Vonteera: Adware That Can Destroy Your Antivirus


Adware really is crappy stuff, if you think too much into it. While most of the internet-using population has come to see that advertising is partly what makes your internet use cheap and affordable (even free, if you connect over public wifi), it’s more than a little annoying to attempt reading a news article or browsing online only to have box after box popup and block the already small view.

There was some relief from the antivirus software companies when they started blocking adware, a tactic that actually landed a few of them in court when they were sued by adware makers. Yes, the people who make those annoying popup ads actually sued software companies for keeping their pesky ads from appearing on your screen.

Now, a new form of adware is fighting back against the antivirus companies. Called Vonteera, it can disable your antivirus software by designating the certificate as unauthorized. You still think you’re running it, you might even run an update, and your computer is going to ignore it. That’s an oversimplified explanation, but it’s the bare bones of what’s happening when Vonteera strikes.

Besides disabling certificates from a host of companies like Avast, AVG, Avira, Baidu, Bitdefender, ESET, Lavasoft,  Malwarebytes, McAfee, Panda, ThreatTrack and Trend Micro and shoving them in the Untrusted Certificates folder, there are a couple of other nasty features of this particular software. According to Henry T. Casey of, “Vonteera has a few other tricks up its sleeve: It changes shortcuts on the Windows user desktop and in the Windows taskbar, and redirects the home pages of the Chrome, Firefox, Internet Explorer, Opera and Safari Web browsers so that the browsers open on an ad website.”

Fortunately, the team at has come up with a fix, even though it’s not as simple as installing an update since it involves reinstating each certificate one by one. Casey has also provided these links to correct the issue with your browser, depending on which one you’re running: “If your browser has been hijacked by adware, here are instructions to reset Chrome, Firefox, IE and Safari.”