WebSparkle

Publisher Information

WebSparkle is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Remove WebSparkle Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
8/13/2013 2:00:00 AM

Valid to:
8/14/2015 1:59:59 AM

Subject:
CN=WebSparkle, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WebSparkle, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
36202de0cbdfe10f57978e3766db2ed4

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo.WebSparkle (M), Adware.Yontoo.WebSparkle (M)
100.00%

VIPRE Antivirus
Threat.4741131, Yontoo, Trojan.Win32.Generic
22.00%

Baidu Antivirus
Adware.Win32.BrowseFox
22.00%

AVG
Generic, AdPlugin, Maucampo
22.00%

Zillya! Antivirus
Adware.Kranet.Win32.17, Adware.BrowseFox.Win32.5311, Adware.SwiftBrowse.Win64.1, Adware.Yotoon.Win64.2, Adware.Yotoon.Win64.14
22.00%

avast!
Win32:BrowseFox-C [PUP], MSIL:BrowseFox-Q [PUP], Win32:BrowseFox-F [PUP]
22.00%

Clam AntiVirus
Win.Adware.Swiftbrowse-105, Win.Adware.Swiftbrowse-330, Win.Adware.Agent-42736, Win.Adware.Swiftbrowse-497
20.00%

Dr.Web
Trojan.Yontoo.1734, Trojan.BPlug.219, Trojan.BPlug.117
18.00%

Agnitum Outpost
Riskware.Agent, Trojan.BPlug
18.00%

MicroWorld eScan
Adware.Agent.PAB, Adware.WebSpark.A, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH
18.00%

1 / 68      (Adware)
{929055f4-7c68-4377-989b-e0658e274ab2}t.sys (StdLib)  (aa802979aaaa7f38116e968c02d3c0ef)

1 / 68      (Adware)
{4d5b06fb-cdbe-4c10-b5d3-75e058fc8027}t.sys (StdLib)  (8fb2f23e016665666a57099ef97f3938)

14 / 68    (Adware)
{058899d6-9704-4de3-aae7-17e9fc44c761}t.sys (StdLib)  (9c7ab153baf2821b9a1f97bc4d8b1cfb)

1 / 68      (Adware)
maintainer.bak  (c0d4aff2efdde629e2022a72784e96ef)

27 / 68    (Adware)
{b25af954-b351-4f83-8231-f9b6d404a548}w64.sys (StdLib)  (51199c97bc34d51b8ae6cc3d49054627)

1 / 68      (Adware)
websparkle.purbrowse.dll  (20874cffb659c166e4a6c3482e669443)

1 / 68      (Adware)
websparkle.ofsvc.dll  (8a656b93ead7bc02d3d9d605737817c6)

1 / 68      (Adware)
websparkle.gcupdate.dll  (518dadba79a550c71e2ff46d33492875)

1 / 68      (Adware)
websparkle.ffupdate.dll  (8403a027e751381213b2f1e0b97a2b88)

1 / 68      (Adware)
websparkle.expext.dll  (5b383450981ccec1fbf92c080b18a635)

1 / 68      (Adware)
websparkle.compatibilitychecker.dll  (e5fb53503aede5f521972b573adccf6c)

1 / 68      (Adware)
websparkle.browseradapter.dll  (7a4f3a26cbd0da495bbbeedcb77e53be)

1 / 68      (Adware)
websparkle.boas.dll  (b580e88f5478bd9c2f7065a6c2911625)

23 / 68    (Adware)

40 / 68    (Adware)

1 / 68      (Adware)
websparkle.expextdll.dll  (cb32b37cb9212583023728330de4d361)

1 / 68      (Adware)
websparkle.expext.exe  (7acc2a6f79dbe61e62a3e61b83040cc1)

1 / 68      (Adware)
websparkle.browseradapter64.exe  (0be755d28b24214e3cdc8fcf364ac7aa)

1 / 68      (Adware)
websparkle.browseradapter.exe  (8689229ef281d50748466488c98d4c18)

1 / 68      (Adware)
WebSparkle.BOASPRT.exe  (087b371bf650b2b73b1bb5a59c618b9c)

1 / 68      (Adware)
websparkle.boashelper.exe  (f7fcf4374a441cfa02d29ea27875a763)

1 / 68      (Adware)
WebSparkle.BOAS.exe  (f45093520194f7597bd85f6e8b4701bf)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
b25af954b3514f83823164.dll  (fbd1f67e1581ec7d6d26a545fed5ba5f)

1 / 68      (Adware)
b25af954b3514f838231.dll  (80bb42570fdefb01f700d6a7cdc628fd)

1 / 68      (Adware)
058899d697044de3aae7.dll  (63bd2b34583ee4a7bd173e7b5e583cc6)

1 / 68      (Adware)
websparkleun.exe  (c55f2fa45e2aa017cbe8afcb8ec2a9fd)

1 / 68      (Adware)
{929055f4-7c68-4377-989b-e0658e274ab2}t.sys (StdLib)  (c39865b572c194f8b72ec6179cfd51c7)

23 / 68    (Adware)

 
Latest 30 of 663 files

The following publishers (by Authenticode signature organization name) are related.

30 of 178 publishers

Remove WebSparkle Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to WebSparkle by VeriSign, Inc. on August 13, 2013 with the serial number '36202de0cbdfe10f57978e3766db2ed4'.