77,019,263 programs installed

Should I remove trolatunt?

What percent of users and experts removed it?
83% remove it17% keep it
Overall Sentiment
Bad
What do people think about it?
(click star to rate)
How common is it?
Global Rank #12,783
United States Rank #23,624
Reach 0.0281%
Lifespan of installation (until removal)
< 2.95 days
87.01 days >
Average installed length: 45.72 days

Versions

VersionDistribution
2015.04.08.042311 0.25%
2014.08.13.232826 0.25%
2014.08.13.152828 0.25%
2014.08.13.112818 0.25%
2014.08.13.032813 0.25%
2014.08.12.072806 0.25%
2014.08.12.032808 0.25%
2014.08.11.200814 0.51%
2014.08.11.142728 0.51%
2014.08.11.072802 0.25%
2014.08.10.152752 0.25%
2014.08.10.112749 0.25%
2014.08.09.112755 0.51%
2014.08.09.032741 0.25%
2014.08.09.023830 0.25%
2014.08.08.112735 0.51%
2014.08.08.010721 0.25%
2014.08.07.232723 0.25%
2014.08.07.223110 0.25%
2014.08.07.183124 0.25%
2014.08.07.143118 0.51%
2014.08.07.103156 0.25%
2014.08.07.023059 0.25%
2014.08.06.183056 0.25%
2014.08.06.005451 0.25%
2014.08.05.103038 0.25%
2014.08.05.063034 0.51%
2014.08.05.001657 0.51%
2014.08.05.001415 0.25%
2014.08.04.143032 0.51%
2014.08.04.063024 0.25%
2014.08.04.023026 0.25%
2014.08.03.183020 1.01%
2014.08.03.103012 0.25%
2014.08.03.063012 0.25%
2014.08.03.023019 0.51%
2014.08.02.183010 0.25%
2014.08.02.143006 0.25%
2014.08.02.103007 0.25%
2014.08.02.063001 0.25%
2014.08.02.055008 0.25%
2014.08.02.023000 0.51%
2014.08.02.004801 1.27%
2014.08.01.183002 0.25%
2014.08.01.144750 0.25%
2014.08.01.102953 0.25%
2014.08.01.062949 0.25%
2014.08.01.022946 0.25%
2014.08.01.010521 0.25%
2014.07.31.193954 0.51%
2014.07.31.161023 0.51%
256 versions

trolatunt

What is trolatunt?

This adware software (a branded version of the morphing Yontoo adware browser addon) injects itself into the user's web browser (IE, Chrome and Firefox) and will display out-of context advertising on web sites that are not associated with Yontoo or its affiliate partners. Advertisements will be displayed as banner and video ads, search related ads, transitional and in-text ads and links. The software will also periodically self-update and call home for instructions as well as additional ad feeds and reporting of how the user interacts with the software as well as what domains and web pages the user visits.

Overview

The most used version is 2014.08.02.004801, with over 16% of all installations currently using this version. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. It adds a Browser Helper Object (BHO) to Internet Explorer. The main program executable is trolatunt.FirstRun.exe. Typically most users end up uninstalling this just after a few days. The software installer includes 34 files and is usually about 6.11 MB (6,410,161 bytes).
  • Possible malware installed by this program
  • Loads into the web browser
  • Installs a Windows Service
  • Typically distributed through a pay-per-install bundle
  • Generally known to have a low reputation
  • The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in trolatunt.
trolatunt.FirstRun.exe (05fc7abb13985882c4bc87bb9df7ff39) has been flagged by the following 3 scanners:
Anti-Virus softwareVersionDetection
Avira AntiVir 7.11.154.218 APPL/BrowseFox.Gen
ESET-NOD32 8.9943 a variant of MSIL/BrowseFox.G
Malwarebytes v2014.06.20.09 PUP.Optional.Sambreel.A
trolatuntBHO.dll (2e9f10fb8a5a0453ffc7557fb3b5903c) has been flagged by the following 38 scanners:
Anti-Virus softwareSoftware versionDetection
Lavasoft Ad-Aware 12.0.163.0 Gen:Variant.Adware.BHO.Agent.4
Agnitum Outpost 5.5.1.3 PUA.Agent!
AhnLab-V3 2014.08.04.00 Adware/Win32.Agent
Avira AntiVir 7.11.165.30 APPL/BrowseFox.Gen2
Antiy-AVL 1.0.0.1 GrayWare[AdWare:not-a-virus]/Win32.Agent
AVG 14.0.0.3986 BHO.YAB
AVware 1.5.0.16 Yontoo (fs)
Baidu-International 3.5.1.41473 Adware.Win32.BrowseFox.bF
Bitdefender 7.2 Gen:Variant.Adware.BHO.Agent.4
CAT-QuickHeal 14.00 AdWare.Agent.r5 (Not a Virus)
Clam AntiVirus 0.98.4.0 Win.Adware.Agent-7714
Comodo Security 19077 Application.Win32.Altbrowse.AK
Dr.Web 7.0.9.4080 Trojan.BPlug.17
Emsisoft Anti-Malware 3.0.0.600 Gen:Variant.Adware.BHO.Agent.4 (B)
ESET-NOD32 10198 a variant of Win32/BrowseFox.F
Fortinet FortiGate 5.1.152.0 Adware/Agent
F-Secure 11.0.19100.45 Gen:Variant.Adware.BHO.Agent.4
G Data 24 Gen:Variant.Adware.BHO.Agent.4
IKARUS anti.virus T3.1.6.1.0 not-a-virus:AdWare.Win32.Agent
Jiangmin 16.0.100 AdWare.Win32.Agent.ahbx
K7 AntiVirus 9.182.12926 Trojan ( 0049c6c51 )
K7GW 9.182.12926 Trojan ( 020000001 )
Kaspersky 12.0.0.1225 not-a-virus:AdWare.Win32.Agent.ahbx
Kingsoft AntiVirus 2013.4.9.267 Win32.Troj.Agent.ah.(kcloud)
Malwarebytes 1.75.0.1 PUP.Optional.Trolatunt.A
McAfee 6.0.4.564 Artemis!2E9F10FB8A5A
McAfee-GW-Edition 2013 Artemis!2E9F10FB8A5A
MicroWorld-eScan 12.0.250.0 Gen:Variant.Adware.BHO.Agent.4
NANO AntiVirus 0.28.2.61148 Riskware.Win32.Agent.crkvek
nProtect 2014-08-03.01 Trojan-Clicker/W32.Agent.249632.B
Panda Antivirus 10.0.3.5 Trj/CI.A
Qihoo-360 1.0.0.1015 HEUR/Malware.QVM30.Gen
Sophos 4.98.0 Generic PUA CG
SUPERAntiSpyware 5.6.0.1032 Adware.BrowseFox/Variant
Symantec 20131.1.5.61 Adware.Adpopup
TrendMicro-HouseCall 9.700.0.1001 TROJ_GEN.F0C2H00GL14
Vba32 AntiVirus 3.12.26.3 AdWare.Agent
VIPRE Antivirus 31900 Yontoo (fs)
updatetrolatunt.exe (d861eb0395d26f60fa525c6f3e2cc304) has been flagged by the following 31 scanners:
Anti-Virus softwareSoftware versionDetection
Lavasoft Ad-Aware 12.0.163.0 Adware.SwiftBrowse.CO
AhnLab-V3 2015.03.24.03 PUP/Win32.BrowseFox
avast! 8.0.1489.320 Win32:Truntalol-C [PUP]
AVG 15.0.0.4311 Trolatunt.B88
Avira 3.6.1.96 ADWARE/BrowseFox.ape
AVware 1.5.0.21 Yontoo (fs)
Baidu-International 3.5.1.41473 Adware.MSIL.BrowseFox.H
Bitdefender 7.2 Adware.SwiftBrowse.CO
Bkav FE 1.3.0.6379 W32.HfsAdware.6A98
Cyren 5.4.16.7 W32/S-26365c9e!Eldorado
Dr.Web 7.0.12.3050 Trojan.Yontoo.1734
Emsisoft Anti-Malware 3.0.0.600 Adware.SwiftBrowse.CO (B)
ESET-NOD32 11367 a variant of MSIL/BrowseFox.H potentially unwanted
Fortinet FortiGate 5.0.999.0 Adware/BrowseFox
F-Prot 4.7.1.166 W32/S-26365c9e!Eldorado
F-Secure 11.0.19100.45 Adware.SwiftBrowse.CO
G Data 25 Adware.SwiftBrowse.CO
IKARUS anti.virus T3.1.8.6.0 PUA.MSIL.BrowseFox
K7 AntiVirus 9.202.15356 Unwanted-Program ( 0040f96b1 )
K7GW 9.202.15357 Unwanted-Program ( 0040f96b1 )
McAfee 6.0.5.614 BrowseFox-FTQ
McAfee-GW-Edition v2014 BrowseFox-FTQ
MicroWorld-eScan 12.0.250.0 Adware.SwiftBrowse.CO
NANO AntiVirus 0.30.8.659 Trojan.Win32.Yontoo.dmkoly
nProtect 2015-03-23.01 Adware.SwiftBrowse.CO
Qihoo-360 1.0.0.1015 Win32/Virus.Adware.fce
Sophos 4.98.0 Browse Fox
Tencent 1.0.0.1 Trojan.Win32.Qudamah.Gen.18
Trend Micro 9.740.0.1012 TROJ_GEN.R00UC0PBF15
TrendMicro-HouseCall 9.700.0.1001 TROJ_GEN.R00UC0PBF15
VIPRE Antivirus 38718 Yontoo (fs)
078209A6-1172-4C5E-BC3E-838DCC77A653.dll (9a3cd5b7d6a9999e4d0f5d065084e57d) has been flagged by the following 28 scanners:
Anti-Virus softwareSoftware versionDetection
Lavasoft Ad-Aware 12.0.163.0 Gen:Variant.Adware.BHO.Agent.4
Agnitum Outpost 5.5.1.3 PUA.Agent!
Avira AntiVir 7.11.155.204 APPL/BrowseFox.Gen2
Antiy-AVL 1.0.0.1 GrayWare[AdWare:not-a-virus]/Win32.Agent
AVG 14.0.0.3972 BHO.YAB
Baidu-International 3.5.1.41473 Adware.Win32.BroseFox.45
Bitdefender 7.2 Gen:Variant.Adware.BHO.Agent.4
CAT-QuickHeal 14.00 AdWare.Agent.r5 (Not a Virus)
Comodo Security 18604 Application.Win32.Altbrowse.AK
Dr.Web 7.0.7.12100 Trojan.BPlug.17
Emsisoft Anti-Malware 3.0.0.600 Gen:Variant.Adware.BHO.Agent.4 (B)
ESET-NOD32 9971 a variant of Win32/BrowseFox.F
Fortinet FortiGate 5.1.152.0 Adware/Agent
F-Secure 11.0.19100.45 Gen:Variant.Adware.BHO.Agent.4
G Data 24 Gen:Variant.Adware.BHO.Agent.4
IKARUS anti.virus T3.1.6.1.0 not-a-virus:AdWare.Win32.Agent
K7 AntiVirus 9.180.12463 Unwanted-Program ( 00454f261 )
K7GW 9.180.12463 Unwanted-Program ( 00454f261 )
Kingsoft AntiVirus 2013.4.9.267 Win32.Troj.Agent.ah.(kcloud)
Malwarebytes 1.75.0.1 PUP.Optional.Trolatunt.A
McAfee 6.0.4.564 Artemis!9A3CD5B7D6A9
McAfee-GW-Edition 2013 Artemis!9A3CD5B7D6A9
MicroWorld-eScan 12.0.250.0 Gen:Variant.Adware.BHO.Agent.4
NANO AntiVirus 0.28.0.60253 Riskware.Win32.Agent.crkvek
Panda Antivirus 10.0.3.5 Trj/CI.A
SUPERAntiSpyware 5.6.0.1032 Adware.BrowseFox/Variant
TrendMicro-HouseCall 9.700.0.1001 TROJ_GEN.F47V0603
Zillya 2.0.0.1832 Adware.Agent.Win32.9074
       View all 100 all detections
trolatunt has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.

Program detailsProgram details

Displayed publisher: trolatunt
URL: trolatunt.co/support
Help link: mailto:[email protected]
Installation folder: C:\Program Files\trolatunt
Uninstaller: C:\Program Files\trolatunt\trolatuntuninstall.exe
Estimated size: 6.11 MB

Program filesFiles installed by trolatunt

Program executable:trolatunt.FirstRun.exe (Malware detected)
Name:FirstRun
Path:C:\Program Files\trolatunt\trolatunt.FirstRun.exe
MD5:05fc7abb13985882c4bc87bb9df7ff39
Additional files:
  • (Malware detected) 078209A6-1172-4C5E-BC3E-838DCC77A653.dll - trolatunt
  • (Malware detected) 15106081-C81B-4508-8BB6-6DD2BFD29CB4.dll
  • (Malware detected) 26088C2E-4EA3-4F37-9E51-E45012BD71A5.dll
  • (Malware detected) 26DAF65A-3EE1-4FB9-85FF-FBD5EF32D080.dll
  • (Malware detected) 2A3C96DC-19FC-49CB-9A0D-6B55AC055CCD.dll
  • (Malware detected) 396449F5-EBA6-416E-BDD0-8DB66640F681.dll
  • (Malware detected) 581CC09C-2592-4F75-9551-C8E3C1EB655B.dll
  • (Malware detected) 6677976B-51A2-42DF-9120-1E7CF9A40C93.dll
  • (Malware detected) 710A154E-C4A2-48EA-AA40-DDADA88B6D43.dll
  • (Malware detected) 82D491C2-FDDE-4E09-810E-63753DCF53C4.dll
  • (Malware detected) 95C7C788-F833-440C-A4DE-298D050603B2.dll
  • (Malware detected) 973EABD5-C024-4286-A97C-4D9E41642186.dll
  • (Malware detected) B1C75776-05A1-4E58-B604-7DFDCC973C9A.dll
  • (Malware detected) B7B992CC-BBB2-4EF4-9C4C-FC5CA7DF0242.dll
  • (Malware detected) B88DB361-FE42-4F3E-A060-95413BF66089.dll
  • (Malware detected) D553FDDF-452E-436B-9B42-80F2338BB073.dll
  • (Malware detected) D5C63841-5870-4964-9FB3-559C9D3E3414.dll
  • trolatuntbho.dll
  • trolatunt.FirstRun.exe - FirstRun
  • 7za.exe (by Igor Pavlov) - 7-Zip (7-Zip Standalone Console)
  • trolatuntUn.exe
  • trolatuntUninstall.exe
  • (Malware detected) updatetrolatunt.exe

Program behaviorsBehaviors exhibited

Internet Explorer BHO
  • trolatuntbho.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'trolatunt 1.0.0.7' with the class of {59bc35cc-f3cb-4e2b-a21d-481d781207af}.
Service
  • updatetrolatunt.exe runs as a service named 'Update trolatunt' (Update trolatunt).

How do I remove trolatunt?

Quickly and completely remove trolatunt from your computer by downloading "Should I Remove It?", its 100% FREE and installs in seconds (click the button below).
Download "Should I Remove It?", it's FREE!Remove trolatunt from your computer.
Or, you can uninstall trolatunt from your computer by using the Add/Remove Program feature in the Window's Control Panel.
  1. On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
    • Windows Vista/7/8: Click Uninstall a Program.
    • Windows XP: Click Add or Remove Programs.
  2. When you find the program trolatunt, click it, and then do one of the following:
    • Windows Vista/7/8: Click Uninstall.
    • Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
  3. Follow the prompts. A progress bar shows you how long it will take to remove trolatunt.
  4. If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.

How do I reset my web browser?

If your web browser homepage and search settings have been modfied by trolatunt you can restore them to their previous default settings.
Microsoft Internet Explorer
Mozilla Firefox
Google Chrome
Scan your PC for malware
If you do not have a good anti-virus program, please consider installing one. Below are some we highly recommend.

OS VERSIONS
Win 7 (SP1) 47%
Win Vista (SP1) 0%
 
HOW IT RUNS
Windows Service? Yes
(Installs a service)
 
USER ACTIONS
Uninstall it 83%
Keep it 17%

Windows OS versionsWindows

Which Windows OS versions does it run on?
Windows 7 63.80%
Windows 8 27.59%
Windows XP 7.34%
Windows Vista 1.27%
Which OS releases does it run on?
Windows 7 Ultimate 33.92%
Windows 7 Home Premium 14.43%
Windows 7 Professional 11.39%
Windows 8.1 7.85%
Microsoft Windows XP 7.34%
Windows 8.1 Pro 7.09%

Distribution by countryGeography

12.04% of installs come from the United States
Which countries install it?
  United States 12.04%
  Brazil 5.41%
  Saudi Arabia 5.16%
  MA 4.91%
  Egypt 4.91%
  India 4.91%
  France 4.42%
  Italy 3.19%
  Indonesia 2.70%
  DZ 2.46%
  Taiwan 2.21%
  BD 2.21%
  Iran 1.97%
  Australia 1.72%

OEM distributionPC manufacturers

What PC manufacturers (OEMs) have it installed?
Hewlett-Packard 29.13%
Acer 18.90%
Dell 16.14%
ASUS 10.63%
Toshiba 7.87%
Lenovo 7.09%
GIGABYTE 5.51%
Samsung 1.97%
American Megatrends 1.18%
Alienware 0.79%
Medion 0.79%
Common models
HP Pavilion g6 Notebook P... 5.71%
HP Pavilion dv6 Notebook ... 2.86%
Hewlett-Packard Compaq CQ... 2.86%
MSI MS-7788 2.14%
Acer Aspire E1-571 2.14%
HP 15 Notebook PC 1.43%

About Yontoo Technology

Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com

commentsComments

user comment
No one has commented yet. Help others learn more about this software, share your comments.