home

WEB PICK - INTERNET HOLDINGS LTD

Publisher Information

WEB PICK - INTERNET HOLDINGS LTD is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. WebPick Internet Holding run by Nadav Brandstater is an ad-supported web browser extension developer that distributes potentially unwanted adware using the company's InstalleRex and File Product monitziation platforms. WebPick works with and operates a number of its sub-entities to distrubute its wares like DownloadSaver, GreatSaver, DownloadKeeper through Just Plug It. By all accounts, WebPick adware falls more on the spyware side of badware as its plugins monitors users web browser activity. Web-Pick has 80 employees based in Tel-Aviv, Israel and an additional 20 in its dev' center in Europe. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
3/22/2011 9:00:00 PM

Valid to:
3/22/2012 8:59:59 PM

Subject:
CN=WEB PICK - INTERNET HOLDINGS LTD, O=WEB PICK - INTERNET HOLDINGS LTD, L=Ramat Hasharon, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5eac6de3d7e9f2dd8e3eda0b72c306ca

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WebPick (M), PUP.WebPick.Installer
100.00%

1 / 68      (Adware)
walter-disney font.exe (Setup by Premium)  (334ad17da391f80b96741b14a1e424f9)

1 / 68      (Adware)
setup.exe (Setup by Premium)  (aee1a79d67efe53c93024ffdccfa9d57)

1 / 68      (Adware)
walter-disney font.exe (Setup by Premium)  (d48978710a75c9766b387481c9f7c4b5)

1 / 68      (Adware)
walt-disney-script font.exe (Setup by Premium)  (05111bc384c8027d68779f06e07a421c)

1 / 68      (Adware)
bflix.exe (Setup by Premium)  (ecf8378effec19d013e1174477cdf69d)

1 / 68      (Adware)
the-mask font.exe (Setup by Premium)  (36bd0b61abc3cfa5dd2e4766f1afb60f)

1 / 68      (Adware)
shrek font.exe (Setup by Premium)  (c90d9e52a6f2bce9d1f2904233c1ccaf)

1 / 68      (Adware)
{blocked}.exe (Setup by Premium)  (c8c2ea0321d6100f8bb0a2f713bf839f)

1 / 68      (Adware)
cinderella font.exe (Setup by Premium)  (8389e3c427b3b5d7675131efde7eab2e)

1 / 68      (Adware)
chicken-scratch font.exe (Setup by Premium)  (65c154590a47e215a056df084e157408)

1 / 68      (Adware)
aerosmith font.exe (Setup by Premium)  (aab15a32b2e8a389cf8587de1d9639d0)

1 / 68      (Adware)
2yourface.exe (Setup by Premium)  (eb862f79730d72684ce208884a3708e7)

1 / 68      (Adware)
bflix.exe (Setup by Premium)  (e11af64c582cf14e1800e8256e268649)

1 / 68      (Adware)
architext-bold font.exe (Setup by Premium)  (505da5c58b11e4083a455a84f8473ac7)

1 / 68      (Adware)
architext font.exe (Setup by Premium)  (5313ba07d5e8afa074c8a21ff6e9c7f1)

1 / 68      (Adware)
architext font.exe (Setup by Premium)  (767223bc757124e7281cd8d6650d958a)

1 / 68      (Adware)
advocut font.exe (Setup by Premium)  (9528b47619ea0d21ce066d72b910c4b0)

1 / 68      (Adware)
dragonwick font.exe (Setup by Premium)  (940528ec6f41824f308c19619623c8e1)

1 / 68      (Adware)
fiolex-girl_font.exe (Setup by Premium)  (b11d5e20302c16df198ecc24ca4442cb)

1 / 68      (Adware)
automatica-brk font.exe (Setup by Premium)  (6fd04997cc2b11c09cf04428a6d60af2)

1 / 68      (Adware)
arbuckleremix font.exe (Setup by Premium)  (cdc543d6da77d7b060428e8776508dba)

1 / 68      (Adware)
advert font.exe (Setup by Premium)  (a49213914113b2f2b4b698189cc80e9e)

1 / 68      (Adware)
daemon tools.exe (Setup by Premium)  (82cc760ac88deb372982ce692597a444)

1 / 68      (Adware)
a-charming-font-expanded font.exe (Setup by Premium)  (79e61f50abc9265716038765e3a9ce8b)

1 / 68      (Adware)
facecons.exe (Setup by Premium)  (07d1919602cb60e6759169068968fc68)

1 / 68      (Adware)
bflixinstaller.exe (BflixInstaller by Premium)  (0ba100a4d0ab0162bb2ecb9928604c6a)

1 / 68      (Adware)
actionis font.exe (Setup by Premium)  (f9cd1070298238d3ea5f59f8743343a7)

1 / 68      (Adware)
actionis font.exe (Setup by Premium)  (436d3f99dca9b68b3b39a96d7a35069b)

1 / 68      (Adware)
actionis font.exe (Setup by Premium)  (7163473cecf07ff5da198820acd22896)

1 / 68      (Adware)
bubble shooter.exe (Setup by Premium)  (d473cbff12cb5ea0b91008a45f065b75)

 
Latest 30 of 286 files

Downloads URLs for files signed by WEB PICK - INTERNET HOLDINGS LTD.

1 / 68      (Adware)
http://www.premiumsoft.info/.../  (bflix.exe)

1 / 68      (Adware)
http://www.premiumsave.info/v42/?product_name=Dragonwick Font&product_title=Dragonwick Font&installer_file_name=Dragonwick Font&product_file_name=Dragonwick.zip&product_download_url=http://.../archivos/zipTTF/Dragonwick.zip&product_image_url=http://.../instal_font.bmp&product_image_file_name=instal_font.bmp  (dragonwick font.exe)

1 / 68      (Adware)
http://www.premiumsave.info/v42/?product_name=Actionis Font&product_title=Actionis Font&installer_file_name=Actionis Font&product_file_name=Actionis.zip&product_download_url=http://.../archivos/zipTTF/Actionis.zip&product_image_url=http://.../instal_font.bmp&product_image_file_name=instal_font.bmp  (actionis font.exe)

1 / 68      (Adware)
http://www.premiumsave.info/v42/?product_name=Transformers Font&product_title=Transformers Font&installer_file_name=Transformers Font&product_file_name=Transformers.zip&product_download_url=http://.../archivos/zipTTF/Transformers.zip&product_image_url=http://.../instal_font.bmp&product_image_file_name=instal_font.bmp  (transformers font.exe)

Top-level domains owned by WEB PICK - INTERNET HOLDINGS LTD.

installerex.com

web-pick.com

storebox1.info

toolkitfreefast.com

surfandkeep.info

downloadkeeper.info

greatsaver.info

ytbookmarks.info

weekapp.net

optonthing.info

magnipic.info

savebyclick.info

download-n-save.com

allpremiumsoft.com

easylifeapp.com

takeinstalleraddon.info

take-the-file.info

placefordownloads.info

getmonitized.com

addoncommon.info

ezdownloadpro.info

getapplicationmy.info

websavers.info

34stateshare.com

continuetosave.info

saveneto.info

stylezip.info

reportbox3.info

The certificates below are also signed by WEB PICK - INTERNET HOLDINGS LTD.

3A2CC4F26C8E3CCEC344182538F0AF2D  (Aug 04, 2013 to Aug 25, 2015)

4FA5BF44DCE698E1696C79DDC43E5535  (Feb 27, 2013 to Mar 22, 2014)

69BA3E5E7FA6543891BD41AC3F494F15  (Feb 25, 2012 to Mar 23, 2013)

The following publishers (by Authenticode signature organization name) are related.

Ivan Kostin

Artur Kozak

Shlomy Golani

Moshe Caspi

Roman Malinenko

Nadav Kashtan

Natan Risman

Artur Semanin

Arie Azulay

Moshe Karaso

Shlomo Dayan

Rafael Leviev

Yakov Cohen

Lior Sela

Pavel KRASNOV

Itzhak Shternberg

Artua Vladislav

Daniel Hareuveni

Roadpass Trading Ltd.

Avi Podavsky

* Note, the details and description above are based on the code signing digital signature issued to WEB PICK - INTERNET HOLDINGS LTD by Thawte, Inc. on March 22, 2011 with the serial number '5eac6de3d7e9f2dd8e3eda0b72c306ca'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.