PUP.Optional.Yontoo

Short bio

PUP.Optional.Yontoo is the detection name for Yontoo, a large family of adware that uses different methods of browser hijacking and monetizing to get their message across. Their search applications are known to bundle “Yahoo Search.”

The bundled installer is usually different from the official one. The bundled installers require arguments for a full installation and are sometimes even aware of running on a virtual machine, both to hinder researchers.

Impact

Common infection method

Yontoo adware is usually installed by a bundler, but they do create sites and offer them as separate downloads.

Avoidance advice:

Update your OS and active applications.
Run Malwarebytes products.
Read up on how to avoid potentially unwanted programs.

Remediation

Malwarebytes Anti-Malware completely removes this threat unless specifically pointed out in a dedicated removal guide.

An example of a removal guide for Search Adventure can be found on our forums.

Associated Threats

PUP.Optional.BrowseFox
PUP.Optional.Sanbreel

Screenshots

NEXT DETECTION -->

PUP.Optional.Reimage

<-- PREVIOUS DETECTION

PUP.Optional.WindowsProtectManager

FOLLOW US

SEARCH LABS

TOP DETECTIONS

PUP.Optional.Yontoo

Short bio

Impact

Common infection method

Remediation

Associated Threats

Screenshots

PUP.Optional.Wajam

PUP.Optional.Somoto

PUP.Optional.Winsock

PUP.Optional.Ask

PUP.Optional.CrossBrowse

PUP.Optional.Reimage

PUP.Optional.WindowsProtectManager

Cybersecurity info you can’t do without