Hao.ylmf.com

Hao.ylmf.com is a serious browser hijacker that enters systems without permission in most cases. After it does that, users see a bunch of new icons on the desktop. These icons lead straight to Hao.ylmf.com because their Target lines are modified. Research carried out by the specialists at pcthreat.com has shown that this hijacker is hosted on 119.147.156.24 IP address, which shows that its origin is Guangdong – Dongguan, China. As Hao.ylmf.com browser hijacker is of Chinese origin, it is not surprising at all that Hao.ylmf.com is very prevalent in China. Of course, users living in other countries cannot feel completely safe too, for example, 3.2% of all the Hao.ylmf.com users live in Pakistan and 2.3% are residents of India. It has been observed that Hao.ylmf.com occupies all the browsers, including Internet Explorer, Google Chrome, and Mozilla Firefox, so it is not so easy to get rid of it and set another search engine.

The first thing that you will notice after you install Hao.ylmf.com is the presence of a bunch of shortcuts on the desktop. All of them, including those that belong to legitimate browsers, have modified Target lines, for example, C:\Program Files\Internet Explorer\iexplore.exe" "C:\ProgramData\tools\google.html, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Users\user\AppData\Roaming\tools\google.html, and C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Users\user\AppData\Roaming\tools\google.html, so they open http://url.cn/cn6dpI if a user clicks on any of the affected icons. After being redirected to http://url.cn/cn6dpI, users will be immediately taken to Hao.ylmf.com. At first glance, Hao.ylmf.com looks like a useful search engine which allows users to check the weather forecast, access email clients, read news and various articles, and, finally, search for the relevant information on the web. Unfortunately, Hao.ylmf.com is not as decent as it seems to be at first.

The first thing why we do not recommend keeping Hao.ylmf.com for a long time is the fact that this search engine might expose users to potential threats. It is enough to click on one of those bad links available on the start page of Hao.ylmf.com or click on a sponsored search result. After doing that, users are taken to other web pages. These web pages might promote malicious software, and thus you might infect your system with malware really quickly. Specialists say that your privacy might be violated as well if you decide to keep Hao.ylmf.com and use it to search for the information. It is very likely that Hao.ylmf.com is interested in various non-personally identifiable details primarily, for example, search queries, IP address, approximate location based on the location of your Internet service provider, ads you usually click on, the websites you visit, and much more. All these listed details are non-personally identifiable; however, researchers are sure that Hao.ylmf.com might still find some relevant information about you and sell it to third-party companies. Finally, it has been observed that the installer of this browser hijacker connects to the following servers: http://123.a101.cc/u.php?id=89, http://www.aq8.cc/?aa=ch&sd--ant-, http://17990.vicp.net/1/YWJvdXQ6Ymxhbms=, so there is no doubt that this hijacker is closely associated with them.

Hao.ylmf.com browser hijacker comes together with a bunch of other undesirable applications, for example, there is basically no doubt that you will detect Qvod, which is considered to be an adware program, on your system after you install Hao.ylmf.com. Unfortunately, Qvod is probably not the only program that has been installed alongside. To check the condition of your system, you should download a diagnostic scanner from our website (click on the Download button you will find below) and then scan your system with it. It will check all the places and then provide you with a list of undesirable programs that have to be removed immediately if you do not want to cause harm to your PC. Unfortunately, they will not disappear themselves after you get rid of Hao.ylmf.com browser hijacker.

It is really hard to remove Hao.ylmf.com completely because it does not add any extensions and it does not have an uninstall entry in Control Panel. It means that you will have to perform a number of activities to get rid of it, for example, remove files, icons it adds, and restore the Target line of Internet Explorer, Google Chrome, and Mozilla Firefox. Below provided instructions will help you with that; however, if you do not think that you can get rid of Hao.ylmf.com yourself, you should scan your system with an automatic scanner, such as SpyHunter. It is advisable to do that after you finish with the Hao.ylmf.com removal as well in order to check whether or not the system is clean.

Delete Hao.ylmf.com

Fix the Target line of Internet Explorer, Google Chrome, and Mozilla Firefox

1. Right-click on the shortcut of your browser.
2. Select Properties.
3. Open the Shortcut tab.
4. Delete the address that comes after the quotation marks in the Target line, e.g. C:\ProgramData\tools\google.html and C:\Users\user\AppData\Roaming\tools\google.html. Click Apply.

Delete files

1. Launch RUN.
2. Enter %ALLUSERSPROFILE%\tools in the box if you use Windows 7 or a higher version of Windows and click OK.
3. Find and delete google.html.
4. Launch RUN and enter %ALLUSERSPROFILE%\Application Data\tools in the box if you use Windows XP.
5. Find google.html and remove it.

Remove icons

1. Launch RUN.
2. Enter %PUBLIC%\Desktop in the box and click OK.
3. Find 打折网购.lnk and 上网导航.lnk files, delete them.
4. Go to %AppData%\Microsoft\Internet Explorer and find 打折网购.lnk and 上网导航.lnk. Remove them.
5. Enter %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs in the box and click OK.
6. Erase 打折网购.lnk and 上网导航.lnk.
7. Type in %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs\ and click OK.
8. Locate 打折网购.lnk and 上网导航.lnk.
9. Right-click on each of them and erase them.