 / 68      (Adware)
setupespl.exe (information by DBMS)  (8ff4014742742ad060d7d017a0e0a36b)

1 / 68      (Adware)
setupnt.exe (information by DBMS)  (7838266726b6675dd29b59e7db3f907d)

1 / 68      (Adware)
setuplh.exe (information by DBMS)  (73f34fdb245b53c99542d93351a9615a)

1 / 68      (Adware)
setupespl.exe (information by DBMS)  (8b11a28651ca03ab6fb2e7f4d59c85e0)

1 / 68      (Adware)
setupespl.exe (by profiler heart of software The)  (ddcb7b2c5d7c2cb2cec183b07358795f)

 
Latest 30 of 16,178 files

Downloads URLs for files signed by Eran Vaterfeld.

1 / 68      (Adware)
http://lp.ezdownloadpro.info/.../Frank Wood's Business Accounting 1.exe  (d52a97565db2713bee541277603168e0)

The following publishers (by Authenticode signature organization name) are related.

Shlomy Golani

Artur Kozak

Eli Dahan

Ivan Kostin

Arie Azulay

Shlomo Dayan

* Note, the details and description above are based on the code signing digital signature issued to Eran Vaterfeld by COMODO CA Limited on July 10, 2013 with the serial number '00cf0201f072612c73f4f11fe23420b802'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.