home

SugarSearch

Publisher Information

SugarSearch is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Authority:
VeriSign, Inc.

Valid from:
3/11/2015 9:00:00 PM

Valid to:
4/10/2016 8:59:59 PM

Subject:
CN=SugarSearch, O=SugarSearch, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
157811536006ab535bf52112299859d6

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M), Adware.Yontoo (M)
100.00%

1 / 68      (Adware)
clearthinkun.exe  (39d6943ac87b60a513e03bdcf84d7f9e)

1 / 68      (Adware)
maintainer.bak  (f0d89b287df6a8c04a866d4a0eb9441e)

1 / 68      (Adware)
clearthink.purbrowse.dll  (865e167165e9c1faff8a60f7cc176dfd)

1 / 68      (Adware)
clearthink.purbrowse64.exe  (e6307e21976b4684fa88f0640cd4e806)

1 / 68      (Adware)
maintainer.bak  (a90777c09fdcfde5e9d1602bdef7312d)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}w64.sys (StdLib)  (60fa9cb87238aeb40e2d8f4f4de5c7bf)

1 / 68      (Adware)
clearthink.gcupdate.dll  (d37195de884aff28220e167158482638)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}t.sys (StdLib)  (9e471428a326d280e240c80d347c861b)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}gw64.sys (StdLib)  (c5e450f279f1b77ef4c9731b4cae34b8)

1 / 68      (Adware)
maintainer.bak  (044cd228790e1fd871c47f75f81a42ff)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}w.sys (StdLib)  (4371ff4edd635410dcbe4c4f400bc5c7)

1 / 68      (Adware)
clearthink.purbrowse.dll  (929b98dd399550f9abe9f3842ee74777)

1 / 68      (Adware)
clearthink.gcupdate.dll  (1fc6e404bf3453f70dee3510ef5a2dc7)

1 / 68      (Adware)
clearthink.browseradapter.dll  (0a39103790e9936b05ecb9763131bf87)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}w64.sys (StdLib)  (72abfc07e746f92871894690667e5487)

1 / 68      (Adware)
clearthink.repmon.dll  (bc5bb7640902d2cb03a60c80a9282b71)

1 / 68      (Adware)
clearthink.purbrowseg.dll  (d70477bf264334caf3d934ad110b40c9)

1 / 68      (Adware)
clearthink.ofsvc.dll  (418207cdae2c96e036a2a15499464b62)

1 / 68      (Adware)
clearthink.gcupdate.dll  (94b934dad6c787ffdcc9cdda88e8054a)

1 / 68      (Adware)
clearthink.expext.dll  (42a2af89d9881eea35365c76e90ec483)

1 / 68      (Adware)
clearthink.browseradapter.dll  (237546ae97b6b18694970401481106b1)

1 / 68      (Adware)
clearthink.browseradapter64.exe  (904671504f4e6e6b8a7bb114549e8e42)

1 / 68      (Adware)
clearthink.browseradapter.exe  (19b8f134e68790680b64e913dd316766)

1 / 68      (Adware)
bcd08fc8cb5641a38b193c556687a50464.dll (by TODO: <Company name>)  (4bdbe716bf5daaf66ff831f15df15cc8)

1 / 68      (Adware)
bcd08fc8cb5641a38b193c556687a504.dll (by TODO: <Company name>)  (15b90acbfdbec950ae07b97432e91523)

1 / 68      (Adware)
bcd08fc8cb5641a38b19.dll  (5ac816468951c9e706f3d41aba94999d)

1 / 68      (Adware)
maintainer.exe  (24d5482d0bac7911a8c423dd8b8e32d6)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}t.sys (StdLib)  (e15c70e999641644fe085692c6ecce3e)

1 / 68      (Adware)
{bcd08fc8-cb56-41a3-8b19-3c556687a504}w64.sys (StdLib)  (fc259255ac7110b235892ca53a4aba1e)

1 / 68      (Adware)
clearthink.purbrowse.exe.pendingoverwrite  (ea6482c5bdfab4f5b1e224bbc6d22bdb)

 
Latest 30 of 3,182 files

The following publishers (by Authenticode signature organization name) are related.

Digi Docket

Nano Surfer

Air Globe

PodoWeb

waleisa

Simple for You

trolatunt

Lemurleap

Deal Keeper

web waltz

PursuePoint

Girafarri

glindorus

matinooch

EnterDigital

eye perform

Browser Good

Follow Rules

qualitink

gate snapper

Hatchiho

Mountain Bike

Ski Search

Forever Net

Search Vortex

Web Tripp

WiseEnhance

Coupon Time

Ttessab

PortalMore

30 of 85 publishers

* Note, the details and description above are based on the code signing digital signature issued to SugarSearch by VeriSign, Inc. on March 11, 2015 with the serial number '157811536006ab535bf52112299859d6'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.