Also known as: PUABundler:Win32/FusionCore, PUA:Win32/FusionCore, Adware.FusionCore, PUP.Optional.FusionCore
Category: Malware
Type: Bundler, adware, potentially unwanted program (PUP), riskware, grayware, trojan
Platform: Windows
Variants: Win32/FusionCore.BH, Bundler.FusionCore.CG, PUA.Win32.FusionCore.SMBD2
Damage potential: Browser interference (including redirects), ads injected into web pages, frequent pop-ups, exposure of personal data, installation of undesirable software, malware infection
Overview
FusionCore is an adware bundler that attempts to secretly introduce undesirable elements (such as apps or browser extensions) to your system during software installation. These elements can add intrusive advertisements (including pop-ups) to your browser, redirect web traffic, collect your personal data, and interfere with your online activities.
Possible symptoms
As with most adware, the most common symptoms seen in the aftermath of a FusionCore infection are random pop-ups and the presence of new browser extensions that the user did not explicitly install.
Other symptoms of a FusionCore infection include:
- Your browser goes through multiple redirects when loading pages.
- Your device starts to heat up due to background processes.
- You notice third-party software that you don’t remember installing.
- Specific keywords in websites are automatically hyperlinked to third-party sites.
- Banners for the same products appear uniformly across all websites.
Sources of the infection
Like other adware bundlers, FusionCore is attached to software that is of legitimate interest to users (for example, file converters or archiving apps). This software is often consciously downloaded from unsafe websites by the users themselves, who naively believe that the free file comes with no strings attached.
Your device may also get infected with FusionCore from:
- Emails containing infected attachments (for example, spam or phishing emails).
- Infected files downloaded from cloud storage or online repositories.
- Drive-by downloading (malicious scripts on compromised websites that force your device to automatically download malware when the page loads).
- Peer-to-peer (P2P) sharing of infected files.
- Infected external devices, such as hard drives or USB sticks.
Protection
The best protection against FusionCore and other adware is forming good cybersecurity habits. Take care when installing new programs, especially if you have downloaded them from dubious sources. If possible, scan the downloaded file with antimalware tools beforehand, opt for a custom installation to unselect undesirable elements, and make sure to read the installation prompts carefully during the process.
Other protective measures include:
- Avoid potentially dangerous websites, like dark web pages or torrent repositories. These websites may host infected files or attempt to install malware (including FusionCore) on your device as soon as you open them.
- Do not open unverified attachments in emails or messaging apps, even from trusted contacts. Scanning these attachments with antimalware tools may reveal hidden spyware or adware.
- The malware scanner feature in NordVPN’s Threat Protection Pro™ checks programs and files for malware before they’re downloaded. Threat Protection Pro™ will also alert you if you’re about to enter a known infected website to prevent drive-by-download attacks.
Removal
Use reputable antivirus software to remove FusionCore and the undesirable elements it has introduced. You should not try to remove it manually — FusionCore often hides copies of itself throughout your system and alters your registry to reinstall it after deletion.