Yontoo Desktop by Yontoo LLC (Signed)

Warning 13 antivirus scanners has detected malware in various versions of YontooDesktop.exe.


yontoodesktop.exe has 4 known versions, the most recent one is 1.0.4884.27585. yontoodesktop.exe is run as a standard windows process with the logged in user's account privileges. By adding a startup entry to the run registry key, the file will be executed when the user logs into Windows. The average file size is about 42.91 KB. It is an authenticode code-signed executable issued to Yontoo LLC by the certification authority VeriSign. This is a .NET Common Language Runtime (CLR) assembly. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 27.75 MB. Addionally, typically read and write I/O disk operations is about 2.93 KB per minute for reads and 1.1 KB per minute for writes.

What is yontoodesktop.exe?

Yontoo Runtime for Yontoo is a web browser toolbar and extension. Yontoo collects and stores information about your web browsing habits so they can suggest services or provide advertising. The plugin commonly displays ads and deals from affiliated merchants and clicking on such links some times ends up in installing other unwanted browser add-ons or even malware.

About yontoodesktop.exe (from Yontoo LLC)

Yontoo is a browser add-on that horizontally crosses the internet rather than the standard vertical website archive. Yontoo LLC was founded by a small group of people that had worked together on previ


File name:yontoodesktop.exe
Publisher:Yontoo LLC
Product name:Yontoo Desktop
Typical file path:C:\users\user\appdata\roaming\yontoo\yontoodesktop.exe
Issued to:Yontoo LLC
Authority (CA):VeriSign


(Note, the behaviors below are for all versions of yontoodesktop.exe, select a unique version for details.)
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Yontoo Desktop' → "C:\users\user\appdata\Roaming\Yontoo\YontooDesktop.exe"

MalwareMalware detections

Based on 40+ industry antivirus scanners, 13 of them detected the following malware.
Antivirus engineEngine versionDetectionFile version
F-Prot W32/ApplCtnX.Z 1.0.4778.22796
K7 AntiVirus 9.170.8989 Unwanted-Program 1.0.4778.22796
Kingsoft 2013.4.9.267 Win32.Troj.Dsearch.f.(kcloud) 1.0.4780.29731
Kingsoft 2013.4.9.267 Win32.Troj.Dsearch.f.(kcloud) 1.0.4778.22796
PC Tools SecurityRisk.Yontoo!rem 1.0.4780.29731
PC Tools SecurityRisk.Yontoo!rem 1.0.4778.22796
SUPERAntiSpyware Trojan.Agent/Gen 1.0.4778.22796
Symantec 20131.1.0.101 Yontoo 1.0.4780.29731
Symantec 20131.1.0.101 Yontoo 1.0.4778.22796
VIPRE Antivirus 17304 Yontoo (v) 1.0.4779.20430
VIPRE Antivirus 19516 Yontoo (v) 1.0.4780.29731
VIPRE Antivirus 19474 Yontoo (v) 1.0.4778.22796
ViRobot 2011.4.7.4223 Adware.Dsearch.42784 1.0.4778.22796

VersionsAll file variations of yontoodesktop.exe

MD5SHA-1File size
1a6615bbc61ddfa4deca9eb7d0497c88 acf9e9d055517b6571fb5ef39869632f5c85a2d5 46.28 KB
0c85b24c059c0614aa506d15c9a7978d 77603c73753651529c22cf2ecb5b977fcd4d7e35 41.78 KB
6bc2b7ff6ae90d8fc4d081272d08ed30 659a112e94dbc80c01d0b30581d4f75787eeab60 41.78 KB
2a6c01bac0f8aa9143d61ae1e28e263a 4018a4069773fc6394ec87df693e7a8493df5757 41.78 KB

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 41.18%
Windows 8 Pro 29.41%
Microsoft Windows XP 23.53%
Windows 8 5.88%

Distribution by countryDistribution by country

United States installs about 17.65% of Yontoo Desktop.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Acer 33.33%
Dell 22.22%
Lenovo 22.22%
American Megatrends 5.56%
Hewlett-Packard 5.56%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE