Yordan Damyanov

Publisher Information

Yordan Damyanov is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Yordan Damyanov is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Yordan Damyanov are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Authority:
COMODO CA Limited

Valid from:
10/7/2013 3:00:00 AM

Valid to:
10/8/2015 2:59:59 AM

Subject:
CN=Yordan Damyanov, O=Yordan Damyanov, STREET=19 Dobri Voinikov Str, L=Sofia, S=Sofia, PostalCode=1000, C=BG

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00feef0d77d0ac7e55d4e7707b384ac901

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.YordanDamyanov.B, PUP.YordanDamyanov.G, PUP.YordanDamyanov.K, PUP.YordanDamyanov.L, PUP.YordanDamyanov.I, PUP.WebPick, PUP.WebPick.YordanDamyanov, PUP.WebPick.Bundler, PUP.WebPick.YordanDamyanov (M), PUP.WebPick.YordanDamyanov.Bundler (M)
100.00%

MicroWorld eScan
Gen:Variant.Barys.2925, Gen:Variant.Zusy.113278, Gen:Variant.Zusy.113234, Gen:Variant.Zusy.91906, Gen:Variant.Adware.Graftor.149936, Trojan.GenericKD.1957092, Gen:Variant.Kazy.498279, Trojan.GenericKD.1759027, Dropped:Adware.Generic.598302, Gen:Variant.Adware.Graftor.141196
38.00%

G Data
Gen:Variant.Barys.2925, Gen:Variant.Zusy.113278, Gen:Variant.Zusy.113234, Gen:Variant.Zusy.91906, Gen:Variant.Adware.Graftor.149936
38.00%

Bitdefender
Gen:Variant.Barys.2925, Gen:Variant.Zusy.113278, Gen:Variant.Zusy.113234, Gen:Variant.Zusy.91906, Gen:Variant.Adware.Graftor.149936
36.00%

Emsisoft Anti-Malware
Gen:Variant.Barys.2925, Gen:Variant.Zusy.113278, Gen:Variant.Zusy.113234, Gen:Variant.Zusy.91906, Gen:Variant.Adware.Graftor.149936
36.00%

Avira AntiVirus
TR/Black.Gen2, Adware/Vonteera.rta, Adware/ExtCrome.704072, Adware/Agent.1953352, TR/Agent.1450568, TR/ATRAPS.Gen5, Adware/Graftor.141196.8, TR/Dropper.Gen
36.00%

avast!
Win32:Malware-gen, Win32:Adware-CAQ [Adw], Win32:Adware-gen [Adw], Win32:PUP-gen [PUP], NSIS:Malware-gen [Trj], Win32:Agent-ATYT [Trj]
34.00%

Sophos
Mal/VMProtBad-A, Vonteera, PUA 'Vonteera' (of type Adware)
32.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696, Backdoor.Win32.Ircbot.gen, Vonteera
32.00%

F-Secure
Gen:Variant.Barys.2925, Gen:Variant.Zusy.113278, Gen:Variant.Zusy.113234, Gen:Variant.Zusy.91906, Gen:Variant.Adware.Graftor.149936
30.00%

1 / 68      (Adware)
setup_2.exe  (c6817683a1f0d13c59335692e53589fc)

1 / 68      (Adware)
setup.exe  (300e36b4306cfcf4579513cdac104fbd)

1 / 68      (Adware)
somotosetup.exe  (adedab4cd0c637200f160d5c8cf156c2)

1 / 68      (Adware)
matom25001100vti.exe  (3531d2951386d6f8092436acc207edc2)

1 / 68      (Adware)
setup_2.exe  (b24e5be5a2c77132be3c8ebf8c26c08d)

1 / 68      (Adware)
setup.exe  (5a364ce1bd8724fcdb16bda3540da0fb)

4 / 68      (Adware)
Updater.exe (NoVooIT Updater by NoVooIT)  (ad1802b3f551db845372d75d1d6c7460)

1 / 68      (Adware)
Setup.exe  (a13aa566ad91c774bab0166a516fab72)

1 / 68      (Adware)
1.exe  (17a392f8ed3f05dcf2474fe32b81cd19)

1 / 68      (Adware)
fh2542.exe  (a920a4c83710f2fb4fc9effaee115702)

1 / 68      (Adware)
fhe091.exe  (ba019bb2c9445778bdc138f54ab7c10c)

1 / 68      (Adware)
fhee52.exe  (e3b53381c9eb704cd9acd81364467201)

1 / 68      (Adware)
fh4255.exe  (a91ea25cd40d9e7b64e550444b106836)

1 / 68      (Adware)
uninstall.exe  (6c7c4bf932bd5a633f8d7b87b245d30b)

1 / 68      (Adware)
state.exe  (42e19a94749bfa0cabcc090c6378771a)

1 / 68      (Adware)
office.exe  (5c114e99215603c2d223b597e98aff82)

1 / 68      (Adware)
fhf90f.exe  (1a780e75ce9868c6e9d97624186d7fd3)

1 / 68      (Adware)
fh4e3a.exe  (66f0d8bd44ff7874321a03a98d7a2e75)

1 / 68      (Adware)
setup.exe  (ea14df010be0fda1fbfbce96d03d3d58)

1 / 68      (Adware)
fh2b8f.exe  (fb076642988e50886f23bbad161fb1a2)

1 / 68      (Adware)
matom25001100.exe  (ca19eda54f4c58b13cff1d2698ce7272)

1 / 68      (Adware)
ecc3d4f1c.exe  (4f9b4bb1d3debe9c5b2ff4f4c01bea0f)

1 / 68      (Adware)
setup.exe  (dadf219fafdf3dac9e993e1fb0655b6e)

1 / 68      (Adware)
setup.exe  (ec7164e57ee6dba95b56ad9f74f8e72f)

5 / 68      (Adware)
uninstall.exe  (d9e7aa45e46de13e43e0d2432a21b064)

1 / 68      (Adware)
fhfbd9.exe  (4cc0e9b3ca1f0f8f5d56722146cfd9be)

1 / 68      (Adware)
setup.exe  (31752ad16b7f996af5101fddd395e1ad)

14 / 68    (Adware)
652a.exe  (5c6237431f6c58ae2d5ea6e9020cf7bd)

1 / 68      (Adware)
data.dll  (d323991c0cebe59b297f824e836b5d40)

40 / 68    (Adware)
9af7ee35d9.exe  (b1944d92cf33cacf68b46b40e5ac4594)

 
Latest 30 of 303 files

Downloads URLs for files signed by Yordan Damyanov.

1 / 68      (Adware)

The following websites host and distribute files published by Yordan Damyanov.

* Note, the details and description above are based on the code signing digital signature issued to Yordan Damyanov by COMODO CA Limited on October 07, 2013 with the serial number '00feef0d77d0ac7e55d4e7707b384ac901'.