What is Yontoo?

Yontoo is software application developed by Yontoo Technology, Inc.. It is most commonly found on computers running Windows 7 with nearly 73.75% of installations running this operating system. Yontoo's installer is typically 823.00 KB in size and installs around 11 files. The most common release is 1.10.04 with 31.49% of all installations currently using this version.

Yontoo is most popular in the United States with 39.53% of installations residing in this country.

About Yontoo?

Yontoo is a browser extension and toolbar that gathers user web browsing data in order to offer personalized services and advertising suggestions. This potentially unwanted application is known for installing browser extensions that display advertisements resembling those from Facebook. Additionally, Yontoo installs PageRage, a browser extension that alters the appearance of Facebook with customized skins while also displaying advertisements resembling those from the social media platform.

Multiple virus scanners have detected malware in Yontoo.

YontooIEClient.dll (MD5: abd9b86eada05955cd1a82ae70de4fd4) has been flagged by 12 scanners:

Scanner Software	Version	Result
Comodo Security	16320	Application.Win32.Yontoo.a
Dr.Web		Adware.Plugin.11
Emsisoft Anti-Malware	3.0.0.575	Adware.Win32.Yontoo.AMN (A)
eSafe	7.0.17.0	Win32.Trojan
ESET-NOD32	8374	a variant of Win32/Adware.Yontoo.A
PC Tools	9.0.0.2	SecurityRisk.Yontoo!rem
SUPERAntiSpyware	5.6.0.1008	Adware.Yontoo
Symantec	20131.1.0.101	Yontoo
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.RCBH1JQ
VIPRE Antivirus	18114	Yontoo (v)
Antiy-AVL	2.0.3.7	AdWare/Win32.WebCake.gen
Bkav FE	1.3.0.4613	W32.Clodc3a.Trojan.bde5

sqlite3.exe (MD5: 8d03b10f0dced524a88a3ff4b370f50d) has been flagged by 2 scanners:

Scanner Software	Version	Result
Antiy-AVL	2.0.3.7	AdWare/Win32.WebCake.gen
Bkav FE	1.3.0.4613	W32.Clodc3a.Trojan.bde5

YontooIEClient_2.dll (MD5: fd05b3fcabf42ca72f7f166a6e0c62c7) has been flagged by 9 scanners:

Scanner Software	Version	Result
Agnitum Outpost	5.5.1.3	Adware.Yontoo!uZbtZZsvrqI
Avira AntiVir	7.11.45.122	Adware/Yontoo.A.9
Comodo Security	13796	Application.Win32.Yontoo.a
Dr.Web	7.0.3.07130	Adware.Siggen.24249
Emsisoft Anti-Malware	5.1.0.11	Adware.Win32.Yontoo.A!A2
ESET-NOD32	7561	Win32/Adware.Yontoo.A
Fortinet FortiGate	5.0.26.0	Riskware/Yontoo
Vba32 AntiVirus	3.12.18.2	Adware.Yontoo.a
VIPRE Antivirus	13442	Yontoo (v)

Y2Desktop.Updater.exe (MD5: 24fb8db6d1d55e2c5d0a53dfe48e6af8) has been flagged by 19 scanners:

Scanner Software	Version	Result
AVG	2014.0.3601	Skodna.Generic
Baidu-International	4.0.3.131025	Malware.Win32.Yontoo.40
F-Prot	v6.4.7.1.166	W32/ApplCtnX.Y
G Data	13.10.22	Win32.Application.Yontoo
K7 AntiVirus	13.173.9980	Unwanted-Program
Kingsoft AntiVirus	331020.49267	Win32.Troj.WebCake.d.(kcloud)
PC Tools	2013	SecurityRisk.Yontoo!rem
Symantec	10/25/2013 rev. 6	Yontoo
Vba32 AntiVirus	3.12.24.3	TScope.Trojan.MSIL
VIPRE Antivirus	22702	Yontoo (fs)
Comodo Security	16320	Application.Win32.Yontoo.a
Dr.Web		Adware.Plugin.11
Emsisoft Anti-Malware	3.0.0.575	Adware.Win32.Yontoo.AMN (A)
eSafe	7.0.17.0	Win32.Trojan
ESET-NOD32	8374	a variant of Win32/Adware.Yontoo.A
SUPERAntiSpyware	5.6.0.1008	Adware.Yontoo
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.RCBH1JQ
Antiy-AVL	2.0.3.7	AdWare/Win32.WebCake.gen
Bkav FE	1.3.0.4613	W32.Clodc3a.Trojan.bde5

Software Behaviors

Services:

Y2Desktop.Updater.exe runs as a service named 'Yontoo Desktop Updater' (Yontoo Desktop Updater) "Provides limited updating assistance for Yontoo Desktop".

Software Details

URL:

https://www.yontoo.com

Support:

–

Installation path:

C:\Program Files\Yontoo

Uninstaller:

C:\Program Files3\TARMAI~1\{889DF~1\Setup.exe /remove /q0

Size:

823.00 KB

Language:

English

Yontoo Executable Details

Primary executable:

OptChrome.exe

Name:

Yontoo

Path:

C:\Program Files\Yontoo\OptChrome.exe

MD5:

e014fa47c8e1ebd80f114ff87934f907

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

OptChrome.exe

e014fa47c8e1ebd80f114ff87934f907

DLL

YontooIEClient.dll

Malware

abd9b86eada05955cd1a82ae70de4fd4

EXE

fifa14.exe

75fc245b31a2559f3ab0fe79f9034df1

CRX

YontooLayers.crx

f158b5d37aa5d7fb3092c59c8b136ae5

EXE

sqlite3.exe

Malware

8d03b10f0dced524a88a3ff4b370f50d

DLL

YontooIEClient_2.dll

Malware

fd05b3fcabf42ca72f7f166a6e0c62c7

EXE

Y2Desktop.Updater.exe

Malware

24fb8db6d1d55e2c5d0a53dfe48e6af8

EXE

stampsetup.exe

ede5aeec71378f6fb088088ae977b107

EXE

msgr11us.exe

fcb4d8a3a03e99f085eacd16ef908a37

EXE

GoogleVoiceAndVideoSetup.exe

88eb56e13099b99cbd5e028f2ea3c327

File Type	Filename	MD5
EXE	OptChrome.exe	e014fa47c8e1ebd80f114ff87934f907
DLL	YontooIEClient.dll Malware	abd9b86eada05955cd1a82ae70de4fd4
EXE	fifa14.exe	75fc245b31a2559f3ab0fe79f9034df1
CRX	YontooLayers.crx	f158b5d37aa5d7fb3092c59c8b136ae5
EXE	sqlite3.exe Malware	8d03b10f0dced524a88a3ff4b370f50d
DLL	YontooIEClient_2.dll Malware	fd05b3fcabf42ca72f7f166a6e0c62c7
EXE	Y2Desktop.Updater.exe Malware	24fb8db6d1d55e2c5d0a53dfe48e6af8
EXE	stampsetup.exe	ede5aeec71378f6fb088088ae977b107
EXE	msgr11us.exe	fcb4d8a3a03e99f085eacd16ef908a37
EXE	GoogleVoiceAndVideoSetup.exe	88eb56e13099b99cbd5e028f2ea3c327

Yontoo

What is Yontoo?

About Yontoo?

Multiple virus scanners have detected malware in Yontoo.

Software Behaviors

Software Details

Yontoo Executable Details