tanzuki

Publisher Information

tanzuki is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Remove tanzuki Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
8/20/2013 9:00:00 PM

Valid to:
8/20/2015 8:59:59 PM

Subject:
CN=tanzuki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=tanzuki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5094cecd4b5d21903c384e60ac45c6c4

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Service.tanzuki.L, PUP.Yontoo.tanzuki (M), Adware.Yontoo.tanzuki (M), Adware.Yontoo.tanzuki.N, PUP.tanzuki.K, PUP.Service.tanzuki.K, PUP.tanzuki.m, PUP.tanzuki.N, PUP.Yontoo.tanzuki.Installer (M)
96.67%

Dr.Web
Adware.Plugin.100, Trojan.BPlug.281, Trojan.BPlug.123, Trojan.BPlug.95
20.00%

AVG
Generic
13.33%

Baidu Antivirus
Adware.Win32.BrowseFox, Adware.MSIL.BrowseFox
13.33%

NANO AntiVirus
Riskware.Win32.Agent.cqsznp, Riskware.Win32.Kranet.dgiwfc
10.00%

Kaspersky
not-a-virus:AdWare.Win32.Agent, not-a-virus:AdWare.Win32.Yotoon
10.00%

Comodo Security
Application.Win32.Altbrowse.AK, Application.Win32.BrowseFox.B
10.00%

Antiy Labs AVL
AdWare/Win32.Agent, GrayWare[AdWare:not-a-virus]/Win32.Yotoon.bfm
10.00%

Vba32 AntiVirus
AdWare.Agent, AdWare.Yotoon
10.00%

avast!
Win32:Adware-BYZ [PUP], Win32:Adware-gen [Adw]
10.00%

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}w64.sys (StdLib)  (aa142c6e67273a4c6132ac29e6a6b8ec)

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}gw64.sys (StdLib)  (240ca2387d54c2ceeb4c8b01abfb24eb)

1 / 68      (Adware)
tanzuki.PurBrowseG.dll  (5c82f440d954559de31cf12c1f64d171)

1 / 68      (Adware)
tanzuki.IEUpdate.dll  (973c8e28ab5f0af819752d077822be94)

1 / 68      (Adware)
tanzuki.GCUpdate.dll  (5c246d695d9e8e3629833249cce9fd46)

1 / 68      (Adware)
tanzuki.FFUpdate.dll  (903ac0bb88161feaf8f7b47f103e2b22)

1 / 68      (Adware)
tanzuki.CompatibilityChecker.dll  (cc65eed8bde0e5b862c17b29f7314d5b)

1 / 68      (Adware)
tanzuki.BrowserAdapterS.dll  (4108dda0c17fe49492737e32f23211aa)

1 / 68      (Adware)
tanzuki.BroStats.dll  (5785fac28fb492503872601a01eda34f)

1 / 68      (Adware)
tanzuki.Bromon.dll  (cdc45a1b71e249a482d3ca9ba84f7ec1)

1 / 68      (Adware)
tanzuki.purbrowse64.exe  (09d79bdf1d81001f8dbdfec0a0eaab5d)

1 / 68      (Adware)
tanzukibho.dll (tanzuki)  (e45084bb7065466dd62ca1de1c3bfaa7)

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}gw64.sys (StdLib)  (c3cc8959ab26b86e10a2b64c6967ad91)

1 / 68      (Adware)
updatetanzuki.exe  (f532d37eef332c23020fa1bb662e81f2)

1 / 68      (Adware)
793380.tmp  (e1ef5bb587acd0552d8acb40d084973a)

1 / 68      (Adware)
tanzuki.IEUpdate.dll (by tanzuki)  (99821b290e039e8e64ef3d04dbaca238)

1 / 68      (Adware)
tanzuki.GCUpdate.dll  (b39e8b7324dcaa2bad07045cfd31ae9b)

1 / 68      (Adware)
tanzuki.FFUpdate.dll (by tanzuki)  (f2d0054b327bea6747298eaa37faed1b)

25 / 68    (Adware)
maintainer.bak  (ed7eeb652231a2919d37301fe2a89602)

7 / 68      (Adware)
tanzukiuntemp.exe  (152eca5c80245bfe0b93c4e81370caf9)

19 / 68    (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}w64.sys (StdLib)  (29d47096cb4fa2225ea315e6767bf329)

25 / 68    (Adware)
maintainer.exe  (bdb4db60b4d3c4c6dbec627989a9a4ab)

1 / 68      (Adware)
7939a1e.tmp  (02c64a6746fe528be30bc8592525cedb)

2 / 68      (Adware)
updatetanzuki.exe (by tanzuki)  (e9b18861b1abd9a6a87361ba07924a73)

1 / 68      (Adware)
tanzuki.IEUpdate.dll  (e8b9f899398c690678b8ec7ab88d87c1)

1 / 68      (Adware)
tanzuki.GCUpdate.dll  (2b8fec40a286761b4408d9e0c04bbbea)

1 / 68      (Adware)
tanzuki.FFUpdate.dll  (89a27a497d7404748926897014b7297f)

9 / 68      (Adware)
tanzukibho.dll (tanzuki)  (88f7ae29e0e6f99dfad2e2fd66687df2)

1 / 68      (Adware)
utiltanzuki.exe  (1ca0afe719a793a50a61238829b4510c)

4 / 68      (Adware)
utiltanzuki.exe  (b40197c20022382fb29f53336b48f38b)

 
Latest 30 of 30 files

The following publishers (by Authenticode signature organization name) are related.

30 of 62 publishers

Remove tanzuki Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to tanzuki by VeriSign, Inc. on August 20, 2013 with the serial number '5094cecd4b5d21903c384e60ac45c6c4'.