BuzzSurfing
What is BuzzSurfing?
is an adware application that is distributed by Yontoo, a division of Sambreel Holdings based in Carlsbad, CA. It is a rebrand of the various other web browser extensions that Yontoo delivers all with similar names. The program is included as part of a download bundle. Upon installation, this adware installs itself as a web browser addin/plugin and or extension depending on the browser (Chrome, IE, Firefox). It will inject various forms of advertising in the browser including but not limited to inline text and multi-site searching, related search results, comparison shopping popups and a number of banners and popups/popunders for additional offers of both standard ads as well as unwanted software.
In addition to displaying advertisements, the adware extension will also modify the web browsers settings in order to facilitate its ad injection offers. When installed and without any notice (other then on the website EULA), the software will automatically adjust the two second load time in Internet Explorer by turning it off. This action prevents IE from warning the user that a slower BHO is causing some unwanted effects. It will also it will modify the browser's Instant Search feature and will adjust the browser so that clicking on a search engine results page link will open the page in a new browser tab.
Overview
During setup, the program registers itself to launch on boot through a Windows Schedule Task in order to automatically start-up (this is typically done to avoid any UAC prompts). It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The main program executable is BuzzSurfing_wd.exe. Typically most users end up uninstalling this just after a few days. The software installer includes 5 files and is usually about 1.31 MB (1,376,610 bytes).
- Possible malware installed by this program
- Automatically starts with Windows
- Installs a Windows Service
- Typically distributed through a pay-per-install bundle
- Displays unwanted advertisements
- Generally known to have a low reputation
- The wisdom of the crowd agrees, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in BuzzSurfing.
BuzzSurfing_wd.exe (c35856c828df979aaa0296ebbaf08117) has been flagged by the following 3 scanners: |
Anti-Virus software | Version | Detection |
Baidu-International |
4.0.3.14422 |
Adware.Win32.AD150.A |
Emsisoft Anti-Malware |
8.14.04.22.11 |
X97M.Mailcab.A@mm |
ESET-NOD32 |
8.9483 |
a variant of Win32/AdWare.AD150.A |
BuzzS.exe (abf51b4ea844853a0791d076782256c6) has been flagged by the following 4 scanners: |
Anti-Virus software | Software version | Detection |
avast! |
8.0.1489.320 |
Win32:Agent-ASMU [PUP] |
Baidu-International |
3.5.1.41473 |
Adware.Win32.AddLyrics.AF |
Comodo Security |
17861 |
Application.Win32.AddLyrics.X |
ESET-NOD32 |
9483 |
a variant of Win32/AdWare.AddLyrics.AF |
BuzzSurfing155.exe (849ebe3d0abd6c9cc9cf1dcb69e48e4c) has been flagged by the following 2 scanners: |
Anti-Virus software | Software version | Detection |
Baidu-International |
3.5.1.41473 |
Adware.Win32.AD150.A |
ESET-NOD32 |
9482 |
a variant of Win32/AdWare.AD150.A |
BuzzSurfing has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: BuzzSurfing software
Installation folder: C:\Program Files\buzzsurfing-soft
Uninstaller: C:\Program Files\BuzzSurfing-soft\Uninstall.exe
Estimated size: 1.31 MB
Files installed by BuzzSurfing
Program executable: | BuzzSurfing_wd.exe (Malware detected) |
Path: | C:\Program Files\buzzsurfing-soft\BuzzSurfing_wd.exe |
MD5: | c35856c828df979aaa0296ebbaf08117 |
Additional files:
-
(Malware detected) BuzzS.exe
-
(Malware detected) BuzzSurfing_wd.exe
-
(Malware detected) BuzzSurfing155.exe
-
Uninstall.exe
-
Sqlite3.dll
Behaviors exhibited
2 Scheduled Tasks
- BuzzSurfing_wd.exe is scheduled as a task named 'BuzzSurfing_wd' (runs daily at 6:22 PM).
- BuzzS.exe is scheduled as a task named 'BuzzSurfing Update' (runs daily at 6:12 PM).
2 Scheduled Tasks (Boot/Login)
- BuzzSurfing_wd.exe is automatically launched at startup through a scheduled task named BuzzSurfing_wd.
- BuzzS.exe is automatically launched at startup through a scheduled task named BuzzSurfing Update.
Service
- BuzzSurfing155.exe runs as a service named 'BuzzSurfing' (BuzzSurfing).
How do I remove BuzzSurfing?
You can uninstall BuzzSurfing from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program BuzzSurfing, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove BuzzSurfing.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
OS VERSIONS
Win 7 (SP1) 67%
Win 10 33%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
|
Uninstall it 79%
Keep it 21%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
66.67% |
|
Windows 10 |
33.33% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
66.67% |
|
Windows 8 Pro |
33.33% |
|
Geography
100.00% of installs come from the United States
Which countries install it?
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
66.67% |
|
American Megatrends |
33.33% |
|
About Yontoo Technology
Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com