Adware.Yontoo “Malware” Removal

Can’t Remove Adware.Yontoo ads? This page includes detailed ads by Adware.Yontoo Removal instructions!

Adware.Yontoo is a problematic cyber parasite. If you encounter its presence on board, you have to take immediate measures. Adware may seem harmless but there is no such thing as a harmless infection. This program could get out of control and cause you immense damage. Therefore, don’t underestimate the problem. Tackle Adware.Yontoo as soon as possible. Now, this is a classic member of the nasty adware family. It gets installed behind your back and starts making modifications right away. Unauthorized modifications, as you could imagine. No virus is going to seek permission from the victim. These parasites actually get developed solely to harass you. You see, Adware.Yontoo alters your browser settings. It installs a malicious browser extension which brings along commercials. Thus, you get bombarded with advertisements and your opinions about the ads remain irrelevant. Whether you’re interested in having your PC screen covered with ads or not, is unimportant. The one thing hackers are focused on is gaining profit through the pay-per-click mechanism. Yes, cyber criminals make money thanks to the commercials their parasite generates. Does that explain the never-ending parade of pop-ups that is currently on your PC screen? Crooks are quite persistent because they aim for revenue. It goes without saying a sponsored commercial is never a reliable one. Not only do you become a sponsor of hackers if you click the pop-ups but you also get exposed to malware. Many of the Adware.Yontoo ads lead you directly to malicious websites. There are commercials that are fake and advertise non-existent products and deals as well. Either way, clicking the ads open would cause you trouble. Instead of trusting these devious commercials, stay away from them. It is your responsibility to prevent further harm. Do yourself a favor and avoid the sponsored, often corrupted ads Adware.Yontoo displays.

remove Adware.Yontoo

How did I get infected with?

The easiest tactic is called freeware/shareware bundling. It is just as efficient as it sounds so be careful in the future. You already allowed hackers to infect you once. Don’t make the same mistake twice. We recommend that you only download legitimate programs that you trust. More often than not, unverified software bundles include at least one bonus infection. Usually, PC uses also rush the installation process. That is perhaps the worst idea you could have because skipping steps is very dangerous. Unless you take your time in the process, you remain oblivious to the potential “bonuses” you also agree to install. In order to prevent virus infiltration, opt for the Custom/Advanced option in the Setup Wizard. In addition, check out the EULA (End User License Agreement) or Terms and Conditions. Be cautious when it comes to keeping your machine infection-free. The Internet is full of worrisome, sneaky cyber viruses. Make sure you don’t get tricked into compromising your security again.

Why is this dangerous?

As you already figured out, the adware-type nuisance is extremely irritating. You are stuck with one of the most annoying types of viruses out there. Adware.Yontoo causes all your favorite browsers to redirect you. It injects them with a huge pile of advertisements as well so surfing the Web becomes almost impossible. Every single website you attempt to visit is now covered with pop-ups, pop-unders, banners, interstitials, video ads, etc. Despite appearing to be harmless, the ads are sponsored and unsafe. Thus, restrain yourself from clicking these commercials open. You may accidentally land on a malicious website and make the mess greater. Is that a risk you’d be willing to take? Don’t give hackers more opportunities to cause you damage. In fact, crooks also have access to some immensely personal browsing-related data. Adware.Yontoo sneakily spies on your browsing history, usernames, passwords, email addresses. Long story short, the infection may cause some serious privacy issues. In case you’re especially unfortunate, you could get involved in a financial scam or even identity theft. To avoid that, you have to uninstall the virus. Please follow our detailed manual removal guide down below.

How to Remove Adware.Yontoo virus

The Adware.Yontoo infection is specifically designed to make money to its creators one way or another. The specialists from various antivirus companies like Bitdefender, Kaspersky, Norton, Avast, ESET, etc. advise that there is no harmless virus.

If you perform exactly the steps below you should be able to remove the Adware.Yontoo infection. Please, follow the procedures in the exact order. Please, consider to print this guide or have another computer at your disposal. You will NOT need any USB sticks or CDs.

STEP 1: Track down Adware.Yontoo in the computer memory

STEP 2: Locate Adware.Yontoo startup location

STEP 3: Delete Adware.Yontoo traces from Chrome, Firefox and Internet Explorer

STEP 4: Undo the damage done by the virus

STEP 1: Track down Adware.Yontoo in the computer memory

  • Open your Task Manager by pressing CTRL+SHIFT+ESC keys simultaneously
  • Carefully review all processes and stop the suspicious ones.


  • Write down the file location for later reference.

Step 2: Locate Adware.Yontoo startup location

Reveal Hidden Files

  • Open any folder
  • Click on “Organize” button
  • Choose “Folder and Search Options”
  • Select the “View” tab
  • Select “Show hidden files and folders” option
  • Uncheck “Hide protected operating system files”
  • Click “Apply” and “OK” button

Clean Adware.Yontoo virus from the windows registry

  • Once the operating system loads press simultaneously the Windows Logo Button and the R key.


  • A dialog box should open. Type “Regedit”


Depending on your OS (x86 or x64) navigate to:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] or
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] or

  • and delete the display Name: [RANDOM]

delete backgroundcontainer

  • Then open your explorer and navigate to: %appdata% folder and delete the malicious executable.

Clean your HOSTS file to avoid unwanted browser redirection

Navigate to %windir%/system32/Drivers/etc/host

If you are hacked, there will be foreign IPs addresses connected to you at the bottom. Take a look below:


STEP 3 : Clean Adware.Yontoo traces from Chrome, Firefox and Internet Explorer

  • Open Google Chrome

  • In the Main Menu, select Tools then Extensions
  • Remove the Adware.Yontoo by clicking on the little recycle bin
  • Reset Google Chrome by Deleting the current user to make sure nothing is left behind

disable Adware.Yontoo from chrome

  • Open Mozilla Firefox

  • Press simultaneously Ctrl+Shift+A
  • Disable the unwanted Extension
  • Go to Help
  • Then Troubleshoot information
  • Click on Reset Firefox

remove Adware.Yontoo from firefox

  • Open Internet Explorer

  • On the Upper Right Corner Click on the Gear Icon
  • Click on Internet options
  • go to Toolbars and Extensions and disable the unknown extensions
  • Select the Advanced tab and click on Reset

remove Adware.Yontoo from ie

  • Restart Internet Explorer

Step 4: Undo the damage done by Adware.Yontoo

This particular Virus may alter your DNS settings.

Attention! this can break your internet connection. Before you change your DNS settings to use Google Public DNS for Adware.Yontoo, be sure to write down the current server addresses on a piece of paper.

To fix the damage done by the virus you need to do the following.

  • Click the Windows Start button to open the Start Menu, type control panel in the search box and select Control Panel in the results displayed above.
  • go to Network and Internet
  • then Network and Sharing Center
  • then Change Adapter Settings
  • Right-click on your active internet connection and click properties. Under the Networking tab, find Internet Protocol Version 4 (TCP/IPv4). Left click on it and then click on properties. Both options should be automatic! By default it should be set to “Obtain an IP address automatically” and the second one to “Obtain DNS server address automatically!” If they are not just change them, however if you are part of a domain network you should contact your Domain Administrator to set these settings, otherwise the internet connection will break!!!

You must clean all your browser shortcuts as well. To do that you need to

  • Right click on the shortcut of your favorite browser and then select properties.


  • in the target field remove Adware.Yontoo argument and then apply the changes.
  • Repeat that with the shortcuts of your other browsers.
  • Check your scheduled tasks to make sure the virus will not download itself again.

How to Permanently Remove Adware.Yontoo Virus (automatic) Removal Guide

Please, have in mind that once you are infected with a single virus, it compromises your system and let all doors wide open for many other infections. To make sure manual removal is successful, we recommend to use a free scanner of any professional antimalware program to identify possible registry leftovers or temporary files.

Leave a Comment