Should I remove trolatunt?
What percent of users and experts removed it?
83% remove it17% keep it
What do people think about it?
(click star to rate)
How common is it?
Global Rank #14,368
United States Rank #28,497
Reach 0.0201%
Lifespan of installation (until removal)
Average installed length: 45.72 days
Versions
| Version | Distribution |
| 2015.04.08.042311 |
0.25% |
|
| 2014.08.13.232826 |
0.25% |
|
| 2014.08.13.152828 |
0.25% |
|
| 2014.08.13.112818 |
0.25% |
|
| 2014.08.13.032813 |
0.25% |
|
| 2014.08.12.072806 |
0.25% |
|
| 2014.08.12.032808 |
0.25% |
|
| 2014.08.11.200814 |
0.51% |
|
| 2014.08.11.142728 |
0.51% |
|
| 2014.08.11.072802 |
0.25% |
|
| 2014.08.10.152752 |
0.25% |
|
| 2014.08.10.112749 |
0.25% |
|
| 2014.08.09.112755 |
0.51% |
|
| 2014.08.09.032741 |
0.25% |
|
| 2014.08.09.023830 |
0.25% |
|
| 2014.08.08.112735 |
0.51% |
|
| 2014.08.08.010721 |
0.25% |
|
| 2014.08.07.232723 |
0.25% |
|
| 2014.08.07.223110 |
0.25% |
|
| 2014.08.07.183124 |
0.25% |
|
| 2014.08.07.143118 |
0.51% |
|
| 2014.08.07.103156 |
0.25% |
|
| 2014.08.07.023059 |
0.25% |
|
| 2014.08.06.183056 |
0.25% |
|
| 2014.08.06.005451 |
0.25% |
|
| 2014.08.05.103038 |
0.25% |
|
| 2014.08.05.063034 |
0.51% |
|
| 2014.08.05.001657 |
0.51% |
|
| 2014.08.05.001415 |
0.25% |
|
| 2014.08.04.143032 |
0.51% |
|
| 2014.08.04.063024 |
0.25% |
|
| 2014.08.04.023026 |
0.25% |
|
| 2014.08.03.183020 |
1.01% |
|
| 2014.08.03.103012 |
0.25% |
|
| 2014.08.03.063012 |
0.25% |
|
| 2014.08.03.023019 |
0.51% |
|
| 2014.08.02.183010 |
0.25% |
|
| 2014.08.02.143006 |
0.25% |
|
| 2014.08.02.103007 |
0.25% |
|
| 2014.08.02.063001 |
0.25% |
|
| 2014.08.02.055008 |
0.25% |
|
| 2014.08.02.023000 |
0.51% |
|
| 2014.08.02.004801 |
1.26% |
|
| 2014.08.01.183002 |
0.25% |
|
| 2014.08.01.144750 |
0.25% |
|
| 2014.08.01.102953 |
0.25% |
|
| 2014.08.01.062949 |
0.25% |
|
| 2014.08.01.022946 |
0.25% |
|
| 2014.08.01.010521 |
0.25% |
|
| 2014.07.31.193954 |
0.51% |
|
| 2014.07.31.161023 |
0.51% |
|
| 256 versions |
Other programs by Yontoo Technology
Rankings
- #14,363 Master Levels for DOOM II by id Software
- #14,364 Microsoft OneNote 2010
- #14,365 ThumbsPlus by Cerious Software
- #14,366 Alt-Tab Task Switcher Powertoy for Windows XP by Microsoft
- #14,367 Cooking Dash by Oberon Media
- #14,368 trolatunt by Yontoo Technology
- #14,369 Autodesk 3ds Max 2011 32-bit
- #14,370 Any Video Converter 5 5.0.2 by Any-Video-Converter.com
- #14,371 MysticThumbs
- #14,372 Adobe Creative Suite 5 Web Premium
- #14,373 VAIO - Uso a distancia con PlayStation3 by Sony
trolatunt
What is trolatunt?
This adware software (a branded version of the morphing Yontoo adware browser addon) injects itself into the user's web browser (IE, Chrome and Firefox) and will display out-of context advertising on web sites that are not associated with Yontoo or its affiliate partners. Advertisements will be displayed as banner and video ads, search related ads, transitional and in-text ads and links. The software will also periodically self-update and call home for instructions as well as additional ad feeds and reporting of how the user interacts with the software as well as what domains and web pages the user visits.
Overview
The most used version is 2014.08.02.004801, with over 16% of all installations currently using this version. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. It adds a Browser Helper Object (BHO) to Internet Explorer. The main program executable is trolatunt.FirstRun.exe. Typically most users end up uninstalling this just after a few days. The software installer includes 31 files and is usually about 6.11 MB (6,410,161 bytes).
- Possible malware installed by this program
- Loads into the web browser
- Installs a Windows Service
- Typically distributed through a pay-per-install bundle
- Generally known to have a low reputation
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in trolatunt.
| trolatunt.FirstRun.exe (05fc7abb13985882c4bc87bb9df7ff39) has been flagged by the following 3 scanners: |
| Anti-Virus software | Version | Detection |
| Avira AntiVir |
7.11.154.218 |
APPL/BrowseFox.Gen |
| ESET-NOD32 |
8.9943 |
a variant of MSIL/BrowseFox.G |
| Malwarebytes |
v2014.06.20.09 |
PUP.Optional.Sambreel.A |
| trolatuntBHO.dll (2e9f10fb8a5a0453ffc7557fb3b5903c) has been flagged by the following 38 scanners: |
| Anti-Virus software | Software version | Detection |
| Lavasoft Ad-Aware |
12.0.163.0 |
Gen:Variant.Adware.BHO.Agent.4 |
| Agnitum Outpost |
5.5.1.3 |
PUA.Agent! |
| AhnLab-V3 |
2014.08.04.00 |
Adware/Win32.Agent |
| Avira AntiVir |
7.11.165.30 |
APPL/BrowseFox.Gen2 |
| Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.Agent |
| AVG |
14.0.0.3986 |
BHO.YAB |
| AVware |
1.5.0.16 |
Yontoo (fs) |
| Baidu-International |
3.5.1.41473 |
Adware.Win32.BrowseFox.bF |
| Bitdefender |
7.2 |
Gen:Variant.Adware.BHO.Agent.4 |
| CAT-QuickHeal |
14.00 |
AdWare.Agent.r5 (Not a Virus) |
| Clam AntiVirus |
0.98.4.0 |
Win.Adware.Agent-7714 |
| Comodo Security |
19077 |
Application.Win32.Altbrowse.AK |
| Dr.Web |
7.0.9.4080 |
Trojan.BPlug.17 |
| Emsisoft Anti-Malware |
3.0.0.600 |
Gen:Variant.Adware.BHO.Agent.4 (B) |
| ESET-NOD32 |
10198 |
a variant of Win32/BrowseFox.F |
| Fortinet FortiGate |
5.1.152.0 |
Adware/Agent |
| F-Secure |
11.0.19100.45 |
Gen:Variant.Adware.BHO.Agent.4 |
| G Data |
24 |
Gen:Variant.Adware.BHO.Agent.4 |
| IKARUS anti.virus |
T3.1.6.1.0 |
not-a-virus:AdWare.Win32.Agent |
| Jiangmin |
16.0.100 |
AdWare.Win32.Agent.ahbx |
| K7 AntiVirus |
9.182.12926 |
Trojan ( 0049c6c51 ) |
| K7GW |
9.182.12926 |
Trojan ( 020000001 ) |
| Kaspersky |
12.0.0.1225 |
not-a-virus:AdWare.Win32.Agent.ahbx |
| Kingsoft AntiVirus |
2013.4.9.267 |
Win32.Troj.Agent.ah.(kcloud) |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.Trolatunt.A |
| McAfee |
6.0.4.564 |
Artemis!2E9F10FB8A5A |
| McAfee-GW-Edition |
2013 |
Artemis!2E9F10FB8A5A |
| MicroWorld-eScan |
12.0.250.0 |
Gen:Variant.Adware.BHO.Agent.4 |
| NANO AntiVirus |
0.28.2.61148 |
Riskware.Win32.Agent.crkvek |
| nProtect |
2014-08-03.01 |
Trojan-Clicker/W32.Agent.249632.B |
| Panda Antivirus |
10.0.3.5 |
Trj/CI.A |
| Qihoo-360 |
1.0.0.1015 |
HEUR/Malware.QVM30.Gen |
| Sophos |
4.98.0 |
Generic PUA CG |
| SUPERAntiSpyware |
5.6.0.1032 |
Adware.BrowseFox/Variant |
| Symantec |
20131.1.5.61 |
Adware.Adpopup |
| TrendMicro-HouseCall |
9.700.0.1001 |
TROJ_GEN.F0C2H00GL14 |
| Vba32 AntiVirus |
3.12.26.3 |
AdWare.Agent |
| VIPRE Antivirus |
31900 |
Yontoo (fs) |
| updatetrolatunt.exe (d861eb0395d26f60fa525c6f3e2cc304) has been flagged by the following 31 scanners: |
| Anti-Virus software | Software version | Detection |
| Lavasoft Ad-Aware |
12.0.163.0 |
Adware.SwiftBrowse.CO |
| AhnLab-V3 |
2015.03.24.03 |
PUP/Win32.BrowseFox |
| avast! |
8.0.1489.320 |
Win32:Truntalol-C [PUP] |
| AVG |
15.0.0.4311 |
Trolatunt.B88 |
| Avira |
3.6.1.96 |
ADWARE/BrowseFox.ape |
| AVware |
1.5.0.21 |
Yontoo (fs) |
| Baidu-International |
3.5.1.41473 |
Adware.MSIL.BrowseFox.H |
| Bitdefender |
7.2 |
Adware.SwiftBrowse.CO |
| Bkav FE |
1.3.0.6379 |
W32.HfsAdware.6A98 |
| Cyren |
5.4.16.7 |
W32/S-26365c9e!Eldorado |
| Dr.Web |
7.0.12.3050 |
Trojan.Yontoo.1734 |
| Emsisoft Anti-Malware |
3.0.0.600 |
Adware.SwiftBrowse.CO (B) |
| ESET-NOD32 |
11367 |
a variant of MSIL/BrowseFox.H potentially unwanted |
| Fortinet FortiGate |
5.0.999.0 |
Adware/BrowseFox |
| F-Prot |
4.7.1.166 |
W32/S-26365c9e!Eldorado |
| F-Secure |
11.0.19100.45 |
Adware.SwiftBrowse.CO |
| G Data |
25 |
Adware.SwiftBrowse.CO |
| IKARUS anti.virus |
T3.1.8.6.0 |
PUA.MSIL.BrowseFox |
| K7 AntiVirus |
9.202.15356 |
Unwanted-Program ( 0040f96b1 ) |
| K7GW |
9.202.15357 |
Unwanted-Program ( 0040f96b1 ) |
| McAfee |
6.0.5.614 |
BrowseFox-FTQ |
| McAfee-GW-Edition |
v2014 |
BrowseFox-FTQ |
| MicroWorld-eScan |
12.0.250.0 |
Adware.SwiftBrowse.CO |
| NANO AntiVirus |
0.30.8.659 |
Trojan.Win32.Yontoo.dmkoly |
| nProtect |
2015-03-23.01 |
Adware.SwiftBrowse.CO |
| Qihoo-360 |
1.0.0.1015 |
Win32/Virus.Adware.fce |
| Sophos |
4.98.0 |
Browse Fox |
| Tencent |
1.0.0.1 |
Trojan.Win32.Qudamah.Gen.18 |
| Trend Micro |
9.740.0.1012 |
TROJ_GEN.R00UC0PBF15 |
| TrendMicro-HouseCall |
9.700.0.1001 |
TROJ_GEN.R00UC0PBF15 |
| VIPRE Antivirus |
38718 |
Yontoo (fs) |
| 078209A6-1172-4C5E-BC3E-838DCC77A653.dll (9a3cd5b7d6a9999e4d0f5d065084e57d) has been flagged by the following 28 scanners: |
| Anti-Virus software | Software version | Detection |
| Lavasoft Ad-Aware |
12.0.163.0 |
Gen:Variant.Adware.BHO.Agent.4 |
| Agnitum Outpost |
5.5.1.3 |
PUA.Agent! |
| Avira AntiVir |
7.11.155.204 |
APPL/BrowseFox.Gen2 |
| Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.Agent |
| AVG |
14.0.0.3972 |
BHO.YAB |
| Baidu-International |
3.5.1.41473 |
Adware.Win32.BroseFox.45 |
| Bitdefender |
7.2 |
Gen:Variant.Adware.BHO.Agent.4 |
| CAT-QuickHeal |
14.00 |
AdWare.Agent.r5 (Not a Virus) |
| Comodo Security |
18604 |
Application.Win32.Altbrowse.AK |
| Dr.Web |
7.0.7.12100 |
Trojan.BPlug.17 |
| Emsisoft Anti-Malware |
3.0.0.600 |
Gen:Variant.Adware.BHO.Agent.4 (B) |
| ESET-NOD32 |
9971 |
a variant of Win32/BrowseFox.F |
| Fortinet FortiGate |
5.1.152.0 |
Adware/Agent |
| F-Secure |
11.0.19100.45 |
Gen:Variant.Adware.BHO.Agent.4 |
| G Data |
24 |
Gen:Variant.Adware.BHO.Agent.4 |
| IKARUS anti.virus |
T3.1.6.1.0 |
not-a-virus:AdWare.Win32.Agent |
| K7 AntiVirus |
9.180.12463 |
Unwanted-Program ( 00454f261 ) |
| K7GW |
9.180.12463 |
Unwanted-Program ( 00454f261 ) |
| Kingsoft AntiVirus |
2013.4.9.267 |
Win32.Troj.Agent.ah.(kcloud) |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.Trolatunt.A |
| McAfee |
6.0.4.564 |
Artemis!9A3CD5B7D6A9 |
| McAfee-GW-Edition |
2013 |
Artemis!9A3CD5B7D6A9 |
| MicroWorld-eScan |
12.0.250.0 |
Gen:Variant.Adware.BHO.Agent.4 |
| NANO AntiVirus |
0.28.0.60253 |
Riskware.Win32.Agent.crkvek |
| Panda Antivirus |
10.0.3.5 |
Trj/CI.A |
| SUPERAntiSpyware |
5.6.0.1032 |
Adware.BrowseFox/Variant |
| TrendMicro-HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0603 |
| Zillya |
2.0.0.1832 |
Adware.Agent.Win32.9074 |
View all 100 all detections
trolatunt has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: trolatunt
URL: trolatunt.co/support
Installation folder: C:\Program Files\trolatunt
Uninstaller: C:\Program Files\trolatunt\trolatuntuninstall.exe
Estimated size: 6.11 MB
Files installed by trolatunt
| Program executable: | trolatunt.FirstRun.exe (Malware detected) |
| Name: | FirstRun |
| Path: | C:\Program Files\trolatunt\trolatunt.FirstRun.exe |
| MD5: | 05fc7abb13985882c4bc87bb9df7ff39 |
Additional files:
-
(Malware detected) 078209A6-1172-4C5E-BC3E-838DCC77A653.dll - trolatunt
-
(Malware detected) 15106081-C81B-4508-8BB6-6DD2BFD29CB4.dll
-
(Malware detected) 26DAF65A-3EE1-4FB9-85FF-FBD5EF32D080.dll
-
(Malware detected) 581CC09C-2592-4F75-9551-C8E3C1EB655B.dll
-
(Malware detected) 82D491C2-FDDE-4E09-810E-63753DCF53C4.dll
-
(Malware detected) 973EABD5-C024-4286-A97C-4D9E41642186.dll
-
(Malware detected) B1C75776-05A1-4E58-B604-7DFDCC973C9A.dll
-
(Malware detected) B7B992CC-BBB2-4EF4-9C4C-FC5CA7DF0242.dll
-
(Malware detected) B88DB361-FE42-4F3E-A060-95413BF66089.dll
-
(Malware detected) D553FDDF-452E-436B-9B42-80F2338BB073.dll
-
(Malware detected) D5C63841-5870-4964-9FB3-559C9D3E3414.dll
-
trolatuntbho.dll
-
trolatunt.FirstRun.exe - FirstRun
-
7za.exe (by Igor Pavlov) - 7-Zip (7-Zip Standalone Console)
-
trolatuntUn.exe
-
trolatuntUninstall.exe
-
(Malware detected) updatetrolatunt.exe
Behaviors exhibited
2 Internet Explorer BHOs
- trolatuntbho.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'trolatunt 1.0.0.7' with the class of {59bc35cc-f3cb-4e2b-a21d-481d781207af}.
- 581CC09C-2592-4F75-9551-C8E3C1EB655B.dll is installed in Internet Explorer as a BHO (Browser Helper Object) under the name 'trolatunt' with the class of {59bc35cc-f3cb-4e2b-a21d-481d781207af}.
Service
- updatetrolatunt.exe runs as a service named 'Update trolatunt' (Update trolatunt).
How do I remove trolatunt?
You can uninstall trolatunt from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program trolatunt, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove trolatunt.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
How do I reset my web browser?
If your web browser homepage and search settings have been modfied by trolatunt you can restore them to their previous default settings.
Microsoft Internet Explorer
- Open Internet Explorer and click the Tools button, and then click Internet options.
- Click the Advanced tab, and then click Reset. Select the Delete personal settings check box if you would also like to remove search providers, Accelerators and home pages. When Internet Explorer finishes applying default settings, click Close, and then click OK.
- The changes will take effect the next time you open IE.
Mozilla Firefox
- At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu and select Troubleshooting Information.
- To continue, click Reset Firefox in the confirmation window that opens. It will close and be reset.
- When it's done, a window will list the information that was imported. Click Finish and Firefox will open.
Google Chrome
- Open Chrome and click the Chrome menu on the browser toolbar.
- Select Settings. In the "Search" section, click Manage search engine. Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default. Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.
- When the "Show Home button" checkbox is selected, a web address appears below it. If you want the Homepage button to open up a different webpage, click Change to enter a link.
- Restart Google Chrome.
OS VERSIONS
Win 7 (SP1) 47%
Win Vista (SP1) 0%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
 |
Uninstall it 83%
Keep it 17%
|
|
Windows
Which Windows OS versions does it run on?
| Windows 7 |
63.89% |
|
| Windows 10 |
27.53% |
|
| Windows XP |
7.32% |
|
| Windows Vista |
1.26% |
|
Which OS releases does it run on? |
| Windows 7 Ultimate |
34.09% |
|
| Windows 7 Home Premium |
14.39% |
|
| Windows 7 Professional |
11.36% |
|
| Windows 8.1 |
7.83% |
|
| Microsoft Windows XP |
7.32% |
|
| Windows 8.1 Pro |
7.07% |
|
Geography
12.25% of installs come from the United States
Which countries install it?
| United States |
12.25% |
| Brazil |
5.39% |
| Saudi Arabia |
5.15% |
| Egypt |
4.90% |
| India |
4.90% |
| MA |
4.90% |
| France |
4.41% |
| Italy |
3.43% |
| Indonesia |
2.70% |
| DZ |
2.45% |
| BD |
2.21% |
| Taiwan |
2.21% |
| Iran |
1.96% |
| Thailand |
1.72% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
| Hewlett-Packard |
28.13% |
|
| Acer |
19.14% |
|
| Dell |
16.02% |
|
| ASUS |
10.94% |
|
| Lenovo |
7.03% |
|
| Toshiba |
7.03% |
|
| GIGABYTE |
5.08% |
|
| Samsung |
1.95% |
|
| Intel |
1.95% |
|
| American Megatrends |
1.17% |
|
| Medion |
0.78% |
|
| Alienware |
0.78% |
|
Common models |
| HP Pavilion g6 Notebook P... |
5.84% |
|
| HP Pavilion dv6 Notebook ... |
2.92% |
|
| Hewlett-Packard Compaq CQ... |
2.92% |
|
| Acer Aspire E1-571 |
2.19% |
|
| MSI MS-7788 |
2.19% |
|
| ASUSTeK K56CM |
1.46% |
|
About Yontoo Technology
Yontoo, a subsidiary/alias of ad-hijacker Sambreel, is a publisher of ad-supported web browser extensions designed to inject and display advertisements within the browser.
Publisher URL: www.yontoo.com