Yontoo Technology, Inc.

Publisher Information

Yontoo Technology, Inc. is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Remove Yontoo Technology, Inc. Malware - Powered by Reason Core Security
Authority:
GoDaddy.com, Inc.

Valid from:
9/2/2009 1:41:20 PM

Valid to:
9/2/2012 1:41:20 PM

Subject:
CN="Yontoo Technology, Inc.", OU=Product Development, O="Yontoo Technology, Inc.", L=Carlsbad, S=CA, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
6a08909dda7b

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Installer.YontooTechnology.N, PUP.BHO.Yontoo, Threat.Yontoo.YontooTechnology, PUP.Yontoo.YontooTechnology (M), PUP.Yontoo.YontooTechnology.Installer (M)
100.00%

VIPRE Antivirus
Yontoo
78.00%

Avira AntiVirus
ADWARE/Yontoo.Gen, Adware/Yontoo.A.25, Adware/Yontoo.A.33, ADWARE/Yontoo.A.2
62.00%

Dr.Web
Adware.Plugin.11
58.00%

ESET NOD32
Win32/Adware.Yontoo (variant)
58.00%

Baidu Antivirus
Trojan.Win32.InstallRex, Trojan.Win32.OpenCandy, Adware.Win32.Yontoo
52.00%

Agnitum Outpost
PUA.Plugin, Adware.Yontoo
48.00%

Comodo Security
UnclassifiedMalware, Application.Win32.Yontoo.a, Heur.Suspicious
46.00%

Bkav FE
W32.YontooBho.Trojan, W32.Clod3e4.Trojan
46.00%

Trend Micro House Call
TROJ_GEN.USH23HO, TROJ_GEN.R0CBC0OFI14, Suspicious_GEN.F47V0711, TROJ_GEN.R0CBH07JM13
46.00%

2 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
pageragesetup.exe (Yontoo Layers by Theme Your World)  (0f39b8918b35232a801baf59d41fedb7)

23 / 68    (Adware)

1 / 68      (Adware)
dropdowndealssetup.exe (Yontoo Layers)  (4a8be7cfc5ede2d64f30af6ac511499c)

1 / 68      (Adware)
worker_2.exe (Drop Down Deals)  (ca3327c828590ad1151181fe9dc81ab5)

2 / 68      (Adware)

9 / 68      (Adware)

23 / 68    (Adware)

23 / 68    (Adware)

1 / 68      (Adware)
sym2pak.exe (Yontoo Layers Client by Yontoo Technology)  (95d076ca4747b1fcb2ad02a4acafa9fb)

45 / 68    (Adware)

23 / 68    (Adware)

23 / 68    (Adware)

23 / 68    (Adware)

23 / 68    (Adware)

23 / 68    (Adware)

2 / 68      (Adware)

23 / 68    (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
yontooclientsetup.exe (Yontoo Layers by Theme Your World)  (aa4254bc7524e1b9f5090c71c73de217)

23 / 68    (Adware)

23 / 68    (Adware)

1 / 68      (Adware)
YontooIEClient.dll (Yontoo Layers Runtime by Yontoo)  (51dcc6c8796462cdabde62ad70c9aa48)

23 / 68    (Adware)

2 / 68      (Adware)

1 / 68      (Adware)

5 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 70 files

Downloads URLs for files signed by Yontoo Technology, Inc..

2 / 68      (Adware)
http://download.yontoo.com/YontooSetup-DropDownDeals.exe  (230f2a77e80b6a423f4695df95736ed0)

The following websites host and distribute files published by Yontoo Technology, Inc..

The following certificate is also signed by Yontoo Technology, Inc..

1C5F074DD8ACC358544B855BAD410BF5  (May 24, 2008 to May 25, 2009)

Remove Yontoo Technology, Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Yontoo Technology, Inc. by GoDaddy.com, Inc. on September 02, 2009 with the serial number '6a08909dda7b'.