A few words about the company, it was founded by a small group of people that had worked together on previous projects. Their mission is to enhance, extend and personalize everyone’s experience across all websites. Sounds great, but why so many ads?
One more thing, you can easily find other write-ups about Yontoo and Yontoo Runtime Layers with slightly different classification, for example Symantec detects Yontoo as a potentially unwanted application. And we have to say it’s rather confusing because folks who have been working on this software since 2006 have valid Symantec and McAfee certificates, not just identity verification but also malware scan. Seriously, that doesn’t make sense. Symantec states that it’s a potentially unwanted app, you know, something that you don’t want to install and at the same time they flag their site as completely safe even thought it hosts Yontoo installers. ESET, Spybot, Dr.Web classify Yontoo as adware. ESET blocks yontoo.com and any web requests from their website as well. TrendMicro says it’s a Trojan… well they probably went too far with such assertions. It’s hardly a Trojan horse but that doesn’t mean you should keep it. It’s up to you whether you want to keep or remove it from your machine. Maybe you find this software useful.
Probably the most widely spread web browser extension which is tied to Yontoo is called Pagerage. This browser extension allows you to modify your Facebook profile which is cool but also displays advertisements that appear to be from Facebook even thought they are usually delivered from entirely different ad networks. However, Yontoo.Pagerage is not the only web browser extension tied to Yontoo adware. Recently, we stumbled upon a FLV Player application bundled with Yontoo dependable software: Banner Gadgets, FreeTwitTube, ezLooker, Buzzdock and Wajam. In this particular case, Yontoo had proper EULA and privacy policy. But we know for sure that certain extensions get installed without proper display of an EULA and privacy policy. No doubt about that.
In the image below, you can clearly see how Yontoo adware and associated applications changed Google search page. There are two blocks of sponsored ads instead of one and there’s also this Wajam social search app on the right side of the screen. It messes things up rather badly.
All in all, Yontoo isn’t a very widespread infection. And it’s definitely not the most dangerous infection. But that doesn't mean it is not used much. To remove Yontoo and associated applications from your computer, please follow the removal instructions below. If you have any questions about this adware or potentially unwanted application or would like to share information that isn’t covered in this page, please leave a comment. Good luck and be safe online!
Added: Yontoo 1.10.03 is the current version of this software, however, there are still enough websites that serve Yontoo 1.10.02 or even older version. Removal instructions remain the same for both versions.
Source: http://deletemalware.blogspot.com
Yontoo removal instructions:
1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this browser hijacker. Hopefully you won't have to do that.
2. Go to the Start Menu. Select Control Panel → Add/Remove Programs.
If you are using Windows Vista or Windows 7, select Control Panel → Uninstall a Program.
3. Search for Yontoo (1.10.03 or 1.10.02) in the list. Select the program and click Remove button. By the way, it's a good idea to remove any other application that could be tied to Yontoo adware.
If you are using Windows Vista/7, click Uninstall up near the top of that window.
4. Select the second option to completely remove Yontoo from your computer and click Next.
5. Click Yes to confirm uninstall and remove Yontoo Adware from your computer.
Remove Yontoo browser add-ons Internet Explorer:
1. Open Internet Explorer. Go to Tools → Manage Add-ons.
2. Remove all Yontoo LLC components: Yontoo Api and Yontoo. Close the window.
Remove Yontoo browser extention in Mozilla Firefox:
1. Open Mozilla Firefox. Go to Tools → Add-ons.
2. Select Extensions. Remove Yontoo Runtime extension. Close the window.
That's it!
Remove Yontoo browser extension in Google Chrome:
1. Click on Customize and control Google Chrome icon. Go to Tools → Extensions.
2. Select Yontoo and click on the small recycle bin icon to remove the toolbar.
Associated Yontoo adware files and registry values:
Files:
- C:\Program Files\Yontoo\YontooIEClient.dll
- HKEY_CLASSES_ROOT\AppID\YontooIEClient.DLL
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Api
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YontooIEClient.Layers
- HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
No comments:
Post a Comment