PacFunction
What is PacFunction?
PacFunction is software application developed by Yontoo Technology, Inc.. It is most commonly found on computers running Windows 7 with nearly 54.73% of installations running this operating system. PacFunction's installer is typically 1.00 MB in size and installs around 11 files. The most common release is 2014.03.28.231718 with 12.94% of all installations currently using this version.
PacFunction is most popular in the United States with 32.8% of installations residing in this country.
About PacFunction?
TiltBrowser is a browser extension known for its Yontoo/Sambreel advertising injection adware. It is designed to transform random web page text into hyperlinks and generate browser popups suggesting fake updates or other software. The software is also known for displaying ads with red "click here" buttons when those links are hovered on. Furthermore, it is worth noting that the installation of TiltBrowser may result in the unwanted addition of other adware programs without the user's consent. As a consequence, web pages may experience decreased download speeds due to the excessive display of ads. The distribution of this software is commonly facilitated through download managers associated with Simply Tech Ltd, Install Lab ltd. (clickandownload.com), and CoolMirage Ltd. (torntv-tvv.org).
Multiple virus scanners have detected malware in PacFunction.
| Scanner Software | Version | Result |
|---|---|---|
| Agnitum Outpost | 5.5.1.3 | Riskware.Agent! |
| AhnLab-V3 | 2014.11.02.00 | PUP/Win32.SwiftBrowse |
| Antiy-AVL | 1.0.0.1 | GrayWare[AdWare:not-a-virus,HEUR]/MSIL.Kranet |
| AVG | 15.0.0.4189 | Pafun.E1F |
| Avira | 7.11.182.186 | ADWARE/BrowseFox.Gen7 |
| AVware | 1.5.0.21 | Yontoo (fs) |
| Baidu-International | 3.5.1.41473 | Adware.Win32.BrowseFox.bH |
| CAT-QuickHeal | 14.00 | AdWare.MSIL.r3 (Not a Virus) |
| Comodo Security | 19968 | ApplicUnwnt |
| Dr.Web | 7.0.10.8210 | Trojan.BPlug.250 |
| ESET-NOD32 | 10656 | a variant of Win32/BrowseFox.H |
| Fortinet FortiGate | 5.0.999.0 | Adware/Kranet |
| K7 AntiVirus | 9.185.13866 | Trojan ( 0049f7ad1 ) |
| K7GW | 9.185.13866 | Trojan ( 0049f7ad1 ) |
| Kaspersky | 12.0.0.1225 | not-a-virus:HEUR:AdWare.MSIL.Kranet.heur |
| Kingsoft AntiVirus | 2013.4.9.267 | Win32.Troj.Generic.a.(kcloud) |
| Malwarebytes | 1.75.0.1 | PUP.Optional.PacFunction.A |
| McAfee | 6.0.5.614 | BrowseFox.c |
| McAfee-GW-Edition | v2014.2 | BehavesLike.Win32.Dropper.fh |
| nProtect | 2014-10-31.01 | Trojan-Clicker/W32.Agent.323360.B |
| Qihoo-360 | 1.0.0.1015 | Win32/Virus.Adware.e4c |
| Sophos | 4.98.0 | Generic PUA LP |
| Symantec | 20141.1.0.330 | Trojan.Gen.2 |
| Trend Micro | 9.740.0.1012 | TROJ_GEN.R0C1C0EJH14 |
| TrendMicro-HouseCall | 9.700.0.1001 | TROJ_GEN.R0C1C0EJH14 |
| VIPRE Antivirus | 34448 | Yontoo (fs) |
| Scanner Software | Version | Result |
|---|---|---|
| Lavasoft Ad-Aware | 1018 | Adware.Agent.NYU |
| Agnitum Outpost | 7.1.1 | PUA.Agent |
| Avira AntiVir | 7.11.144.114 | APPL/BrowseFox.Gen2 |
| Antiy-AVL | 0.1.0.1 | GrayWare[AdWare:not-a-virus]/Win32.Agent |
| avast! | 2014.9-140422 | Win32:PUP-gen [PUP] |
| AVG | 2015.0.3496 | MalSign.Pafun |
| Bitdefender | 1.0.20.560 | Adware.Agent.NYU |
| CAT-QuickHeal | 4.14.12.00 | AdWare.Agent.r5 (Not a Virus) |
| Comodo Security | 18135 | Application.Win32.Altbrowse.AK |
| Dr.Web | 9.0.0.0112 | Trojan.BPlug.28 |
| Emsisoft Anti-Malware | 8.14.04.22.04 | Adware.Agent.NYU |
| ESET-NOD32 | 8.9701 | a variant of Win32/BrowseFox.F |
| Fortinet FortiGate | 4/22/2014 | Riskware/BrowseFox |
| F-Secure | 11.2014-22-04_3 | Adware.Agent.NYU |
| G Data | 14.4.24 | Adware.Agent.NYU |
| IKARUS anti.virus | t3scan.1.6.1.0 | AdWare.Agent |
| Jiangmin | KV140422 | Adware/Agent.jaw |
| K7 AntiVirus | 13.176.11806 | Unwanted-Program |
| K7GW | 13.176.11806 | Unwanted-Program ( 00454f261 ) |
| Kaspersky | 14.0.0.3976 | not-a-virus:AdWare.Win32.Agent |
| Kingsoft AntiVirus | 331020.49267 | Win32.Troj.Agent.ah.(kcloud) |
| Malwarebytes | v2014.04.22.04 | PUP.Optional.PacFunction.A |
| McAfee | 5600.7152 | Artemis!05BDAAA29E6B |
| McAfee-GW-Edition | 7.7152 | Artemis!05BDAAA29E6B |
| MicroWorld-eScan | 15.0.0.336 | Adware.Agent.NYU |
| NANO AntiVirus | 0.28.0.59288 | Riskware.Win32.Agent.cqvnby |
| nProtect | 14.04.20.01 | Adware.Agent.NYU |
| Sophos | 4.98 | Generic PUA MH |
| SUPERAntiSpyware | 10650 | Adware.BrowseFox/Variant |
| TrendMicro-HouseCall | 7.2.112 | TROJ_GEN.F47V0320 |
| Vba32 AntiVirus | 3.12.26.0 | AdWare.Agent |
| VIPRE Antivirus | 28420 | Yontoo (fs) |
| AhnLab-V3 | 2014.11.02.00 | PUP/Win32.SwiftBrowse |
| Avira | 7.11.182.186 | ADWARE/BrowseFox.Gen7 |
| AVware | 1.5.0.21 | Yontoo (fs) |
| Baidu-International | 3.5.1.41473 | Adware.Win32.BrowseFox.bH |
| Qihoo-360 | 1.0.0.1015 | Win32/Virus.Adware.e4c |
| Symantec | 20141.1.0.330 | Trojan.Gen.2 |
| Trend Micro | 9.740.0.1012 | TROJ_GEN.R0C1C0EJH14 |
Software Behaviors
- Services:
-
- updatePacFunction.exe runs as a service named 'Update PacFunction' (Update PacFunction).
Software Details
- URL:
- https://pacfunction.info/support
- Support:
- https://mailto:
- Installation path:
- C:\Program Files\PacFunction
- Uninstaller:
- C:\Program Files\PacFunction\PacFunctionuninstall.exe
- Size:
- 1.00 MB
- Language:
- English
PacFunction Executable Details
- Primary executable:
- PacFunction.FirstRun.exe
- Name:
- PacFunction
- Path:
- C:\Program Files\PacFunction\PacFunction.FirstRun.exe
- MD5:
- –
- SHA-1:
- –
- SHA-256:
- –
| File Type | Filename | MD5 |
|---|---|---|
|
EXE
|
e92604e043f51c604b6d1ac3bcd3a202 | |
|
DLL
|
67a8a7b8b939bb6fb03184f236f724ad | |
|
EXE
|
38dcf478cd6a59cb0d4cd280071c2fdd | |
|
EXE
|
updatePacFunction.exe
Malware
|
d3362227a4bfba3792cfbb22ed699494 |
|
EXE
|
8375e6b6dbe2532c2adbb6175fd9e124 | |
|
DLL
|
PacFunctionBHO.dll
Malware
|
05bdaaa29e6b256cb966b90306ddc033 |
|
EXE
|
4080bdc9fd42659216f0af2eb8dd57b4 | |
|
CRX
|
18097b2e9d61f5be0cb0ee1d9a44e6dd | |
|
EXE
|
01491e8e8e66aa349aa4119d56225760 | |
|
DLL
|
767ed2ad70abcf38bc01409d394ac181 |