Vlad Zemyn

Publisher Information

Vlad Zemyn is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Vlad Zemyn is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Vlad Zemyn are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Authority:
COMODO CA Limited

Valid from:
9/27/2013 7:00:00 AM

Valid to:
9/28/2014 6:59:59 AM

Subject:
CN=Vlad Zemyn, O=Vlad Zemyn, STREET=Oboronnaya 43, L=Kiev, S=Kiev, PostalCode=03110, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00fa2e3fcb8e83b20759399f7e1d9549ee

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.VladZemyn.L, PUP.Installer.VladZemyn.J, PUP.Installer.VladZemyn.K, PUP.VladZemyn.H, PUP.WebPick.VladZemyn, PUP.WebPick.Bundler, PUP.WebPick.VladZemyn.Bundler (M), PUP.WebPick.VladZemyn (M)
100.00%

Sophos
Preload, PUA 'Preload' (of type Adware)
36.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Dropper.101, Gen:Variant.Application.ExqPage
34.00%

VIPRE Antivirus
Threat.4150696
34.00%

F-Prot
W32/Preloader.B2.gen
34.00%

Dr.Web
Trojan.Crossrider.18
34.00%

avast!
Win32:InstMonetizer-I [PUP]
34.00%

AVG
Adware Generic5.AJZP
34.00%

MicroWorld eScan
Gen:Variant.Adware.Dropper.101, Gen:Variant.Application.ExqPage.4
34.00%

Quick Heal
AdWare.MegaSearch.r5 (Not a Virus)
34.00%

1 / 68      (Adware)
ytab_setup.exe  (b6c21598947fd4414487e123e3c3fffb)

1 / 68      (Adware)
ext_setup.exe  (7dbe12d8437c662b21150b148c774602)

1 / 68      (Adware)
ext_setup.exe  (ed7575985ceae9288807747e4690e1f9)

1 / 68      (Adware)
ytab_setup.exe  (1c3d76c4d580ebaf8d126429faf054e5)

1 / 68      (Adware)
newtab_setup.exe  (5f33763ba163ecd78b49f1265cd05d82)

1 / 68      (Adware)
ytab_setup.exe  (15102ddc8b6d1e791d8504dbf0c84738)

1 / 68      (Adware)
ext_setup.exe  (64a3a364b19d4c80f408e2601e7032f4)

1 / 68      (Adware)
extie_setup.exe  (176825fc1ea5eddded2d93884f6cf743)

1 / 68      (Adware)
vaudix_extension.exe  (d6e4291bd398acd8234eb52125c1c258)

1 / 68      (Adware)
newtab_setup.exe  (543cfc99f26a3e87d05c30a84bcd4809)

1 / 68      (Adware)
ytab_setup.exe  (2e6454c19fe02dfe05a89fd2bf6be10a)

1 / 68      (Adware)
ext_setup.exe  (e0c90ba1c25aa4a1d55c951565ba76c8)

1 / 68      (Adware)
extie_setup.exe  (70fa5b3ffa89e98e2ec28b44f8b3e2bb)

1 / 68      (Adware)
ytab_setup.exe  (d7aff6f63fb0e1ae7ca2ca2b85dad3d4)

1 / 68      (Adware)
ext_setup.exe  (01234474d35bd381d42d1a62a1d59c12)

1 / 68      (Adware)
extie_setup.exe  (e9c68ee0409bd8cdddfc9f6ae3afa944)

1 / 68      (Adware)
kysktv0ar.exe  (657803f17ebdcccc4fbdc01d0e2e59b0)

1 / 68      (Adware)
rfywxy3.exe  (f7387ff5a635f918b0193785ceaeb4d1)

1 / 68      (Adware)
pwvusz.exe  (c3d1a4d0a47d3fc352fc7f7f5ae89dae)

1 / 68      (Adware)
sty.exe  (d543f3d5eb21425f75996e272bfd9836)

1 / 68      (Adware)
ytab_setup.exe  (9d2db0cdd05af16902a9edefdaabc9b8)

1 / 68      (Adware)
newtab_setup.exe  (577ba82305d9888ae38028d52f4cb67f)

1 / 68      (Adware)
ext_setup.exe  (49d5a9ede6541a1f4afed9e8402efdda)

1 / 68      (Adware)
extie_setup.exe  (3d4d147f1b821c7993afb64db32395d4)

1 / 68      (Adware)
ytab_setup.exe  (34aaea29525cefbc2dc238533535ca8b)

1 / 68      (Adware)
newtab_setup.exe  (998d6d6a4f80ee07793050f393bc91e4)

1 / 68      (Adware)
ext_setup.exe  (a34d752b9d6fd63d4e8f6d8ecedaf0ec)

1 / 68      (Adware)
extie_setup.exe  (e9614661b5388625bcd3812be66fb01e)

1 / 68      (Adware)
ytab_setup.exe  (f7c78d83324cc0b4656633e027802062)

1 / 68      (Adware)
ext_setup.exe  (1be2bf4b501162b01b4a607e82bf0691)

 
Latest 30 of 104 files

* Note, the details and description above are based on the code signing digital signature issued to Vlad Zemyn by COMODO CA Limited on September 27, 2013 with the serial number '00fa2e3fcb8e83b20759399f7e1d9549ee'.