findopolis

Publisher Information

findopolis is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Remove findopolis Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
1/8/2014 4:00:00 PM

Valid to:
1/9/2015 3:59:59 PM

Subject:
CN=findopolis, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=findopolis, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
41fd37ed8d644a11e361329013f51fc2

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Yontoo.findopolis (M), PUP.Yontoo.findopolis (M)
100.00%

Avira AntiVirus
APPL/BrowseFox.Gen2, Adware/BrowseFox.aou, ADWARE/BrowseFox.Gen
32.00%

Bitdefender
Adware.SwiftBrowse.AY, Adware.SwiftBrowse.W, Adware.Agent.OBN
30.00%

VIPRE Antivirus
Yontoo, Trojan.Win32.Generic, Threat.4741131, Threat.4150696, Adware.SwiftBrowse
30.00%

Baidu Antivirus
Adware.Win32.BrowseFox, Adware.MSIL.BrowseFox
30.00%

AVG
BrowseFox.F, Generic, Webpade
30.00%

MicroWorld eScan
Adware.SwiftBrowse.AY, Adware.SwiftBrowse.W, Adware.Agent.OBN
28.00%

nProtect
Trojan-Clicker/W32.Agent.249632.B, Adware.SwiftBrowse.AY, Adware.SwiftBrowse.W, Trojan-Clicker/W32.LinkSwift.247072, Adware.Agent.OBN
28.00%

McAfee
Artemis!50C69ECDB580, Program.BrowseFox, Artemis!F1F4756BFD1D, Artemis!CE9667C8E604, Artemis!347474A55C3C, Artemis!E079C193ACE8
28.00%

Agnitum Outpost
PUA.Agent, Riskware.Agent, PUA.Kranet, Trojan.BPlug, PUA.Yotoon
28.00%

1 / 68      (Adware)
findopolis.purbrowse.exe  (44bc11c947218f681757974d1b7c781d)

36 / 68    (Adware)

1 / 68      (Adware)
c486bc7a4f2c4a8bac3864.dll  (8a7c150f9573043dcfa56cf04e768de8)

1 / 68      (Adware)
c486bc7a4f2c4a8bac38.dll  (854b69e330b7f83ac66bd2e651245275)

41 / 68    (Adware)
findopolisbho.dll (findopolis)  (f08f09cd35675039b9bd22d57a07f9f6)

1 / 68      (Adware)
utilfindopolis.exe  (0b5745b78b7f8c24eab325542afb11f6)

40 / 68    (Adware)

1 / 68      (Adware)
findopolisbaapp.dll  (90d931c080a0486e3503de0087575723)

1 / 68      (Adware)
findopolis.browseradapter.exe  (f4e6f6bfea42fe7d92181bb767bef460)

40 / 68    (Adware)

1 / 68      (Adware)
findopolisbaapp.dll  (a2b80379f74cca3500bf293be1300108)

1 / 68      (Adware)
findopolis.browseradapter.exe  (1ce0cc892f1479813e524cd29d26ba19)

1 / 68      (Adware)
{d6ad4c89-c086-48f0-85c0-6cfd1a41a9be}w64.sys (StdLib)  (40ece839d0a72773486f2d8457a81b76)

37 / 68    (Adware)
{c486bc7a-4f2c-4a8b-ac38-4952f70809b9}w64.sys (StdLib)  (2a0f176ace15a7b879a8ceb98e5f1234)

32 / 68    (Adware)
{c486bc7a-4f2c-4a8b-ac38-4952f70809b9}gw.sys (StdLib)  (642440ff93cbdf976a8656063a544108)

1 / 68      (Adware)
findopolis.Msvcmon.dll  (8adde7947a4fa92be9949b3352274721)

1 / 68      (Adware)
findopolis.BrowserAdapterS.dll  (25f4374cc337acf365a3d3b074eee50a)

36 / 68    (Adware)

40 / 68    (Adware)

1 / 68      (Adware)
c486bc7a4f2c4a8bac3864.dll  (068e2a4bdf4f6a4c9cc39744e5ceb27c)

1 / 68      (Adware)
c486bc7a4f2c4a8bac38.dll  (7e8af15bd701ca7e9ea210c9aa34afc4)

66 / 68    (Adware)
findopolisbho.dll (findopolis)  (fafabcb9d85c4c36bc4ab625b9feb14b)

1 / 68      (Adware)
{173745cd-3937-468f-98f6-d68898d32d98}w.sys (StdLib)  (78b071c1c4e957f694a8e29ac2b659b5)

22 / 68    (Adware)
findopolis.FirstRun.exe (FirstRun)  (53b8e6865efacab8020ed2f0c4c5e72f)

1 / 68      (Adware)
{5834198b-f0f2-4338-bb92-baf9386ad519}w64.sys (StdLib)  (0dedde2e806d9a6988b835889f9f1588)

27 / 68    (Adware)
{173745cd-3937-468f-98f6-d68898d32d98}w64.sys (StdLib)  (371a571f0068539577626839aa90e02d)

22 / 68    (Adware)
findopolis.FirstRun.exe (FirstRun)  (b45f540a84919c35a0946c2e775bdfaf)

1 / 68      (Adware)
findopolisbaapp.dll  (0f2bb03953dacae4f4821a32d4dfe580)

1 / 68      (Adware)
updatefindopolis.exe  (76fd7bde8c8abb6064b95ca341d1e4f9)

1 / 68      (Adware)
findopolis.purbrowse64.exe  (596378c7e8e089890ba6a9e62a906ef8)

 
Latest 30 of 695 files

The following certificate is also signed by findopolis.

155376F1435E4D9371CDCB1CAB15B266  (Dec 22, 2014 to Feb 21, 2016)

The following publishers (by Authenticode signature organization name) are related.

30 of 125 publishers

Remove findopolis Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to findopolis by VeriSign, Inc. on January 08, 2014 with the serial number '41fd37ed8d644a11e361329013f51fc2'.