Jump to content

Yontoo Virus


Recommended Posts

So December of 2015 I installed some virus on my laptop. I only found out now when I got an adware popup. I ran malwarebytes and had like 250 entries for malicious items. A lot of them were named Yontoo. Also, I looked at the Addition.txt, under programs installed there are some weird ones with chinese and arabian letters. What are those?

FRST.txt

Addition.txt

Link to post
Share on other sites

  • Staff

Hello and welcome to the Malwarebytes Forum.

The foreign language items you see are legit, they are multilanguage versions of photo gallery from Microsoft

NEXT

Please do the following:

Download attached fixlist.txt file and save it to the Desktop.

 

Fixlist.txt

 

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

 

Run FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

NEXT

Please download the Junkware Removal Tool  from here: http://downloads.malwarebytes.org/file/jrt and save it to your desktop.

 

  • Shutdown your antivirus to avoid any conflicts.

     

  • Right-mouse click JRT.exe and select Run as administrator

     

  • The tool will open and start scanning your system.

     

  • Please be patient as this can take a while to complete.

     

  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

     

  • Post the contents of JRT.txt into your next message

     

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.