Home Malware Programs Adware Adware.2YourFace

Adware.2YourFace

Posted: February 20, 2013

Threat Metric

Ranking: 14,710
Threat Level: 2/10
Infected PCs: 12,835
First Seen: January 24, 2013
Last Seen: August 19, 2023
OS(es) Affected: Windows

Adware.2YourFace is a browser add-on that claims to add functions related to video and audio chatting for Facebook. Unfortunately, SpywatreRemove.com malware experts also noted that Adware.2YourFace couples these benign features with unwarranted browser changes that insert advertisements into your online searches and other web content. Adware.2YourFace infections can occur in several ways, most surreptitiously through being bundled with unrelated applications.

Adware.2YourFace: Filling Your PC with Expressions of Capitalism

Adware.2YourFace justifies its existence by offering Facebook additions that actually no longer require 2YourFace to be available: webcam-based video calling features. Even though its positive features no longer offer anything to make Adware.2YourFace worth installing, Adware.2YourFace continues to be marketed through various sites as a supposedly helpful browser plugin. SpywatreRemove.com malware research team also has noted that many sites that are affiliated with Adware.2YourFace installations have been blacklisted for promoting malicious content, and, in general, should not be trusted.

Adware.2YourFace's real features appear to be focused more on driving revenue streams through unnecessary advertisements that are inserted into your web-browsing content. SpywatreRemove.com malware researchers have noted multiple symptoms in Adware.2YourFace's advertising attacks, including:

  • Browser redirects that take your online searches to search.conduit.com and other sites.
  • Additional advertisements that are mixed in with your search results.
  • Interface changes for both your browser in general and, specifically, the Facebook website.

Some variants of Adware.2YourFace also may include other adware features, such as pop-ups, hyperlinked text changes and other unwarranted browser alterations. Taken together, Adware.2YourFace's functions may harm your web browser's speed or utilize excessive system memory.

Wiping Adware.2YourFace's Commercials Off of the Face of Your Internet

Since Adware.2YourFaces positive features have been rendered obsolete and its negative ones are completely unjustified, SpywatreRemove.com malware experts never recommend that you keep Adware.2YourFace installed. However, temporary contact with Adware.2YourFace's advertisements shouldn't be a danger to your PC – even if any prolonged interaction with them is inadvisable.

Adware.2YourFace can be installed manually from any of several sites, but bundled installations with unrelated freeware programs are the most common sources of Adware.2YourFace infections.
Adware.2YourFace isn't dedicated to a specific brand of web browser. All types of browsers, including Chrome, Firefox, Internet Explorer and Opera, are vulnerable to Adware.2YourFace. At this point in time, SpywatreRemove.com malware researchers haven't seen Adware.2YourFace infecting non-Windows operating systems, but similar types of adware have been shown displaying more cross-OS compatibility than Adware.2YourFace. Most versions of Windows, including Windows 7 and 8, can be considered in danger from potential Adware.2YourFace infections.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\DATA\Андрей2\AppData\Roaming\2YourFace\Updater.exe File name: Updater.exe
Size: 224.57 KB (224576 bytes)
MD5: 61a75fa584626ad7236a5e0ecf0ce806
Detection count: 1,832
File type: Executable File
Mime Type: unknown/exe
Path: C:\DATA\Андрей2\AppData\Roaming\2YourFace\Updater.exe
Group: Malware file
Last Updated: July 22, 2022
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 926B (926 bytes)
MD5: 222083c5dc12ef071c147a3928f7fae4
Detection count: 595
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
C:\DATA\Андрей2\AppData\Roaming\2YourFace\bho.dll File name: bho.dll
Size: 85.31 KB (85312 bytes)
MD5: d82197385b62771294a1fd2e9534f823
Detection count: 564
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\DATA\Андрей2\AppData\Roaming\2YourFace\bho.dll
Group: Malware file
Last Updated: July 22, 2022
C:\Users\<username>\AppData\Roaming\2YourFace\bho.dll File name: bho.dll
Size: 84.84 KB (84840 bytes)
MD5: ee2009c7d6f960b2980925cea3fa06ec
Detection count: 274
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Users\<username>\AppData\Roaming\2YourFace\bho.dll
Group: Malware file
Last Updated: October 30, 2021
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 2.14 KB (2147 bytes)
MD5: d85cc2e8d0992e195074ca8446408988
Detection count: 86
File type: Shortcut
Mime Type: unknown/lnk
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 951B (951 bytes)
MD5: 2994ff4a7e44da4ab1198cd6ee7c131c
Detection count: 56
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 923B (923 bytes)
MD5: 5cf35665b9509c0fcd9c118cb111596e
Detection count: 55
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 826B (826 bytes)
MD5: 653e3f4f80a84fb85931cd528927e82e
Detection count: 52
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
C:\Users\<username>\Documents\Descargas\2YourFace_11_Smart.exe File name: 2YourFace_11_Smart.exe
Size: 614.76 KB (614760 bytes)
MD5: 174c7279ace317ea202a080f04bb90fb
Detection count: 47
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\Documents\Descargas\2YourFace_11_Smart.exe
Group: Malware file
Last Updated: June 23, 2022
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 944B (944 bytes)
MD5: 2531da1ae9610d3f3cf66e69cf0ff3bb
Detection count: 41
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 909B (909 bytes)
MD5: 66410ff3c918353245e91745c7b711e0
Detection count: 35
File type: Shortcut
Mime Type: unknown/lnk
Path: %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%SYSTEMDRIVE%\Users\<username>\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\2YourFace\bho.dll File name: bho.dll
Size: 85.31 KB (85312 bytes)
MD5: c96da132f7e68a776cae2847a62764ca
Detection count: 28
File type: Dynamic link library
Mime Type: unknown/dll
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\2YourFace\bho.dll
Group: Malware file
Last Updated: September 16, 2022
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 929B (929 bytes)
MD5: bb98aecfe7b4612aab245625d0c39889
Detection count: 28
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES%\2YourFace\bho.dll File name: bho.dll
Size: 254.97 KB (254976 bytes)
MD5: 8a6655a202afc9821e666884c51d8a4b
Detection count: 23
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\2YourFace
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES%\2YourFace\bho.dll File name: bho.dll
Size: 85.31 KB (85312 bytes)
MD5: c8fa2a24c2cd3fb3651865199f65a80a
Detection count: 16
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\2YourFace
Group: Malware file
Last Updated: February 1, 2020
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 881B (881 bytes)
MD5: 4c28e6a3638022b70f624e09101f6da8
Detection count: 7
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%USERPROFILE%\Start Menu\Programs\Startup\2YourFace_Updater.lnk File name: 2YourFace_Updater.lnk
Size: 936B (936 bytes)
MD5: d4806343e61dc3bda5b6f27bac93ccbd
Detection count: 7
File type: Shortcut
Mime Type: unknown/lnk
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: March 26, 2016
%APPDATA%\2YourFace\Updater.exe File name: Updater.exe
Size: 198.14 KB (198144 bytes)
MD5: b128912661c75b8d908246ec39cae7e0
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\2YourFace
Group: Malware file
Last Updated: March 26, 2016
%APPDATA%\2YourFace\Updater.exe File name: Updater.exe
Size: 402.39 KB (402396 bytes)
MD5: 167dfd9f23b7f7fd2d3f82cbdb0a6a19
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\2YourFace
Group: Malware file
Last Updated: March 26, 2016

More files

Registry Modifications

The following newly produced Registry Values are:

CLSID{1185823F-F22F-4027-80E5-4F68ACD5DE5E}HKEY..\..\..\..{RegistryKeys}Software\2YourFaceSOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\support@2yourface.comHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}2YourFace

Additional Information

The following directories were created:
%APPDATA%\2YourFace%PROGRAMFILES%\2YourFace%PROGRAMFILES(x86)%\2YourFace
Loading...