Yula

Publisher Information

Yula is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Remove Yula Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
3/14/2014 5:00:00 PM

Valid to:
3/15/2015 4:59:59 PM

Subject:
CN=Yula, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Yula, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4b2c13d47b877663487d003c021e7110

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo.Yula (M), Adware.Yontoo.Yula (M)
100.00%

MicroWorld eScan
Adware.Agent.NYV, Adware.SwiftBrowse.AD, Adware.BrowseFox.C, Adware.BrowseFox.AM, Adware.NetFilter.C
28.00%

nProtect
Adware.Agent.NYV, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.Y, Adware.BrowseFox.AM, Adware.NetFilter.C
28.00%

Zillya! Antivirus
Backdoor.PePatch.Win32.42822, Adware.SwiftBrowse.Win64.1, Adware.SwiftBrowse.Win32.7, Adware.SwiftBrowse.Win32.2489, Adware.Yotoon.Win64.3
28.00%

F-Prot
W32/A-d34eca05, W64/S-065cf46e, W32/MegaBrowse.A, W32/S-bb9276c9, W64/A-c19f7f83, W64/A-59c9c70a, W32/A-c99f2d8b, W32/A-b3b70cb0
28.00%

Bitdefender
Adware.Agent.NYV, Adware.SwiftBrowse.AD, Adware.BrowseFox.C, Adware.BrowseFox.AM, Adware.NetFilter.C
28.00%

Emsisoft Anti-Malware
Adware.SwiftBrowse.AQ, Adware.SwiftBrowse.AD, Adware.BrowseFox, Adware.BrowseFox.AM, Adware.NetFilter
28.00%

Dr.Web
Trojan.BPlug.102, Trojan.BPlug.219, Trojan.BPlug.78, Trojan.BPlug.291, Trojan.Yontoo.1734, Trojan.BPlug.123
28.00%

VIPRE Antivirus
Trojan.Win32.Generic, Threat.4741131, Threat.4150696, Yontoo, Adware.SwiftBrowse
28.00%

AhnLab V3 Security
PUP/Win32.Helper, Adware/Win32.BHO, Win-PUP/BrowseFox.Gen, Trojan/Win64.SwiftBrowse, PUP/Win32.BrowseFox
28.00%

32 / 68    (Adware)
{8de5503e-af48-42eb-89b0-fcff5cbc3f8d}t.sys (StdLib)  (88ce369a0b2129444922584de3d91a28)

1 / 68      (Adware)
Yulasee.Repmon.dll  (e1867fedbbd87f0fdf7d662191704052)

1 / 68      (Adware)
Yulasee.BrowserAdapterS.dll  (9279a66fae9714c34f45cba53871717f)

1 / 68      (Adware)
yulasee.purbrowse64.exe  (b81e84bdf72cb035207775c1df063908)

1 / 68      (Adware)
maintainer.bak  (ee4d632435cb3a0b1615507b158ccc37)

29 / 68    (Adware)
{4df60d2c-927b-478c-83f0-b7dc923bae60}w.sys (StdLib)  (f152281c5cf798fe3fc8776e4255c771)

28 / 68    (Adware)
{8de5503e-af48-42eb-89b0-fcff5cbc3f8d}w64.sys (StdLib)  (661ab47df7f432c60523be0d95e7da4e)

28 / 68    (Adware)
{8de5503e-af48-42eb-89b0-fcff5cbc3f8d}w64.sys (StdLib)  (79a7de6d8f3e3c9781d219986dbe69f5)

1 / 68      (Adware)
yulaseeuninstaller.exe  (99893d38545a3d05b0d2b7a5ed1b779c)

1 / 68      (Adware)

39 / 68    (Adware)

1 / 68      (Adware)
yulasee.expextdll.dll  (dcdd099135c7390abcfde1b2594521f3)

1 / 68      (Adware)
Yulasee2015011014.exe  (0e381c8ae381fac60a645f7543eced62)

1 / 68      (Adware)
db5c982dc4e64976868b64.dll  (0580f38daa70dbc97a2aa923b5f1eef1)

1 / 68      (Adware)
db5c982dc4e64976868b.dll  (38cc127c1c18aff883eea0c2cdbde0fd)

1 / 68      (Adware)
8de5503eaf4842eb89b064.dll  (4b69ef2c29656b6b7fe7d11258649e63)

1 / 68      (Adware)
4df60d2c927b478c83f064.dll  (ba5c8557bbe42ff4b94e6e0696a04373)

1 / 68      (Adware)
4df60d2c927b478c83f0.dll  (7e7ce90213c0427c86591922a36a2b8c)

1 / 68      (Adware)
maintainer.bak  (7539d4d8ec1145f5ca9f334c2e4efe86)

40 / 68    (Adware)
yulaseebho.dll (Yula)  (d7a1ebf2c33e828da0b016dbeb956784)

33 / 68    (Adware)
{4df60d2c-927b-478c-83f0-b7dc923bae60}w64.sys (StdLib)  (1e708b2f8bfdc33e14c6420f312a5e90)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

39 / 68    (Adware)

44 / 68    (Adware)

1 / 68      (Adware)
yulasee.expextdll.dll  (01e61996d424d282ad66a8e81b953205)

1 / 68      (Adware)
yulasee.boas.exe.pendingoverwrite  (e8fe9d2a97bd7d3c23531e39ea63e405)

1 / 68      (Adware)
db5c982dc4e64976868b64.dll  (f11bed243fd68a37de6e4c13fa4a6f1e)

 
Latest 30 of 983 files

Downloads URLs for files signed by Yula.

1 / 68      (Adware)
http://install.yulasee.com/ud  (yulaseeuninstaller.exe)

The following certificate is also signed by Yula.

27284D3180DC36E2DF216CDD159FDC27  (Mar 10, 2015 to Apr 09, 2016)

The following publishers (by Authenticode signature organization name) are related.

30 of 190 publishers

Remove Yula Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Yula by VeriSign, Inc. on March 14, 2014 with the serial number '4b2c13d47b877663487d003c021e7110'.