Home Malware Programs Adware Adware-Wyyo


Posted: February 8, 2011

Threat Metric

Threat Level: 2/10
Infected PCs: 40
First Seen: December 1, 2009
OS(es) Affected: Windows

Adware-Wyyo is a Trojan adware that creates pop-up advertisements for the purposes of marketing other malware as malicious as itself, or even worse. Besides undesirable marketing, it will invade Internet Explorer and may cause general instability in your system. Any signs of Adware-Wyyo on a computer should be responded to by deleting Adware-Wyyo either manually or through the assistance of security software. Adware-Wyyo has no beneficial traits, and there's absolutely no reason why you'd want to keep this adware on your system.

The Start of Adware-Wyyo

Adware-Wyyo first appeared around 2009, with the greatest number of infections centered in China and the United States. Its primary means of infection is currently poorly documented, but is likely to be through infection of .exe files, which are then spread throughout the Internet in various ways, such as P2P programs and malicious website code.

The Outer Workings of Adware-Wyyo's

Adware-Wyyo may not always come alone. Adware-Wyyo may be bundled with infections such as rogue anti-spyware programs. This combination is especially potent because Adware-Wyyo, as adware, is likely to advertise for these rogue programs that throw up an outer pretense of being useful system-maintenance tools. Don't mistake these rogue programs for the real thing!
The primary sign of Adware-Wyyo or similar adware consists of a deluge of pop-ups, which may persist even with your browser closed, or if you're using an unusual browser. Other common attacks consist hijacking your browser forcibly through an Internet Explorer plug-in, altering your browser's settings (particularly your designated home page), and a heavy reduction in the speed of your system's performance. Adware-Wyyo has also been reported to deal out far nastier problems as well, almost as lethal afterthoughts. Other characteristics:

  • Adware-Wyyo may download and run malware automatically, without your consent or knowledge
  • .

  • Adware-Wyyo may also serve as spyware by recording the browsing habits and other information of the user and then sending that information to criminals.
  • Adware-Wyyo will create an entry in your registry to cause Adware-Wyyo to start every time Windows is started under ordinary conditions.
  • Adware-Wyyo will register a DLL file, which may be used to make your computer vulnerable and deliver or run malware besides Adware-Wyyo.

Adware-Wyyo Extermination

Following standard practices for online safety and security should allow you to avoid infection. If you do find yourself playing host to this vermin and need to delete Adware-Wyyo, the usual measures should suffice; reboot your computer into Safe Mode through hitting F8 during startup, and run appropriate anti-malware scanners. Unless your software is significantly out of date, it should be able to remove Adware-Wyyo. If you need to update your software before running a scan, launch Safe Mode with Networking to have Internet access. You may also want to switch browsers temporarily if it's feasible, since Adware-Wyyo is content to leech off of Internet Explorer.



Suspicious file [Panda]potentially unwanted program Adware-Wyyo [McAfee]Adware/Wyyo [Fortinet]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

wyyo.exe File name: wyyo.exe
Size: 54.76 KB (54760 bytes)
MD5: 127b1bcca7e418f3c9acce6590202e18
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: December 11, 2009
wyyo.dll File name: wyyo.dll
Size: 58.85 KB (58856 bytes)
MD5: bd5da0e61ad04c037678d41e5247fb8f
Detection count: 31
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Last Updated: January 8, 2010

One Comment

  • w32 blaster worm microsoft vista says:

    I can't get to some of my programs. Can I back up my data without getting the virus on my portable hard drive?