How to remove Adware.Yelloader

March 13, 2017 on 4:43 pm | In Malware analysis | 1 Comment

Malwarebytes Anti-Malware detects and removes a new application called Adware.Yelloader.

How do I know if I am infected with Adware.Yelloader?

This is a rootkit that stops the following security programs.

Doctor Web Ltd.
Check Point Software Technologies Ltd.
Beijing Kingsoft Security software Co., Ltd
Qihoo 360 Software(Beijing) Company Limited
Doctor Web
System Healer Tech Sp.Zo.o.
Safer Networking Ltd.
BrightFort LLC
Enigma Software Group USA, LLC
Gridinsoft, LLC
Auslogics Labs Pty Ltd
Datpol Janusz Siemienowicz
Zemana Ltd.
Piriform Ltd
IObit Information Technology
Check Point
Blue Coat
Computer Associates International
Shanghai 2345 Network
Beijing Kingsoft Security
Beijing Rising Information
Qihoo 360 Software

How do I remove Adware.Yelloader?

Visit our forums for detailed instructions. You can also get help there should you need it.

And note that the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Pieter Arntz

1 Comment »

RSS feed for comments on this post. TrackBack URI

  1. The rootkit described above behaves even more aggressive if your IP address is from the US (there may be others where it behaves this way).

    You can recognize this more effectful approach by this warning when you try to run Malwarebytes.

    To get rid of this rootkit you will have to follow the procedure outlined below:

  2. Download the standalone Malwarebytes Anti-Rootkit BETA
  3. Run the installer and choose a destination folder.
  4. Once the installation is complete click “Next” to proceed.
  5. Then click “Update” to get the latest definitions.
  6. Once the database has been updated click “Next”.
  7. Then click “Scan” to start scanning the infected system.
  8. This is the main target of this scan.
  9. Once the scan is finished click “Cleanup” to remove the rootkit and the asssociated files.
  10. When removal is complete, you will be prompted to reboot the system. Click “Yes” to confirm or reboot manually.
  11. After the reboot try running Malwarebytes to confirm that it works properly again and run a “Threat Scan” to get any leftovers.
  12. Comment by metallica — March 14, 2017 #

Leave a comment

XHTML: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds. Valid XHTML and CSS. ^Top^