Webteh d.o.o.

Publisher Information

Webteh d.o.o. is a software developer located in Ljubljana, Slovenia*. The publisher primarily developes software that can be classified as adware. Thre are 2 additional code signing certificates issued to this publisher.
Remove Webteh d.o.o. Malware - Powered by Reason Core Security
Authority:
GlobalSign nv-sa

Valid from:
2/22/2010 12:04:30 PM

Valid to:
2/23/2011 12:04:25 PM

Subject:
E=info@webteh.com, CN=Webteh d.o.o., O=Webteh d.o.o., L=Ljubljana, S=Ljubljana, C=SI

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
01000000000126f57653a8

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Webtehdoo.U, PUP.Webtehdoo.M, PUP.Installer.Webtehdoo.F, PUP.Webtehdoo.T, PUP.Webtehdoo.V, PUP.Webtehdoo.J, PUP.Installer.Webtehdoo.R, PUP.Webtehdoo.Installer (M)
100.00%

ESET NOD32
Win32/Toolbar.Conduit (variant), Win32/Toolbar.Conduit.B potentially unwanted (variant)
41.67%

Panda Antivirus
Adware/Conduit, PUP/Conduit.A
33.33%

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
20.83%

Dr.Web
Adware.Conduit.37, Adware.Conduit.35, Adware.Conduit.299
16.67%

Trend Micro House Call
TROJ_GE.D188D989, Suspicious_GEN.F47V047, TROJ_GEN.F47V0606
12.50%

McAfee
Artemis!DE88A78DDB00
4.17%

McAfee Web Gateway
Artemis!DE88A78DDB00
4.17%

F-Prot
W32/Conduit.A.gen
4.17%

G Data
Win32.Adware.Conduit
4.17%

1 / 68      (PUP)
bsplayer_pro253.1033.exe  (c4273a8b77d95483c2de5a6d535fea3d)

1 / 68      (PUP)
bsplayer pro 2.57 build 1045 beta.exe  (d295d735b20ca8f458a1eec6e917a9d6)

1 / 68      (PUP)
bsplayer 253.1034 clip.exe  (b7f224b0f9088da27b293a2907be0f06)

4 / 68      (PUP)
bsplayer252.1031_clip.exe  (e0d67ee08c2f9cae8ee4c5ccf66b08fb)

6 / 68      (PUP)
bsplayer257.1049_clip.exe  (e19d57b5e41bf4387308ce30b93430ef)

1 / 68      (PUP)
bsplayer pro 2.56 build 1043.exe  (9cca6280a28ee602e51af7a4ceec4312)

1 / 68      (PUP)
bsplayer_pro257.1049.exe  (61472703d03c04d3429445601a474b63)

2 / 68      (PUP)
bsplayer_pro252.1030.exe  (d24f590eda78d67de2005e7aa79212b8)

1 / 68      (PUP)
bsplayer_pro253.1034.exe  (4f6d3b938f18b8efb9dfe1fde97f6774)

1 / 68      (PUP)
bsplayer_setupnew.exe  (434524f99704f6b14a81d2fd7e789695)

1 / 68      (PUP)
bs-player.exe  (f53f9edbd71ae0cc4eb8103312039e56)

4 / 68      (PUP)
bsplayer257.1048_clip.exe  (fe9ca903ce0e7508c0185c6eeafe472c)

4 / 68      (PUP)
bsplayer255.1042_clip.exe  (00f15437929e61a1e85f9aca224cbc70)

4 / 68      (PUP)
bsplayer257.1051_clip.exe  (26a350448a46f6e9219e89f63536209f)

1 / 68      (PUP)
bsplayer257.1051_video.exe  (a44951a3e586c0df6d6c559a8a84a8e9)

5 / 68      (PUP)
bsplayer256.1043_clip.exe  (de5dbdb756af55afbdc2dfe0b3cc0c9c)

2 / 68      (PUP)
bsplayer_pro257.1048.exe  (9c00774a6aa690f25c640ee5d28cebd3)

4 / 68      (PUP)
setup.exe  (de88a78ddb00c67e2abb5eb696af7088)

3 / 68      (PUP)
bsplayer253.1033_clip.exe  (f473caa8ef1b822cc6423ca45e36aa82)

4 / 68      (PUP)
bsplayer253.1034_clip.exe  (5dec40ca3ed712e4a7aa9f56a45d837d)

4 / 68      (PUP)
bsplayer257.1051_clip.exe  (8a038ac07a1258448cf884504a0feac1)

1 / 68      (PUP)
codecmanager.exe (by BST)  (acf053e48f08ccebee5cf6a64e75786d)

1 / 68      (PUP)
codecmanager.exe (by BST)  (1a8e331c4cbb0b6f12c776811c94acca)

3 / 68      (PUP)
bsplayer256.1043_clip.exe  (a1495110dd8e0153e3ea12d9c17256d0)

Downloads URLs for files signed by Webteh d.o.o..

5 / 68      (PUP)

4 / 68      (PUP)

4 / 68      (PUP)

4 / 68      (PUP)

4 / 68      (PUP)
http://www.go4it.ro/.../8037592  (bsplayer257.1051_clip.exe)

3 / 68      (PUP)

4 / 68      (PUP)

4 / 68      (PUP)
http://files.letoltes.com/.../bsplayer257.1051_clip.exe  (8a038ac07a1258448cf884504a0feac1)

The following websites host and distribute files published by Webteh d.o.o..

The certificates below are also signed by Webteh d.o.o..

0100000000011EDA9C57B7  (Jan 15, 2009 to Jan 15, 2010)

0100000000010FED735D2F  (Jan 04, 2007 to Jan 04, 2009)

The following publishers (by Authenticode signature organization name) are related.

Remove Webteh d.o.o. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Webteh d.o.o. by GlobalSign nv-sa on February 22, 2010 with the serial number '01000000000126f57653a8'.