home

Yontoo LLC

Publisher Information

Yontoo LLC is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. Yontoo is a publisher and distributor of adware type applications and a subsidiary of Sambreel LLC run by Arie Trouw. Most software is supported by various types of advertising, including but not limited to search, banner, inline text and transitional ads. In addition, most browser extensions will modify certain browser and search engine settings thta might lower the security of a user's PC. (http://www.yontoo.com/TermsOfService.aspx) Thre are 3 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
10/24/2012 5:30:00 AM

Valid to:
12/24/2013 5:29:59 AM

Subject:
CN=Yontoo LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Yontoo LLC, L=Carlsbad, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4a49fb7e6b0bcf398a1acf39ea80d982

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M)
100.00%

ESET NOD32
MSIL/Adware.Yontoo.A application
16.00%

Dr.Web
Adware.Yontoo.78, Adware.Plugin.172
10.00%

avast!
Win32:BrowseFox-CM [PUP]
2.00%

1 / 68      (Adware)
desktop.os.dll.mal (Desktop)  (55b51e0374cdd2b08e2bf6d86321a5b7)

1 / 68      (Adware)
YontooDesktop.exe (Yontoo Desktop by Yontoo)  (86009b559125264bc077bde01628c013)

1 / 68      (Adware)
healthmonitor.dat (Y2Desktop.HealthMonitor by Yontoo)  (d8dcc9c0e410cca214ebe09ddf3be8fc)

1 / 68      (Adware)
heartbeat.dat (Y2Desktop.HeartbeatPlugin by Yontoo)  (78f6a1a4cdb5ac0a4236aaffeb6f95f5)

1 / 68      (Adware)
Desktop.OS.Plugin.dll (Desktop.OS.Plugin)  (cc0e34a56b4b85f03d1212e1fe6c40aa)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (3e7988c99352814259d7695949346940)

1 / 68      (Adware)
healthmonitor.dat (Y2Desktop.HealthMonitor by Yontoo)  (c95b4599b18fe62b5ae0cc33e18c69de)

1 / 68      (Adware)
phoenix.dat (Y2Desktop.Phoenix by Microsoft)  (8e6672c0973144e06ceecee7c642831d)

1 / 68      (Adware)
paladin.dat (Y2Desktop.Paladin by Microsoft)  (78f315f8b3807cb7c318a28e8bc35515)

1 / 68      (Adware)
healthmonitor.dat (Y2Desktop.HealthMonitor by Yontoo)  (06228f6fb57e990bfd56adc60c1dde99)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (6ca3ec7392a76c69be484e9a991bad3f)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (8d7d0e3cb0aeddb94b8c21b3e4f8d029)

1 / 68      (Adware)
Desktop.OS.Plugin.dll (Desktop.OS.Plugin)  (d79b13c648f708d47d124b740f9ddd79)

1 / 68      (Adware)
dibs.dat (Y2Desktop.DIBS by Microsoft)  (430317573f566d2360e85eb05d931f32)

1 / 68      (Adware)
dibs.dat (Y2Desktop.DIBS by Microsoft)  (3c28e46f552394d4f8ec03e241b4796a)

1 / 68      (Adware)
heartbeat.dat (Y2Desktop.HeartbeatPlugin by Yontoo)  (50376b29551637f46e160f9e1e65df9b)

1 / 68      (Adware)
tmp00000001e3f1d331bff41c57 (Yontoo Desktop by Yontoo)  (9156e386b8ef6b611e0c37a900fe0915)

1 / 68      (Adware)
paladin.dat (Y2Desktop.Paladin by Microsoft)  (697f2df688214b6ecc80b8339c8123c5)

1 / 68      (Adware)
heartbeat.dat (Y2Desktop.HeartbeatPlugin by Yontoo)  (5d7025aa6c08bbe739f655c05b1e0630)

1 / 68      (Adware)
Desktop.OS.Plugin.dll (Desktop.OS.Plugin)  (48246303bf889bdcfa1708e6a423b762)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (2b6155806761f5a593c2b5b66c27f517)

1 / 68      (Adware)
Desktop.OS.Plugin.dll (Desktop.OS.Plugin)  (d948d9cb5982c3c739b72f3a43d0ac20)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (d5d6a62dfd873857a641c61a6bb0839e)

2 / 68      (Adware)
tmp000005743540eb8a9e198c66 (Desktop.OS.Plugin)  (eff6ef35d059b3f01a2ebcb7b8659167)

2 / 68      (Adware)
tmp000004b10814d92942955553 (Desktop.OS.Plugin)  (5e536152ba71587c073d13b9f0687b9d)

3 / 68      (Adware)
tmp000004829d97915d9905cd59 (Desktop.OS.Plugin)  (bb28c3e4ea07bbafefeab3c1cb1f68c6)

3 / 68      (Adware)
tmp000004805e21d253d27a1b65 (Desktop.OS.Plugin)  (ec9bc4b3d3f9cbfb1477acab12817b6e)

2 / 68      (Adware)
tmp000004602ca16ae4d8113557 (Desktop.OS.Plugin)  (a53d21871a88b31090b8fdb90b5636df)

3 / 68      (Adware)
tmp0000044efb4fa9096106d6bd (Desktop.OS.Plugin)  (d13e679323ff65ff7100f821eddb9679)

1 / 68      (Adware)
Desktop.OS.dll (Desktop)  (18ee9fd591faea4b8b64b5440a91a036)

 
Latest 30 of 348 files

Top-level domains owned by Yontoo LLC.

yontoo.com

luckyleap.net

amasvc.com

dropdowndeals.com

jeetyetmedia.com

jumpflip.net

webconnect.co

outobox.net

browsefox.com

whilokii.net

browsesmart.net

lemurleap.info

divapton.biz

secretsauce.biz

betterbrowse.net

greygray.biz

diamondata.net

glindorus.net

websparkle.biz

kozaka.net

clingclang.biz

serialtrunc.com

batbrowse.com

pagerage.com

facebooklayouts.com

buzzdock.com

surftastic.net

myfindright.com

lookinglink.info

viewplay.net

30 of 37 domains

The certificates below are also signed by Yontoo LLC.

3AED60574343204F777D640FE767E84C  (Jan 03, 2014 to Feb 02, 2015)

4F8617352536F013088C9B5533AA4440  (Dec 06, 2011 to Dec 06, 2012)

07E1F9EBCCC1AC  (May 09, 2011 to May 09, 2012)

The following publishers (by Authenticode signature organization name) are related.

sterkly LLC

Web Cake

lucky leap

SaltarSmart

secretsauce

GreyGray

diamondata

LemurLeap

BatBrowse

Browse Fox

glindorus

Browsebeyond

outobox

Whilokii

Spring Smart

Cling Clang

kasimos

Storimbo

LinkiDoo

linkswift

DiVapton

Webfuii

WebSparkle

Kozaka

SquirrelWeb

RightSurf

SerialTrunc

EnhanceTronic

lookinglink

AdvanceMark

30 of 63 publishers

* Note, the details and description above are based on the code signing digital signature issued to Yontoo LLC by VeriSign, Inc. on October 24, 2012 with the serial number '4a49fb7e6b0bcf398a1acf39ea80d982'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.