Home Malware Programs Browser Plugins YoutubeBookmark


Posted: January 9, 2014

Threat Metric

Ranking: 17,015
Threat Level: 2/10
Infected PCs: 1,028
First Seen: January 9, 2014
Last Seen: September 11, 2023
OS(es) Affected: Windows

YoutubeBookmark is an adware program that has a history of being installed through fake updates and bundled freeware distributions. Although YoutubeBookmark isn't classified as a Trojan, as a Potentially Unwanted Program, YoutubeBookmark may expose you to potentially compromised advertisements and, in general, may be a drawback to your PC's performance. Deleting YoutubeBookmark without using appropriate PC security software also may be a waste of your precious time; malware researchers have seen repeated cases of YoutubeBookmark trying to stop itself from being removed from the user's browser.

When Easy Bookmark Management Asks for a High Price

It often is a matter of subtle degrees whether or not a program is categorized as a PUP or as a threat, and YoutubeBookmark is one browser add-on that's danced back and forth over that line more than is comfortable. Malware experts' suspicions were perked upon an initial analysis of the YoutubeBookmark's program structure, which uses randomly-generated file names (long strings of gibberish characters) to make its identification difficult. Although YoutubeBookmark does have YouTube bookmark-related features, these features pale when compared to the inconveniences of its advertisements features, which inject third party links into the text words of random Web pages.

YoutubeBookmark also is adware that seems to prefer to be installed with many other PUPs, rather than alone. Suspicious installation methods using software-bundling techniques have been seen installing many Potentially Unwanted Programs along with YoutubeBookmark. The overall results, for the affected PC, include general security issues, noticeable system slowdowns and the potential erasure of your browser's bookmarks. Any already-installed browser add-ons also might be uninstalled, although YoutubeBookmark isn't directly responsible for this invasion of your Web browser.

Stopping a Reincarnating Browser Add-On from Living a New Life on Your PC

YoutubeBookmark also is known for one other characteristic, which malware analysts consider especially unconscionable: its regular re-installation on PCs that attempt to delete YoutubeBookmark. This even has extended to counteracting the software-removal functions of some brand of anti-malware software, which makes YoutubeBookmark, perhaps, one of the most stubborn PUPs that malware analysts ever have seen. Shutting down all programs and using updated anti-malware products to delete YoutubeBookmark from within Safe Mode should be the most direct way of preventing you from requiring a second attempt.

YoutubeBookmark is most often found in an unwanted format for the Chrome Web browser. However, other Web browsers also may be vulnerable to YoutubeBookmark, which should be reconfigurable for these alternate products with very little effort. All unwanted programs known to use these questionable means of installation can be avoided with the proper Web-browsing behavior, along with anti-malware programs that detect YoutubeBookmark when the user awareness has failed to see any imminent adware-related problems for their browsers.

Technical Details

Registry Modifications

The following newly produced Registry Values are:


Additional Information

The following directories were created:
%ALLUSERSPROFILE%\Application Data\YoutubeBookmark%ALLUSERSPROFILE%\YTBooKaMark%ALLUSERSPROFILE%\YTBookMaerk%ALLUSERSPROFILE%\YoutubeBookmark%APPDATA%\{0E75F2D9-41B7-7588-F557-4233D3AA7659}%LOCALAPPDATA%\Comodo\Dragon\User Data\Default\Extensions\padmkfdcfiomnhigiklmojkegjcdnjpm%LOCALAPPDATA%\Google\Chrome SxS\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%LOCALAPPDATA%\Google\Chrome SxS\User Data\Default\Extensions\padmkfdcfiomnhigiklmojkegjcdnjpm%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\ajcfgclgcaljeccejogkgkhfkpjmloep%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\bjnhobmmhjefndpnnagllakimkhgojip%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\gfnneapopeemcfnediaaiefeaachmcdh%LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\jhokpoojndokcbdjejcdaclimibckkao%PROGRAMFILES%\YTBookMaerk%PROGRAMFILES(x86)%\YTBookMaerk
The following URL's were detected: