Whilokii

Publisher Information

Whilokii is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Remove Whilokii Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
9/18/2013 7:00:00 PM

Valid to:
9/19/2015 6:59:59 PM

Subject:
CN=Whilokii, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Whilokii, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5d49818d94fea0aea7d9b885c9bacbd7

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo, Adware.Yontoo.Whilokii (M), PUP.Yontoo.Whilokii (M)
100.00%

Zillya! Antivirus
Adware.Yotoon.Win64.8, Adware.Kranet.Win32.17, Adware.SwiftBrowse.Win64.1, Adware.Yotoon.Win64.14
26.00%

Agnitum Outpost
RiskWare.NetFilter, Riskware.Agent, Trojan.BPlug
26.00%

VIPRE Antivirus
Yontoo, Adware.SearchProtect, Threat.4741131, Trojan.Win32.Generic
26.00%

Sophos
Browse Fox, Generic PUA CG, PUA.Browse Fox
26.00%

AVG
MalSign.Maucampo, Generic
26.00%

Clam AntiVirus
Win.Adware.Netfilter-134, Win.Adware.Swiftbrowse-20, Win.Adware.Swiftbrowse-330, Win.Adware.Swiftbrowse-497
26.00%

Dr.Web
Trojan.BPlug.123, Trojan.BPlug.214, Trojan.BPlug.219, Trojan.Yontoo.1734
26.00%

MicroWorld eScan
Adware.Agent.NYV, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH
22.00%

McAfee
Artemis!842EDB4C77B1, BrowseFox.e, Artemis!294D4666A7A2, Artemis!5B7B467D2A4B
22.00%

1 / 68      (Adware)
updatewhilokii.exe  (d8a16af9f02b40c29a4332cea66f5889)

1 / 68      (Adware)
updatewhilokii.exe  (b185edcace4f32a7b40f238b8f831da4)

1 / 68      (Adware)
{6cb9884f-9bf7-4457-8c28-23c7ccc9fa12}w.sys (StdLib)  (5d5e4457825120fc19f51faad24bcaa7)

31 / 68    (Adware)
{6cb9884f-9bf7-4457-8c28-23c7ccc9fa12}w64.sys (StdLib)  (cd54c814cd62db98f2e38e82d30c3540)

22 / 68    (Adware)

36 / 68    (Adware)

1 / 68      (Adware)
fed5e6b24fc443ba8e9564.dll  (59b1ef257ff1b90da33c63f6315ce7f1)

1 / 68      (Adware)
fed5e6b24fc443ba8e95.dll  (927b5b96100fa674f0e929d14e1bb061)

1 / 68      (Adware)
6cb9884f9bf744578c2864.dll  (6ef07219969b323bab76a5aa67b1e672)

1 / 68      (Adware)
{6cb9884f-9bf7-4457-8c28-23c7ccc9fa12}w.sys (StdLib)  (f16d8aa78abaec8ababf7a2da71c0df8)

1 / 68      (Adware)
Whilokii.Repmon.dll  (50922e5cc68e2b0f474528d76f8fe278)

1 / 68      (Adware)
Whilokii.PurBrowse.dll  (8652bc465875cd5918ab63c72e5939fd)

1 / 68      (Adware)
Whilokii.OfSvc.dll  (29199efeb0e269c48320f7a675ab9d87)

1 / 68      (Adware)
Whilokii.IEUpdate.dll  (84c38cdade5618bb998eeea3954b6de8)

1 / 68      (Adware)
Whilokii.GCUpdate.dll  (498dbe6d09f0f4f5f0b3af3d570c1666)

1 / 68      (Adware)
Whilokii.FFUpdate.dll  (b69acd778b358b9b254d6cb6b93d603b)

1 / 68      (Adware)
Whilokii.CompatibilityChecker.dll  (332f8ae0c5ba8ac163dd0ba0fde42688)

1 / 68      (Adware)
Whilokii.BRT.dll  (57484135cd10f6ecc98556a89cd257cf)

1 / 68      (Adware)
Whilokii.BrowserAdapter.dll  (bba2835d3cf78cc2d9af2d397a330f86)

1 / 68      (Adware)
Whilokii.BroStats.dll  (265c6a56621d54f791225a484771fdd9)

1 / 68      (Adware)
Whilokii.Bromon.dll  (e5aa05a3e44935b51989a08d887b70d5)

1 / 68      (Adware)
Whilokii.BOAS.dll  (20ce84abc2c4b0e12681f8095c5259fc)

1 / 68      (Adware)
whilokii.16.dll  (b0c1bb047cb7fae2d871267ca30f758e)

22 / 68    (Adware)

1 / 68      (Adware)
whilokii.purbrowse64.exe  (060a71dcd9abec5cb57450bd129a320a)

1 / 68      (Adware)
Whilokii.BRT.Helper.exe  (75c2838cc25de592db938e3e207ed73d)

1 / 68      (Adware)
whilokii.browseradapter64.exe  (2b5f740917b2512c9f8ade3fe3bfc414)

1 / 68      (Adware)
whilokii.browseradapter.exe  (c692dd968f1e8daffd3500bd29a79ca5)

1 / 68      (Adware)
Whilokii.BOASPRT.exe  (d7c3746c414f0f695ba9a5cb107a6806)

1 / 68      (Adware)
whilokii.boashelper.exe  (e0105501a46825f5336fc46626ee0048)

 
Latest 30 of 1,319 files

The following publishers (by Authenticode signature organization name) are related.

30 of 176 publishers

Remove Whilokii Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Whilokii by VeriSign, Inc. on September 18, 2013 with the serial number '5d49818d94fea0aea7d9b885c9bacbd7'.