PUP.Optional.Yontoo

Short bio

PUP.Optional.Yontoo is the detection name for Yontoo, a large family of adware that uses different methods of browser hijacking and monetizing to get their message across. Their search applications are known to bundle “Yahoo Search.”

The bundled installer is usually different from the official one. The bundled installers require arguments for a full installation and are sometimes even aware of running on a virtual machine, both to hinder researchers.

Common infection method

Yontoo adware is usually installed by a bundler, but they do create sites and offer them as separate downloads.

Avoidance advice:

Remediation

Malwarebytes Anti-Malware completely removes this threat unless specifically pointed out in a dedicated removal guide.

An example of a removal guide for Search Adventure can be found on our forums.

Associated Threats

  • PUP.Optional.BrowseFox
  • PUP.Optional.Sanbreel

Screenshots

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language