Should I remove PlumoWeb?
What percent of users and experts removed it?
88% remove it12% keep it
What do people think about it?
(click star to rate)
How common is it?
Global Rank #27,111
United States Rank #18,985
Reach 0.0059%
Lifespan of installation (until removal)
< 5.24 days
154.68 days >
Average installed length: 81.27 days
Versions
| Version | Distribution |
| 2015.02.27.030331 |
0.85% |
|
| 2015.02.15.062522 |
0.85% |
|
| 2015.02.11.062450 |
0.85% |
|
| 2015.02.10.152448 |
0.85% |
|
| 2015.02.08.222451 |
0.85% |
|
| 2015.02.08.172451 |
0.85% |
|
| 2015.02.07.112446 |
0.85% |
|
| 2015.02.04.222419 |
0.85% |
|
| 2015.02.04.122418 |
1.71% |
|
| 2015.02.02.102414 |
1.71% |
|
| 2015.01.31.182406 |
0.85% |
|
| 2015.01.30.122402 |
0.85% |
|
| 2015.01.29.112402 |
0.85% |
|
| 2015.01.29.062401 |
0.85% |
|
| 2015.01.29.012406 |
1.71% |
|
| 2015.01.28.202408 |
1.71% |
|
| 2015.01.28.142343 |
0.85% |
|
| 2015.01.27.232340 |
0.85% |
|
| 2015.01.26.172335 |
0.85% |
|
| 2015.01.25.212332 |
1.71% |
|
| 2015.01.24.202329 |
0.85% |
|
| 2015.01.24.102328 |
0.85% |
|
| 2015.01.24.052327 |
0.85% |
|
| 2015.01.22.222332 |
0.85% |
|
| 2015.01.22.072331 |
1.71% |
|
| 2015.01.21.142343 |
0.85% |
|
| 2015.01.16.192320 |
0.85% |
|
| 2015.01.14.222311 |
0.85% |
|
| 2015.01.14.062320 |
0.85% |
|
| 2015.01.13.202321 |
0.85% |
|
| 2015.01.13.002316 |
0.85% |
|
| 2015.01.12.192314 |
2.56% |
|
| 2015.01.11.232314 |
0.85% |
|
| 2015.01.11.182307 |
1.71% |
|
| 2015.01.10.222310 |
0.85% |
|
| 2015.01.10.172308 |
0.85% |
|
| 2015.01.10.122308 |
0.85% |
|
| 2015.01.09.202248 |
0.85% |
|
| 2015.01.08.142244 |
1.71% |
|
| 2015.01.08.042244 |
0.85% |
|
| 2015.01.07.132238 |
0.85% |
|
| 2015.01.07.032237 |
0.85% |
|
| 2015.01.04.192319 |
0.85% |
|
| 2015.01.03.182313 |
0.85% |
|
| 2015.01.03.132312 |
0.85% |
|
| 2015.01.01.112307 |
0.85% |
|
| 2015.01.01.012308 |
0.85% |
|
| 2014.12.30.232305 |
0.85% |
|
| 2014.12.30.082300 |
0.85% |
|
| 2014.12.29.222302 |
0.85% |
|
| 2014.12.29.172259 |
0.85% |
|
| 101 versions |
Other programs by Yontoo Technology
Rankings
- #27,106 IAR Embedded Workbench for ARM by IAR Systems
- #27,107 ROGRAMCACHE by ASUSTeKcomputer Inc
- #27,108 yoursearching uninstall by Yontoo Technology
- #27,109 Vista Drive Icon 1.5 by artArmin
- #27,110 Re-Markable by Tuguu SL
- #27,111 PlumoWeb by Yontoo Technology
- #27,112 Widevine Media Transformer Chrome
- #27,113 SoftSkin Photo Makeup 1.0 by SoftOrbits
- #27,114 free ven by Kimahri Software inc
- #27,115 HP OfficeJet Pro 8720 Basic Device Software
- #27,116 MAGIX PC Live
PlumoWeb
What is PlumoWeb?
PlumoWeb (Sambreel) is a web browser extension that injects display advertising in the user's browser. Ads are displayed in the form of banners and contextual text-links and are both injected in white space areas of the HTML page or over existing ads of the underlying web site. These ads are typically for PC optimization utilities, other bundled malware or other types of malvertising.
Overview
The most common release is 2015.01.12.192314, with over 98% of all installations currently using this version. Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. Manually stopping the service has been seen to cause the program to stop functing properly. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. It adds a Browser Helper Object (BHO) to Internet Explorer. The primary executable is named updatePlumoWeb.exe. A majority of users end up uninstalling this less than a week of it being installed. The setup package generally installs about 41 files and is usually about 9.31 MB (9,761,592 bytes).
- Malware detected in the program
- Integrates into the web browser
- Installs a Windows Service
- Typically distributed through a pay-per-install bundle
- This program has a poor reputation
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in PlumoWeb.
| updatePlumoWeb.exe (2bb1b2194d53f7d09dc9078560c44100) has been flagged by the following 10 scanners: |
| Anti-Virus software | Version | Detection |
| avast! |
2014.9-141120 |
Win32:BrowseFox-CK [PUP] |
| AVG |
2015.0.3285 |
Generic |
| AVware |
1.5.0.21 |
Adware.BrowseFox |
| Baidu-International |
4.0.3.141120 |
Adware.MSIL.BrowseFox.bH |
| ESET-NOD32 |
8.10617 |
a variant of MSIL/BrowseFox.H |
| IKARUS anti.virus |
t3scan.1.7.8.0 |
PUA.SwiftBrowse |
| Malwarebytes |
v2014.11.20.02 |
PUP.Optional.PlumoWeb.A |
| McAfee |
5600.6941 |
Artemis!2BB1B2194D53 |
| McAfee-GW-Edition |
7.6941 |
Artemis!PUP |
| VIPRE Antivirus |
34226 |
Adware.BrowseFox |
| PlumoWebbho.dll (0e0a1632f311f90006b96c61a0835124) has been flagged by the following 43 scanners: |
| Anti-Virus software | Software version | Detection |
| Lavasoft Ad-Aware |
12.0.163.0 |
Adware.SwiftBrowse.CQ |
| Agnitum Outpost |
5.5.1.3 |
Riskware.Agent! |
| AhnLab-V3 |
2015.07.25.00 |
PUP/Win32.BrowseFox |
| ALYac |
1.0.1.4 |
Adware.SwiftBrowse.CQ |
| Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.SwiftBrowse |
| Arcabit |
1.0.0.425 |
Adware.SwiftBrowse.CQ |
| avast! |
8.0.1489.320 |
MSIL:BrowseFox-O [PUP] |
| AVG |
15.0.0.4392 |
AdPlugin.CWR |
| Avira |
8.3.1.6 |
ADWARE/BrowseFox.apq |
| AVware |
1.5.0.21 |
Yontoo |
| Baidu-International |
3.5.1.41473 |
Adware.Win32.BrowseFox.AE |
| Bitdefender |
7.2 |
Adware.SwiftBrowse.CQ |
| Bkav FE |
1.3.0.6979 |
W32.BrowseFoxAC.Adware |
| CAT-QuickHeal |
14.00 |
PUA.Plumoweb.Gen |
| Clam AntiVirus |
0.98.5.0 |
Win.Adware.Swiftbrowse-1503 |
| Comodo Security |
22854 |
ApplicUnwnt |
| Cyren |
5.4.16.7 |
W32/S-f64f6ec1!Eldorado |
| Dr.Web |
7.0.13.5270 |
Trojan.Yontoo.1734 |
| Emsisoft Anti-Malware |
3.5.0.642 |
Adware.SwiftBrowse.CQ (B) |
| ESET-NOD32 |
11991 |
a variant of Win32/BrowseFox.AE potentially unwanted |
| Fortinet FortiGate |
5.1.220.0 |
Adware/BrowseFox |
| F-Prot |
4.7.1.166 |
W32/S-f64f6ec1!Eldorado |
| F-Secure |
11.0.19100.45 |
Adware.SwiftBrowse.CQ |
| G Data |
25 |
Adware.SwiftBrowse.CQ |
| IKARUS anti.virus |
T3.1.9.5.0 |
PUA.BrowseFox |
| Jiangmin |
16.0.100 |
AdWare/MSIL.hie |
| K7 AntiVirus |
9.207.16673 |
Trojan ( 004af36c1 ) |
| K7GW |
9.207.16673 |
Trojan ( 004af36c1 ) |
| McAfee |
6.0.5.614 |
Artemis!0E0A1632F311 |
| McAfee-GW-Edition |
v2015 |
Artemis!PUP |
| MicroWorld-eScan |
12.0.250.0 |
Adware.SwiftBrowse.CQ |
| NANO AntiVirus |
0.30.24.2668 |
Trojan.Win32.Yontoo.dnkubo |
| nProtect |
2015-07-23.01 |
Adware.SwiftBrowse.CQ |
| Panda Antivirus |
4.6.4.2 |
PUP/PlumoWeb |
| Qihoo-360 |
1.0.0.1015 |
Win32/Virus.Adware.c0f |
| Rising Antivirus |
25.0.0.17 |
PE:Adware.BrowseFox!6.1D8B |
| Sophos |
4.98.0 |
Generic PUA PD |
| Symantec |
20141.2.0.56 |
PUA.Yontoo.C |
| Tencent |
1.0.0.1 |
Win32.Trojan.Suspicious.Fig |
| Trend Micro |
9.740.0.1012 |
TROJ_GEN.R02LC0EBB15 |
| Vba32 AntiVirus |
3.12.26.4 |
AdWare.MSIL.Agent |
| VIPRE Antivirus |
42288 |
Yontoo |
| Zillya |
2.0.0.2314 |
Backdoor.PePatch.Win32.63378 |
View all 53 all detections
PlumoWeb has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: PlumoWeb
URL: plumoweb.net/support
Installation folder: C:\Program Files\PlumoWeb
Uninstaller: C:\Program Files\PlumoWeb\PlumoWebuninstall.exe
Estimated size: 9.31 MB
Files installed by PlumoWeb
| Program executable: | updatePlumoWeb.exe (Malware detected) |
| Path: | C:\Program Files\PlumoWeb\updatePlumoWeb.exe |
| MD5: | 2bb1b2194d53f7d09dc9078560c44100 |
Additional files:
-
(Malware detected) PlumoWebbho.dll - PlumoWeb
-
PlumoWebUn.exe
-
PlumoWebUninstall.exe
-
(Malware detected) updatePlumoWeb.exe
Behaviors exhibited
Internet Explorer BHO
- PlumoWebbho.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'PlumoWeb' with the class of {cb02c18f-54dc-4ec0-bae2-ab2f8e44f877}.
Service
- updatePlumoWeb.exe runs as a service named 'Update PlumoWeb' (Update PlumoWeb).
How do I remove PlumoWeb?
You can uninstall PlumoWeb from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program PlumoWeb, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove PlumoWeb.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by PlumoWeb you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 44%
Win 7 2%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
 |
Uninstall it 88%
Keep it 12%
|
|
Windows
Which Windows OS versions does it run on?
| Windows 7 |
46.15% |
|
| Windows 10 |
44.44% |
|
| Windows Vista |
5.98% |
|
| Windows XP |
3.42% |
|
Which OS releases does it run on? |
| Windows 8.1 |
35.34% |
|
| Windows 7 Home Premium |
30.17% |
|
| Windows 7 Professional |
10.34% |
|
| Windows 7 Ultimate |
5.17% |
|
| Windows Vista Home Premiu... |
5.17% |
|
| Microsoft Windows XP |
3.45% |
|
Geography
71.43% of installs come from the United States
Which countries install it?
| United States |
71.43% |
| France |
11.80% |
| United Kingdom |
5.59% |
| Australia |
3.73% |
| Italy |
1.86% |
| Norway |
1.24% |
| Germany |
1.24% |
| Netherlands |
0.62% |
| Brazil |
0.62% |
| Mexico |
0.62% |
| Russia |
0.62% |
| Spain |
0.62% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
| Hewlett-Packard |
30.39% |
|
| Dell |
21.57% |
|
| Acer |
18.63% |
|
| Toshiba |
13.73% |
|
| ASUS |
6.86% |
|
| Lenovo |
5.88% |
|
| Sony |
0.98% |
|
| Sahara |
0.98% |
|
| Samsung |
0.98% |
|
Common models |
| HP 15 Notebook PC |
2.75% |
|
| HP 2000 Notebook PC |
2.75% |
|
| HP Pavilion dv6 Notebook ... |
1.83% |
|
| TOSHIBA Satellite C55-A |
1.83% |
|
| Dell Inspiron 1720 |
1.83% |
|
| Dell Inspiron 1525 |
1.83% |
|
About Yontoo Technology
Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com