fassurun

Publisher Information

fassurun is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Remove fassurun Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
8/20/2013 9:00:00 PM

Valid to:
8/20/2015 8:59:59 PM

Subject:
CN=fassurun, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=fassurun, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
6ea3a2d62f7379560af4974e60282338

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo.fassurun (M), Adware.Yontoo.fassurun (M), PUP.Yontoo.fassurun.Installer (M)
100.00%

Agnitum Outpost
Trojan.BPlug, Riskware.Agent, PUA.Agent
10.00%

Sophos
BrowseSmart, Generic PUA CG, PUA.Browse Fox, Generic PUA PD
10.00%

Dr.Web
Trojan.BPlug.123, Trojan.BPlug.214, Trojan.BPlug.219, Trojan.BPlug.28
10.00%

VIPRE Antivirus
Trojan.Win32.Generic, Adware.SearchProtect, Threat.4741131, Yontoo
10.00%

Baidu Antivirus
Adware.Win32.BrowseFox, Adware.Win32.Agent
10.00%

AVG
Fasuru, Generic, Agent.W
10.00%

Jiangmin
AdWare/Yotoon.m, AdWare.Win32.LinkSwift.a, Adware/Agent.izz
8.00%

IKARUS anti.virus
AdWare.SpadeCast, AdWare.BrowseBurst, not-a-virus:AdWare.Win32.Agent
8.00%

McAfee Web Gateway
BehavesLike.Win64.PUPAmonetize.ph, Artemis!842EDB4C77B1, Artemis!7348D9622C07
8.00%

1 / 68      (Adware)
{cd6aa099-9072-44f1-a840-a5e78bf30cd8}w64.sys (StdLib)  (e786a1c7fc59be33e78c92145c51b334)

1 / 68      (Adware)
setup.exe  (aa7c4d115a2dd7d7ba4c2fea4f6f66c2)

1 / 68      (Adware)
{21c63c07-3dae-48cc-95ab-ff9287f82f6b}t.sys (StdLib)  (2fa9696dcf92d6335b6e864d83c99b7e)

1 / 68      (Adware)
updatefassurun.exe  (331cf07f447b8989d71d56d4ee399530)

1 / 68      (Adware)
xtlsapp.exe  (1225c11e380a6c4e382dc20f24f06189)

1 / 68      (Adware)
xtlsapp.dll  (8b6d47629f496eb347ae11616d850a68)

1 / 68      (Adware)
XTLS.dll (XVRNT by TODO: <Company name>)  (e045a6075f689bbda9b6dedf27ce3e9a)

1 / 68      (Adware)
fassurun.expextdll.dll  (569f98b95514c3aac5487a121340cf95)

1 / 68      (Adware)
cd6aa099907244f1a84064.dll  (932ef3b8cf7086d52888c8985107f365)

27 / 68    (Adware)
fassurunbho.dll (fassurun)  (63dac95b2691d100ac853eb2d6926bb5)

1 / 68      (Adware)
{cd6aa099-9072-44f1-a840-a5e78bf30cd8}gw64.sys (StdLib)  (6e935421861727a41587be98b83f0d67)

1 / 68      (Adware)
{cd6aa099-9072-44f1-a840-a5e78bf30cd8}gt.sys (StdLib)  (559c821f0037fa3eb75e418ed3a79ef2)

1 / 68      (Adware)
{cd6aa099-9072-44f1-a840-a5e78bf30cd8}w.sys (StdLib)  (1bb3847b52ef1318dfe894204a6a95fb)

1 / 68      (Adware)
{696697c2-0537-45bd-b3da-9e80a9e05283}w.sys (StdLib)  (674286d9aeb8d4a3294c540b7c992bf6)

1 / 68      (Adware)
{0d8ebb32-9b35-4142-a825-b70830c7b6ef}w.sys (StdLib)  (5bb874e4c941c80a7f0308098ec8ca08)

33 / 68    (Adware)

1 / 68      (Adware)
21c63c073dae48cc95ab.dll  (7ad0e0a2f12a1204dbabe0d6557412ca)

1 / 68      (Adware)
{21c63c07-3dae-48cc-95ab-ff9287f82f6b}w.sys (StdLib)  (3522743079dfc245bc07c1d7c4ef04b5)

1 / 68      (Adware)
fassurun.Repmon.dll  (e61d240544a1ad298a48320d07945b35)

1 / 68      (Adware)
fassurun.purbrowseg.dll  (bfc1fe6d4539edda86e6522a3917a582)

1 / 68      (Adware)
fassurun.Msvcmon.dll  (54b798f7d72047615647b180400fb983)

1 / 68      (Adware)
fassurun.ieupdate.dll  (166a0f9834a4333dba688443435ebf25)

1 / 68      (Adware)
fassurun.gcupdate.dll  (46364fec94ae20106591cfbe94a43abf)

1 / 68      (Adware)
fassurun.ffupdate.dll  (d10a79e2a5508e467bca306407767a71)

1 / 68      (Adware)
fassurun.expext.dll  (2cfa00123b9fa935bd9eb0dd48985715)

1 / 68      (Adware)
fassurun.browseradapter.dll  (dd17afb1bf971b084bbb756b8184eb5d)

1 / 68      (Adware)
fassurun.BroStats.dll  (d7694989e38f344b85295956ad69dc30)

1 / 68      (Adware)
fassurun.Bromon.dll  (cde9ba0dfd131a3b1cbc03b2fc66644a)

1 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 222 files

Downloads URLs for files signed by fassurun.

1 / 68      (Adware)
http://wpc.0952.edgecastcdn.net/800952/.../setup.exe  (aa7c4d115a2dd7d7ba4c2fea4f6f66c2)

The following publishers (by Authenticode signature organization name) are related.

30 of 71 publishers

Remove fassurun Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to fassurun by VeriSign, Inc. on August 20, 2013 with the serial number '6ea3a2d62f7379560af4974e60282338'.