PacFunction

PacFunction Description


PacFunction is adware that may display annoying pop-up ads, banners and messages on a screen of a computer system. PacFunction may affect all the well-known Web browsers installed on the PC including Google Chrome, Mozilla Firefox and Internet Explorer, installed on the PC and show unwanted pop-up ads on every website the PC user visits. The pop-up advertisements and banners of PacFunction may be related to the computer user’s latest online searches or content of the website. PacFunction may substitute search results in any major search provider with sponsored links that may carry a variety of pop-up advertisements.
DOWNLOAD NOW

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

Search results modified and given by PacFunction in popular search engines may forcibly reroute computer users to questionable websites, which may be commercial and offer misleading products or services. PacFunction may proliferate and infiltrate into the PC through bundled free applications that computer users can download from questionable download websites on the Internet. The main goal of PacFunction may be to generate advertising revenue from clicks on pop-up advertisements and raised traffic of an unknown website that may cover the screen of the PC with commercial ads and messages.

Aliases


PUP.Optional.PacFunction.A [Malwarebytes]



PacFunction Automatic Detection Tool (Recommended)


Is your PC infected with PacFunction? To safely & quickly detect PacFunction we highly recommend you run the malware scanner listed below.



Technical Details

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Tracing\PacFunction_RASAPI32SOFTWARE\Microsoft\Tracing\updatePacFunction_RASAPI32SOFTWARE\Microsoft\Tracing\updatePacFunction_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3983585e-5d14-4d1d-a257-35b0d52f2dfc}SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9aa72d95-59d7-4421-a02c-f93a1187a165}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3983585E-5D14-4D1D-A257-35B0D52F2DFC}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3983585E-5D14-4D1D-A257-35B0D52F2DFC}Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID, value: {9aa72d95-59d7-4421-a02c-f93a1187a165}SOFTWARE\PacFunctionSOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASAPI32SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{3983585e-5d14-4d1d-a257-35b0d52f2dfc}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9aa72d95-59d7-4421-a02c-f93a1187a165}SOFTWARE\Wow6432Node\PacFunctionSYSTEM\ControlSet002\services\Update PacFunctionSYSTEM\CurrentControlSet\services\eventlog\Application\Update PacFunctionSYSTEM\CurrentControlSet\services\Update PacFunctionHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}PacFunction
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {3983585e-5d14-4d1d-a257-35b0d52f2dfc}{3832A100-2C84-43FF-B228-ACBEC4A95EDD}{FA38D168-7DA3-4F0C-8CC0-75A6424113DC}{9aa72d95-59d7-4421-a02c-f93a1187a165}{74B52F4F-B4A9-46F0-ACAE-C5A97AABA21C}
Posted: February 3, 2014 | By
Share:
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 2/10
Detection Count: 25,201

Leave a Reply

What is 14 + 15 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)