Yahoo! is malware

That Yahoo! is malware won’t be any surprise to some people living on the other side of the Great Firewall in a certain country on the Pacific Ocean.

I spent about an hour this evening ripping various adwares off my kid’s machine, including the ubiquitous Babylon and Ask toolbars, the latter coming in via Oracle’s Java update. AdwCleaner handled both of those well enough but was unable to remove the Yahoo! toolbar that seems to have come in with a Firefox update (it also refused to uninstall via the Control Panel).

[Special Note: AdwCleaner, like most Windows utilities on sites like bleepingcomputer.com should preferably be downloaded using a Linux system in order to reduce the risk infection from the swirling mass of adware that infests every square inch of their web pages. Most of the flashy ads and trojan horse buttons don’t even show up in Firefox on Linux, so you’ll be able to find the actual download link much faster than if you’d surfed over with Internet Explorer on Windows.]

In the end I was forced to go through the registry and delete all references to Yahoo! products, including those invoking ycomp.dll (the core library for the Yahoo! Companion). Then I got into the file system and deleted every folder that had a variation on the Yahoo! name in it (see this post covering the normal procedure for removing malware, adware and other evils).

These “toolbars” are really nothing more than Trojan programs. If the U.S. Congress wants to really do something to protect intellectual property, they should ban these sorts of add-ons. Then folks like me wouldn’t have to squander our intellect on cleaning up after them.

Postscript: Yahoo! so mangled our Firefox configuration so badly that I finally had to uninstall the software, delete the local profile files and then re-install. The user was not at all please with this, as it’s their practice to rely on browser history rather than bookmarks (of course I had exported the few bookmarks that he had to a bookmarks.html, but it only contained a tiny fraction of the links he uses every day). Another customer lost by Yahoo!

This entry was posted in Security, System Administration on by .

About phil

My name is Phil Lembo. In my day job I’m an enterprise IT architect for a leading distribution and services company. The rest of my time I try to maintain a semi-normal family life in the suburbs of Raleigh, NC. E-mail me at philipATlembobrothersDOTcom. The opinions expressed here are entirely my own and not those of my employers, past, present or future (except where I quote others, who will need to accept responsibility for their own rants).