Adware Yontoo – OptChrome.exe – ad35cb60bee6922294fe9ae2ba6d60bf

Adware No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Adware Yontoo
Also known as: Trojan Generic
SHA256: ae8b213ba6c3f4400bb9f50747c343ece0e7679a38adb58904fb3ecc6f015b69
SHA1: e1e662a9fa4d74b8e9963c944cba1569434ec807
MD5: ad35cb60bee6922294fe9ae2ba6d60bf
File size: 1202336 bytes

Created files:

%Program Files%\Yontoo\OptChrome.exe – Adware Yontoo
%Program Files%\Yontoo\YontooIEClient.dll – Adware Yontoo
%Common AppData%\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe – Adware Yontoo
%Common AppData%\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll – Adware Yontoo
%Common AppData%\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe – Adware Yontoo
%Common AppData%\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll – Adware Yontoo
%Common AppData%\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll – Adware Yontoo
%Temp%\2267213C\7za.exe – Adware Yontoo
%Temp%\2267213C\sqlite3.exe – Adware Yontoo
%Temp%\2267213C\x64\regsvr32.exe – Adware Yontoo
%Temp%\2267213C\x86\regsvr32.exe – Adware Yontoo
%Temp%\2267213C\YontooIEClient.dll – Adware Yontoo
%Temp%\2267213C\_Setup.dll – Adware Yontoo
%Temp%\2267213C\_Setupx.dll – Adware Yontoo
%Temp%\AD35CB60BEE6922294FE9AE2BA6D60BF-1478.exe – Adware Yontoo
%Temp%\C33BC4A1\x64\regsvr32.exe – Adware Yontoo
%Temp%\C33BC4A1\x86\regsvr32.exe – Adware Yontoo
%Temp%\C33BC4A1\_Setup.dll – Adware Yontoo
%Temp%\YontooSetup-S-14F8.exe – Adware Yontoo
%Temp%\YontooSetup-S.exe – Adware Yontoo

Adware Yontoo created autostart registry keys:

HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\InProcServer32 : %Program Files%\Yontoo\YontooIEClient.dll
HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\InProcServer32\ThreadingModel: Both
HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32 : %Program Files%\Yontoo\YontooIEClient.dll
HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32\ThreadingModel: Apartment
HKLM\Software\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32 : %Program Files%\Yontoo\YontooIEClient.dll
HKLM\Software\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32\ThreadingModel: Apartment

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images