Igor Moroz

Publisher Information

Igor Moroz is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Igor Moroz is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Igor Moroz are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Authority:
COMODO CA Limited

Valid from:
8/18/2013 9:00:00 PM

Valid to:
8/19/2014 8:59:59 PM

Subject:
CN=Igor Moroz, O=Igor Moroz, STREET=Tarasovskaya 15A, L=Kiev, S=Kiev, PostalCode=01033, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
67678e825742046bf81e9f79e057face

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Bundler (M), Adware (M), PUP.WebPick (M)
100.00%

1 / 68      (Adware)
plants vs. zombies.exe (MountainApp)  (51bec3046ae53e013891cd73763fdc6c)

1 / 68      (Adware)
00000001 (MountainApp)  (e08955754f74051c2d4faa6d2e7460a1)

1 / 68      (Adware)
kamusjowo-.rar.exe (MountainApp)  (5747b907f95160c29beae643b9f56a77)

1 / 68      (Adware)
00000029 (MountainApp)  (059a516ed6b997314490f318ba2da654)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
00000001 (MountainApp)  (4629025218e9187f0f9e63bfb421fb11)

1 / 68      (Adware)
00000000 (MountainApp)  (8789f4c09da8f93259e47f9fa0b1da8c)

1 / 68      (Adware)
download.exe (MountainApp)  (d8d319e8c1ee6b55b37a7c7bce9e0dd0)

1 / 68      (Adware)
download.exe (MountainApp)  (2fed0151010ca3e15a4644f3a0389441)

1 / 68      (Adware)
00000000 (MountainApp)  (7c810f18ecc9a5a632a9cabde2581fd7)

1 / 68      (Adware)

1 / 68      (Adware)
00000000 (MountainApp)  (942ef491136b19b533658d9fb916b0bb)

1 / 68      (Adware)
00000000 (MountainApp)  (f8a208a2b5379a2e4bee3d4a4c792c7b)

1 / 68      (Adware)
pes2010 pesedit 2010 patch 3 0.exe (MountainApp)  (3e123be588e2d5068517c439bdd17525)

1 / 68      (Adware)
pes 2010 pesedit 2010 patch 3.2.exe (MountainApp)  (c1aff8e00709f80cc4046dfb15ff93f0)

1 / 68      (Adware)
megasync.exe (MountainApp)  (f5a7c38fbb82034c4b326d3a441f43a9)

1 / 68      (Adware)
ihf handball challenge espanol.exe (MountainApp)  (6ac1c60d03bb1af14e6e6597ec03f20a)

1 / 68      (Adware)
http___www.fileserve.com_file_arrnhfq.exe (MountainApp)  (0f1b656a7e5daa9a480f666c78fc1552)

1 / 68      (Adware)
mega download manager.exe (MountainApp)  (f64e057a21e2d2a4299b85a868dad2eb)

1 / 68      (Adware)
00000000 (MountainApp)  (0a75f1d69eaad59b557e35800dcf66f2)

1 / 68      (Adware)
download.exe (MountainApp)  (bee2badb768790563ab06dc59e0ab6f9)

1 / 68      (Adware)
divergente.exe (MountainApp)  (d1f8761f3eae9818240f4896ff6dbbca)

1 / 68      (Adware)
download.exe (MountainApp)  (d77dabadbce4347b2fa7e74abc089b58)

1 / 68      (Adware)
download.exe (MountainApp)  (8e974c63ddbbd7c321aa4024c6753a25)

1 / 68      (Adware)
download.exe (MountainApp)  (725d1ab389f5292ec430236aac4b5a4c)

1 / 68      (Adware)
download.exe (MountainApp)  (d6558c18a206741728505630e5d9cf6f)

 
Latest 30 of 178 files

Downloads URLs for files signed by Igor Moroz.

1 / 68      (Adware)
http://applicationgrabb.net/.../Download.exe  (d8d319e8c1ee6b55b37a7c7bce9e0dd0)

1 / 68      (Adware)
http://drivercardusa.info/.../Download.exe  (303bb43f9bc5db3934015ea0f2074dbe)

1 / 68      (Adware)
http://applicationgrabb.net/.../Music Pack 25K.zip.exe  (f0d052fb9b873adda09dd6648035e1c5)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Igor Moroz by COMODO CA Limited on August 18, 2013 with the serial number '67678e825742046bf81e9f79e057face'.