Andrew Kruzov

Publisher Information

Andrew Kruzov is a brand of publishers/developers run by WebPick Internet Holdings Ltd. located in Ramat Ha'Chayal Tel Aviv, Israel. The company is a primary distributor of unwanted software. Andrew Kruzov is a developer of WebPick Internet Holdings and publishes a number of adware web browser plugins designed to monitor web browser behavior and inject advertisements (banner, popups, text-links, etc.) in the browser by using the WebPick InstalleRex monetization delivery platform. These programs from Andrew Kruzov are typiclaly installed on a variety of names and misspellings and are very difficult to remove. According to WebPick, they use developers to sign their adware in order to "throw off competitors".
Remove Andrew Kruzov Malware - Powered by Reason Core Security
Authority:
COMODO CA Limited

Valid from:
9/27/2013 2:00:00 AM

Valid to:
9/28/2014 1:59:59 AM

Subject:
CN=Andrew Kruzov, O=Andrew Kruzov, STREET=Savrasova 31, L=Kiev, S=Kiev, PostalCode=03110, C=UA

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
53c0e7306a4ed340cba044d801891a67

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.AndrewKruzov.H, PUP.Installer.AndrewKruzov.M, PUP.Installer.AndrewKruzov.J, PUP.Installer.AndrewKruzov.K, PUP.Installer.AndrewKruzov.S, PUP.Installer.AndrewKruzov.L, PUP.Installer.AndrewKruzov.F, PUP.AndrewKruzov.C, PUP.AndrewKruzov.K, PUP.WebPick.AndrewKruzov.Bundler (M), PUP.WebPick.AndrewKruzov (M)
100.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4150696
72.00%

avast!
Win32:PUP-gen [PUP], Win32:MultiPlug-AQ [PUP]
72.00%

Sophos
MultiPlug, Adware.MultiPlug, PUA 'MultiPlug' (of type Adware)
72.00%

Dr.Web
Trojan.Crossrider.14455, Trojan.Crossrider.12912
72.00%

Emsisoft Anti-Malware
Gen:Variant.Adware.Dropper.101
72.00%

AVG
Generic_r, Generic_r.JY, Adware Generic_r.JY
72.00%

MicroWorld eScan
Gen:Variant.Adware.Dropper.101
70.00%

McAfee
PUP-FID!E028ABA38E13, PUP-FID!8F050AA1539B, PUP-FID!13F650A9E15C, PUP-FID!3A344EE960F9, PUP-FID!1E52FE30241A, PUP-FID!CAEF45A8F4DB
70.00%

NANO AntiVirus
Riskware.Win32.Agent.cwzhej, Riskware.Win32.Crossrider.cwprty
70.00%

1 / 68      (Adware)
294823_.exe  (f4788abd94dcfc16455bd60a2e1b4290)

1 / 68      (Adware)
setup.exe  (49f60c32ef14031ddb499e3bb1484621)

1 / 68      (Adware)
ytab_setup.exe  (8b1f47d7f397432a7b21fce371f7d4c2)

1 / 68      (Adware)
newtab_setup.exe  (778a41ea54ba41fc47a27a679960633e)

1 / 68      (Adware)
ext_setup.exe  (452cf88087cc65d6d51ec34b94806b3b)

1 / 68      (Adware)
extie_setup.exe  (b121426c36584ad320a13a7919d0f653)

1 / 68      (Adware)
browsecoupon_setup.exe  (bcfb14327abd03c4b1b93c8902a96edf)

1 / 68      (Adware)
294823_.exe  (e6a16b1ca2ad61c4d439baaff4537856)

1 / 68      (Adware)
ext_setup.exe  (3f5815e7ccfd3b20253b90c0d662fe82)

1 / 68      (Adware)
ext_setup.exe  (32549dd02aecef87257952b180408f83)

1 / 68      (Adware)
u3kavmb1.exe  (8a4b51474558d49b40d34d1ecd40f8e2)

1 / 68      (Adware)
setup.exe  (9c5df906b4611345bc5e9c94ca08b6ae)

37 / 68    (Adware)
ytab_setup.exe  (d523c74575ae3ebcab13ea5cb1d9e3e7)

36 / 68    (Adware)
newtab_setup.exe  (99ca8c91e40da0a723bd91714c8e527d)

37 / 68    (Adware)
ytab_setup.exe  (80abf90b10066129e0a679be81f27816)

38 / 68    (Adware)
newtab_setup.exe  (3d7467a5de99e45c73ade6dcac031dda)

38 / 68    (Adware)
newtab_setup.exe  (dec9a385d5297dbd712c5d097840b20f)

34 / 68    (Adware)
setup.exe  (8cd514753f9b95843304ff99070a1bcb)

36 / 68    (Adware)
ytab_setup.exe  (725d47195b8d1ce1521d8e24081f026d)

35 / 68    (Adware)
ext_setup.exe  (d258f3fc2e71276faa3a248cb0652ff9)

35 / 68    (Adware)
extie_setup.exe  (201de7ac832a557654185dce2574c20d)

34 / 68    (Adware)
browsecoupon_setup.exe  (7eaf92fcb0cda017fd9ef302ffa78afd)

32 / 68    (Adware)
gj.exe  (b75287ce7b83e17ce6ef548a6c4907a1)

30 / 68    (Adware)
6sqg5af.exe  (61f0732d0eb63f0428500fcc8799f318)

30 / 68    (Adware)
_6g9r_yvsg.exe  (8b5d419c861874010162765f70790c3d)

32 / 68    (Adware)
lutjrm3.exe  (f907e3d0629df5c903bfd456666b9ae5)

9 / 68      (Adware)
sg.exe  (bc92084c303e8bb26e607a394ac3f6fa)

1 / 68      (Adware)
ytab_setup.exe  (e026f3e863354e890457bce5ae3aa67c)

35 / 68    (Adware)
newtab_setup.exe  (b15732ecac90a1209b94859ffe9ca9d8)

30 / 68    (Adware)
294823_.exe  (1c3fb32b509f16eb2b024ced91a3bc80)

 
Latest 30 of 92 files

Remove Andrew Kruzov Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Andrew Kruzov by COMODO CA Limited on September 27, 2013 with the serial number '53c0e7306a4ed340cba044d801891a67'.