YoutubeBookmark

YoutubeBookmark Description

YoutubeBookmark is an adware program that has a history of being installed through fake updates and bundled freeware distributions. Although YoutubeBookmark isn't classified as a Trojan, as a Potentially Unwanted Program, YoutubeBookmark may expose you to potentially compromised advertisements and, in general, may be a drawback to your PC's performance. Deleting YoutubeBookmark without using appropriate PC security software also may be a waste of your precious time; malware researchers have seen repeated cases of YoutubeBookmark trying to stop itself from being removed from the user's browser.

When Easy Bookmark Management Asks for a High Price

It often is a matter of subtle degrees whether or not a program is categorized as a PUP or as a threat, and YoutubeBookmark is one browser add-on that's danced back and forth over that line more than is comfortable. Malware experts' suspicions were perked upon an initial analysis of the YoutubeBookmark's program structure, which uses randomly-generated file names (long strings of gibberish characters) to make its identification difficult. Although YoutubeBookmark does have YouTube bookmark-related features, these features pale when compared to the inconveniences of its advertisements features, which inject third party links into the text words of random Web pages.

YoutubeBookmark also is adware that seems to prefer to be installed with many other PUPs, rather than alone. Suspicious installation methods using software-bundling techniques have been seen installing many Potentially Unwanted Programs along with YoutubeBookmark. The overall results, for the affected PC, include general security issues, noticeable system slowdowns and the potential erasure of your browser's bookmarks. Any already-installed browser add-ons also might be uninstalled, although YoutubeBookmark isn't directly responsible for this invasion of your Web browser.

Stopping a Reincarnating Browser Add-On from Living a New Life on Your PC

YoutubeBookmark also is known for one other characteristic, which malware analysts consider especially unconscionable: its regular re-installation on PCs that attempt to delete YoutubeBookmark. This even has extended to counteracting the software-removal functions of some brand of anti-malware software, which makes YoutubeBookmark, perhaps, one of the most stubborn PUPs that malware analysts ever have seen. Shutting down all programs and using updated anti-malware products to delete YoutubeBookmark from within Safe Mode should be the most direct way of preventing you from requiring a second attempt.

YoutubeBookmark is most often found in an unwanted format for the Chrome Web browser. However, other Web browsers also may be vulnerable to YoutubeBookmark, which should be reconfigurable for these alternate products with very little effort. All unwanted programs known to use these questionable means of installation can be avoided with the proper Web-browsing behavior, along with anti-malware programs that detect YoutubeBookmark when the user awareness has failed to see any imminent adware-related problems for their browsers.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to YoutubeBookmark may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



9UtwcTcE.exe File name: 9UtwcTcE.exe
Size: 1.38 MB (1389136 bytes)
MD5: a23911a09c52992f6120ec2f9e5287bc
Detection count: 51
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 8, 2020

Registry Modifications


The following newly produced Registry Values are:

Directory%ALLUSERSPROFILE%\Application Data\YoutubeBookmark%ALLUSERSPROFILE%\Application Data\YTBooekMark%ALLUSERSPROFILE%\Application Data\YTBookMaerk%ALLUSERSPROFILE%\YoutubeBookmark%ALLUSERSPROFILE%\YTBooekMark%ALLUSERSPROFILE%\YTBooKaMark%ALLUSERSPROFILE%\YTBookMaerk%APPDATA%\{0E75F2D9-41B7-7588-F557-4233D3AA7659}%LOCALAPPDATA%\Comodo\Dragon\User Data\Default\Extensions\padmkfdcfiomnhigiklmojkegjcdnjpm%LOCALAPPDATA%\Google\Chrome SxS\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%LOCALAPPDATA%\Google\Chrome SxS\User Data\Default\Extensions\padmkfdcfiomnhigiklmojkegjcdnjpm%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\ajcfgclgcaljeccejogkgkhfkpjmloep%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\bjnhobmmhjefndpnnagllakimkhgojip%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%LocalAppData%\Google\Chrome\User Data\Default\Extensions\hajjhpaojlmdkmmghnkadmjkilcfdkho%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\jhokpoojndokcbdjejcdaclimibckkao%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\jokopcepacbbfncfoeaajmhaikekfmeg%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\jpjmaenjpdjmgbfofoacgghglfmjodio%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\ngnkpnbloobmkihblahnfepbgldhocob%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\pkfddnmhijboljfldcmcbibmnieibmho%LOCALAPPDATA%\Packages\windows_ie_ac_001\AC\{0441ABAF-D01F-55DB-1B54-FA79E229E3EF}%LOCALAPPDATA%\Packages\windows_ie_ac_001\AC\{6F4675A3-94F2-9FBE-659C-576D0218AF2C}%PROGRAMFILES%\YTBooekMark%PROGRAMFILES%\YTBookMaerk%PROGRAMFILES(x86)%\YTBooekMark%PROGRAMFILES(x86)%\YTBookMaerk%USERPROFILE%\AppData\LocalLow\{0441ABAF-D01F-55DB-1B54-FA79E229E3EF}%USERPROFILE%\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajcfgclgcaljeccejogkgkhfkpjmloep%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bjnhobmmhjefndpnnagllakimkhgojip%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hajjhpaojlmdkmmghnkadmjkilcfdkho%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhokpoojndokcbdjejcdaclimibckkao%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jokopcepacbbfncfoeaajmhaikekfmeg%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpjmaenjpdjmgbfofoacgghglfmjodio%UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ngnkpnbloobmkihblahnfepbgldhocob%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pkfddnmhijboljfldcmcbibmnieibmho%USERPROFILE%\Local Settings\Application Data\Packages\windows_ie_ac_001\AC\{0441ABAF-D01F-55DB-1B54-FA79E229E3EF}%USERPROFILE%\Local Settings\Application Data\Packages\windows_ie_ac_001\AC\{6F4675A3-94F2-9FBE-659C-576D0218AF2C}Registry keySOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0441ABAF-D01F-55DB-1B54-FA79E229E3EF}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0E75F2D9-41B7-7588-F557-4233D3AA7659}
Posted: January 9, 2014
Threat Metric
Threat Level: 2/10
Infected PCs 766

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.