home

Georgi Georgiev

Publisher Information

Georgi Georgiev is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Georgi Georgiev is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Georgi Georgiev are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Authority:
COMODO CA Limited

Valid from:
6/6/2014 3:00:00 AM

Valid to:
6/6/2016 2:59:59 AM

Subject:
CN=Georgi Georgiev, O=Georgi Georgiev, STREET="4 Petar Stoinov Str., Chelopechene", L=Sofia, S=Sofia, PostalCode=1617, C=BG

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
50e7161b35aefc4ca801c951bef0279a

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.GeorgiGeorgiev, PUP.Task.GeorgiGeorgiev, Threat.WebPick.GeorgiGeorgiev, PUP.WebPick.GeorgiGeorgiev (M), PUP.WebPick.GeorgiGe (M), PUP.WebPick.GeorgiGe.Installer (M), PUP.WebPick (M)
100.00%

Norman
VMProtect.W, Gen:Variant.Graftor.169316
50.00%

McAfee
Artemis!5416E3DAA148, Artemis!358C6493E798, Artemis!EF05AF860BF3, PUP-FSI, Artemis!4DEFECFFE80A, Artemis!F5F579FA7DB8, Artemis!4A3D5AA72396
48.00%

Fortinet FortiGate
W32/Farfli.IIP!tr.bdr, W32/Farfli.IIO!tr.bdr, Riskware/Vonteera, Riskware/PUP, W32/VMProtBad.A!tr, W32/Farfli.IOV!tr.bdr
48.00%

MicroWorld eScan
Gen:Variant.Jaik.4783, Trojan.GenericKD.2066131, Trojan.GenericKD.2083905, Gen:Variant.Graftor.169175, Gen:Variant.Graftor.169316, Gen:Variant.Zusy.113278
46.00%

Bitdefender
Gen:Variant.Jaik.4783, Trojan.GenericKD.2066131, Trojan.GenericKD.2083905, Gen:Variant.Graftor.169175, Gen:Variant.Graftor.169316
46.00%

Lavasoft Ad-Aware
Gen:Variant.Jaik.4783, Trojan.GenericKD.2066131, Trojan.GenericKD.2083905, Gen:Variant.Graftor.169175, Gen:Variant.Graftor.169316
46.00%

F-Secure
Gen:Variant.Jaik.4783, Trojan.GenericKD.2066131, Trojan.GenericKD.2083905, Gen:Variant.Graftor.169175, Gen:Variant.Graftor.169316
46.00%

G Data
Gen:Variant.Jaik.4783, Trojan.GenericKD.2066131, Trojan.GenericKD.2083905, Gen:Variant.Graftor.169175, Gen:Variant.Graftor.169316
46.00%

AVG
Win32/DH, Win32/DH{MXKBEoETAgA1Dw}, Generic, Win32/Blacked, Generic6, Adware Generic6.LFU.dropper, Adware Generic6.MYO
46.00%

1 / 68      (Adware)
scope.exe  (067eec3c1a7561dc4ec107a51fa1ec8f)

1 / 68      (Adware)
rjfc.exe  (e8caa181ef3a6b2610187cc92163efc3)

1 / 68      (Adware)
adsfree.exe  (4f5b32b1f6abbace0f844c6344b6c6b5)

1 / 68      (Adware)
smart.exe  (08ba3033ef2554aa7648c3627f0ae014)

1 / 68      (Adware)
smart.exe  (39092f076717d1b61256c0932efe6ddd)

1 / 68      (Adware)
ae8c9d8.exe  (c08d02cbb9f8599d61073afc18450af3)

1 / 68      (Adware)
smart.exe  (13c5bf1a0612daa902b74b2a69501d0f)

1 / 68      (Adware)
trz674b.tmp  (d09f665d961b722aa35c0faeacf5d9b7)

1 / 68      (Adware)
0ea97d4.exe  (11ab19724b3257d0c5da36f8a025fec7)

1 / 68      (Adware)
4aa15f.exe  (3fad6da29c9a158bc65ba032d77fb2c0)

1 / 68      (Adware)
aaf03b7fb7.exe  (433d657a818ed5ffb5b87e8f2abe8420)

1 / 68      (Adware)
736932c741.exe  (95246923c5a708263d48c8e950f8f562)

1 / 68      (Adware)
86b1da190.exe  (711f69ae7f2909b4a5d6e26bd8b13ecb)

1 / 68      (Adware)
setup.exe (Chromium by The Chromium Authors)  (e7edaaae512b89da50548f4b32c57a9b)

1 / 68      (Adware)
pingersrvc.exe  (416aada0e245153cb645cd750f74ff0e)

5 / 68      (Adware)
tmp0000011d9cd51a210ba7b6d9  (3c7fa8ae0ac868ef2baedc6c5d9409fd)

1 / 68      (Adware)
trz94e9.tmp  (3262dc638063bd6b68aa35563079fdd5)

1 / 68      (Adware)
fh348d.tmp  (48fe26157ec95fe60b76324e13238eb5)

1 / 68      (Adware)
1c540c.exe  (38f8bb299abba980ec8e4d699337cb28)

1 / 68      (Adware)
9f050d6.exe  (430c674bcc6818f354c046016deb5fb4)

1 / 68      (Adware)
2b6c94182.exe  (36295c8ca945d99108fc4ed17a46bde6)

1 / 68      (Adware)
fastbrowserupdater.exe  (26ff3e30cc62e615ebe86d870db2ffe7)

1 / 68      (Adware)
fhda36.tmp  (3e3f81f08186c6c83c171f932dc82148)

7 / 68      (Adware)
adsfree.exe  (9f82ad2ca6b93e137faa2ea2d83e56a6)

1 / 68      (Adware)
57e5811f96.exe  (02c8349f909281b53b37526beafce531)

24 / 68    (Adware)
e2984cd4.exe  (ca71ccf534c3a2a4c73ef64669c5cbd5)

31 / 68    (Adware)
ffbccf5515.exe  (acffba2b2a892dc7d813ab5afb99087e)

30 / 68    (Adware)
5ed43fe.exe  (fd560882ab075a953a37f814aaa51b5f)

29 / 68    (Adware)
b7b3b4c31.exe  (8f084d2ecc8c2e52a932af5d705654a4)

17 / 68    (Adware)
8b2087165c.exe  (95a78456afc7f039921e74b3db5e0d0c)

 
Latest 30 of 63 files

Downloads URLs for files signed by Georgi Georgiev.

17 / 68    (Adware)
http://www.dolfine.info/.../47242dd829.exe  (95a78456afc7f039921e74b3db5e0d0c)

30 / 68    (Adware)
http://www.golgool.info/.../c933f7fd3d.exe  (fd560882ab075a953a37f814aaa51b5f)

26 / 68    (Adware)
http://www.nansq.info/.../20a3620503.exe  (623018fc95ad5c9c2440c1d6eea5171a)

16 / 68    (Adware)
http://www.nansq.info/.../3c8f839db8.exe  (ef05af860bf3bac5c2f0f29e350180d1)

24 / 68    (Adware)
http://www.nansq.info/.../e2dcfd.exe  (358c6493e798511221a1b96023d65834)

1 / 68      (Adware)
http://www.colompia.info/.../56658f2.exe  (3262dc638063bd6b68aa35563079fdd5)

17 / 68    (Adware)
http://www.dolfine.info/.../82b95e62d9.exe  (95a78456afc7f039921e74b3db5e0d0c)

24 / 68    (Adware)
http://www.dolfine.info/.../01db25.exe  (ca71ccf534c3a2a4c73ef64669c5cbd5)

29 / 68    (Adware)
http://www.golgool.info/.../3bbcfa84.exe  (b82aaf09cda3deeaaee331fca61d934b)

31 / 68    (Adware)
http://www.colompia.info/.../a2a7065.exe  (4ea9c4c629483784af65530aa9ea85eb)

29 / 68    (Adware)
http://www.adscseed.info/.../a50a0468.exe  (6d9a3fb1569fca6e220d1c43b7f568c0)

32 / 68    (Adware)
http://www.sofoolo.info/.../2e3aed3.exe  (995af9877c6ccf08f9c89edd19da709d)

31 / 68    (Adware)
http://www.colompia.info/.../74cf94a.exe  (4ea9c4c629483784af65530aa9ea85eb)

29 / 68    (Adware)
http://www.dolfine.info/.../d7e892.exe  (6d9a3fb1569fca6e220d1c43b7f568c0)

29 / 68    (Adware)
http://www.golgool.info/.../99a47d.exe  (b82aaf09cda3deeaaee331fca61d934b)

25 / 68    (Adware)
http://www.adconl.info/.../4e99cda69.exe  (4a3d5aa723967731b872384a64f91ab9)

1 / 68      (Adware)
http://91.74.184.36/.../6631c7.exe  (36295c8ca945d99108fc4ed17a46bde6)

24 / 68    (Adware)
http://91.74.184.36/.../61e9e251.exe  (358c6493e798511221a1b96023d65834)

17 / 68    (Adware)
http://www.dolfine.info/.../eb7c70d6.exe  (95a78456afc7f039921e74b3db5e0d0c)

1 / 68      (Adware)
http://www.colompia.info/.../877f8e64d.exe  (3262dc638063bd6b68aa35563079fdd5)

29 / 68    (Adware)
http://www.adskoola.info/.../e148dfa962.exe  (8f084d2ecc8c2e52a932af5d705654a4)

16 / 68    (Adware)
http://www.nansq.info/.../e5c4cacfdb.exe  (ef05af860bf3bac5c2f0f29e350180d1)

26 / 68    (Adware)
http://www.colompia.info/.../cdcd3dee72.exe  (623018fc95ad5c9c2440c1d6eea5171a)

29 / 68    (Adware)
http://www.dolfine.info/.../4559c78f.exe  (6d9a3fb1569fca6e220d1c43b7f568c0)

29 / 68    (Adware)
http://www.dolfine.info/.../e6e5aa79.exe  (7b906218d2834fc15d3b5f547ef13395)

23 / 68    (Adware)
http://www.adskdoom.info/.../1f25167.exe  (f4a06cd0b5bdc86f717ba38bb1d9386d)

1 / 68      (Adware)
http://www.nansq.info/.../0ea97d4.exe  (11ab19724b3257d0c5da36f8a025fec7)

1 / 68      (Adware)
http://www.colompia.info/.../d1e812d40c.exe  (433d657a818ed5ffb5b87e8f2abe8420)

1 / 68      (Adware)
http://www.adskoola.info/.../e356966169.exe  (38f8bb299abba980ec8e4d699337cb28)

25 / 68    (Adware)
http://www.colompia.info/.../930ff50523.exe  (4a3d5aa723967731b872384a64f91ab9)

 
Latest 30 of 164 download URLs

The following websites host and distribute files published by Georgi Georgiev.

www.adconl.info

www.adskoola.info

www.adscseed.info

www.nansq.info

www.golgool.info

www.colompia.info

www.adskdoom.info

www.dolfine.info

www.sofoolo.info

The following publishers (by Authenticode signature organization name) are related.

Yordan Damyanov

* Note, the details and description above are based on the code signing digital signature issued to Georgi Georgiev by COMODO CA Limited on June 06, 2014 with the serial number '50e7161b35aefc4ca801c951bef0279a'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.