Alactro LLC

Publisher Information

Alactro LLC is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. Thre are 2 additional code signing certificates issued to this publisher.
Remove Alactro LLC Malware - Powered by Reason Core Security
Authority:
GoDaddy.com, Inc.

Valid from:
5/26/2011 11:13:23 PM

Valid to:
5/26/2012 11:13:23 PM

Subject:
CN=Alactro LLC, O=Alactro LLC, L=Carlsbad, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
27e40c73ba04ba

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.Alactro.X, PUP.Installer.Alactro.a, PUP.Installer.Alactro.BB, PUP.Installer.Alactro.FF, PUP.Installer.Alactro.DD, PUP.Installer.Alactro.Y, PUP.Installer.Yontoo, PUP.Yontoo.Alactro.Installer (M)
97.37%

VIPRE Antivirus
Yontoo
92.11%

Comodo Security
Heur.Suspicious, UnclassifiedMalware
86.84%

ESET NOD32
Win32/Adware.Yontoo, Win32/Adware.Yontoo (variant)
86.84%

Avira AntiVirus
ADWARE/Yontoo.Gen2, Adware/Yontoo.C
84.21%

Dr.Web
Adware.Plugin.8, Adware.Plugin.11, Adware.Siggen.24249
81.58%

Agnitum Outpost
Adware.Yontoo, Adware.Generic
52.63%

Baidu Antivirus
Adware.Win32.Yontoo, AdWare.Win32.Yontoo, Trojan.Adware.Win32.Yontoo
52.63%

NANO AntiVirus
Trojan.Win32.Siggen.blrgva, Trojan.Win32.Siggen.bkbjwk, Trojan.Win32.Plugin.cfldzw, Trojan.Win32.Siggen.bkkflm, Trojan.Win32.Siggen.bslnzq, Trojan.Win32.Siggen.bxavkd, Trojan.Win32.Siggen.ccimee, Trojan.Win32.Plugin.bgyvbt, Trojan.Win32.Plugin.bvbvkd, Riskware.Win32.Siggen.cyptve
50.00%

Antiy Labs AVL
AdWare/Win32.Yontoo.gen, AdWare/Win32.Agent.gen, Trojan/Win32.SGeneric, Trojan/Win32.Tgenic
42.11%

13 / 68    (Adware)

6 / 68      (Adware)

1 / 68      (Adware)

2 / 68      (Adware)
ezlooker.exe (ezLooker by Alactro)  (d31f5a22663edde12a8b3dd75c0eea3d)

11 / 68    (Adware)

12 / 68    (Adware)

14 / 68    (Adware)

9 / 68      (Adware)

11 / 68    (Adware)

13 / 68    (Adware)

13 / 68    (Adware)

3 / 68      (Adware)

10 / 68    (Adware)

13 / 68    (Adware)

12 / 68    (Adware)

13 / 68    (Adware)

11 / 68    (Adware)

8 / 68      (Adware)

1 / 68      (Adware)

9 / 68      (Adware)

7 / 68      (Adware)

13 / 68    (Adware)

9 / 68      (Adware)
bvddsetup.exe (Best Video Downloader by Alactro)  (fd738f1dd41180ce7e0ad7b64f2d4037)

7 / 68      (Adware)

8 / 68      (Adware)

8 / 68      (Adware)

9 / 68      (Adware)
bvddsetup.exe (Best Video Downloader by Alactro)  (5e61c65acf3bb0f58a08b9e68fea541b)

10 / 68    (Adware)
ezlookera.exe (ezLooker by Alactro)  (d82abc01df2583a2d14a2f2a78a95821)

7 / 68      (Adware)

11 / 68    (Adware)

 
Latest 30 of 38 files

Downloads URLs for files signed by Alactro LLC.

13 / 68    (Adware)

10 / 68    (Adware)
http://www.ezlooker.com/.../ezlookerA.exe  (d82abc01df2583a2d14a2f2a78a95821)

1 / 68      (Adware)

8 / 68      (Adware)

The following websites host and distribute files published by Alactro LLC.

The certificates below are also signed by Alactro LLC.

018D4FCE8B07C5BF93892F3E2AB578D5  (Jun 25, 2013 to Aug 24, 2016)

046CAA7E02C7FB  (May 15, 2012 to May 26, 2013)

The following publishers (by Authenticode signature organization name) are related.

30 of 94 publishers

Remove Alactro LLC Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Alactro LLC by GoDaddy.com, Inc. on May 26, 2011 with the serial number '27e40c73ba04ba'.