Yieldmanger, HELP ME PLEASE!!!!!
Results 1 to 6 of 6

Thread: Yieldmanger, HELP ME PLEASE!!!!!

  1. #1
    Registered User
    Join Date
    Sep 2007
    Posts
    4

    Yieldmanger, HELP ME PLEASE!!!!!

    Hi, so I have that stupid ads.yieldmanager.com adware hidden into my computer, ive tried many different kinds of adware to remove and and i have my log from hijackthis...can someone please help me out. I took my computer down to the IT room at school and they had no clue either...im very desperate!

  2. #2
    Registered User Ferrit's Avatar
    Join Date
    Apr 2001
    Location
    Vancouver Island The Real Canada
    Posts
    4,952
    Well I would suspect first off you need to shut off system restore first.
    See here how to do this if you dont know.
    http://support.microsoft.com/kb/310405

    See here for some info on that particular adware
    http://forums.spywareinfo.com/lofive...hp/t50836.html
    http://www.techsupportforum.com/secu...nager-com.html
    I would download the latest Spoybot 1.5 and Adaware and install update and run both of them
    Gigabyte 990FXA-UD3
    AMD FX 8350 4ghz OCTO-Core
    Windows 8.1 PRO 64
    Adata 256 gig SSD
    Kingston HyperX 1600 16 Gigs
    Sapphire R9 280 2gig
    Enermax Liberty Modular 620
    www.northernaurora.net
    http://www.northernaurora.net/page/chat.html

  3. #3
    Registered User
    Join Date
    Sep 2007
    Posts
    4
    none of that worked either, i still have it. heres my log from hijackthis. Thanks a lot for helping me.

  4. #4
    Registered User
    Join Date
    Sep 2007
    Posts
    4
    Logfile of HijackThis v1.99.1
    Scan saved at 11:42:02 AM, on 28/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\LANDesk\Shared Files\residentagent.exe
    C:\Program Files\Wave Systems Corp\Common\DataServer.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\LANDesk\LDClient\LocalSch.EXE
    C:\WINDOWS\system32\CBA\pds.exe
    C:\Program Files\LANDesk\LDClient\tmcsvc.exe
    C:\WINDOWS\keyacc32.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\Program Files\LANDesk\LDClient\collector.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Apoint\HidFind.exe
    C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\LANDesk\LDClient\webportal\sdclientmonitor.e xe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\LANDesk\LDClient\softmon.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
    C:\Program Files\3M\PSNLite\PsnLite.exe
    C:\PROGRA~1\3M\PSNLite\PSNGive.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Documents and Settings\Prosha\Desktop\HijackThis.exe

  5. #5
    Registered User
    Join Date
    Sep 2007
    Posts
    4
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ca/ig/dell?hl=en&c...rel&channel=ca
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.ca/ig/dell?hl=en&c...rel&channel=ca
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
    O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet
    O4 - HKLM\..\Run: [NVHotkey] "rundll32.exe" nvHotkey.dll,Start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [Document Manager] "C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe"
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [Dell QuickSet] "C:\Program Files\Dell\QuickSet\quickset.exe"
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe " -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SDClientMonitor] "C:\Program Files\LANDesk\LDClient\webportal\sdclientmonitor.e xe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [KeyAccess] keyacc32.exe
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKCU\..\Run: [ModemOnHold] "C:\Program Files\NetWaiting\netWaiting.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: EMBASSY Trust Suite Secure Update.lnk = C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
    O4 - Global Startup: Post-itŪ Software Notes Lite.lnk = C:\Program Files\3M\PSNLite\PsnLite.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/re...s/MSNPUpld.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - AppInit_DLLs: wxvault.dll KATRACK.DLL
    O20 - Winlogon Notify: NavLogon - C:\WINDOWS\
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: LANDesk(R) Management Agent (CBA8) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\Shared Files\residentagent.exe
    O23 - Service: DataSvr2 - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe
    O23 - Service: Intel Local Scheduler Service - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\LocalSch.EXE
    O23 - Service: Intel PDS - LANDesk Software Ltd. - C:\WINDOWS\system32\CBA\pds.exe
    O23 - Service: LANDesk Targeted Multicast (Intel Targeted Multicast) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\tmcsvc.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KeyAccess - Sassafras Software Inc. - C:\WINDOWS\keyacc32.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: LANDesk(R) Software Monitoring Service (Softmon) - LANDesk Software, Ltd. - C:\Program Files\LANDesk\LDClient\softmon.exe
    O23 - Service: NTRU Hybrid TSS v2.0.7 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

  6. #6
    Driver Terrier NooNoo's Avatar
    Join Date
    Dec 2000
    Location
    UK
    Posts
    31,824
    Your logfile looks ok... couple of no file entries should be fixed, but are not part of the problem.

    These are instructions on how to remove yieldmanager from http://www.spywareremove.com/removea...anagercom.html

    Step 1 : Use Windows File Search Tool to Find ad.yieldmanager.com Path
    Go to Start > Search > All Files or Folders.
    In the "All or part of the the file name" section, type in "ad.yieldmanager.com" file name(s).
    To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
    When Windows finishes your search, hover over the "In Folder" of "ad.yieldmanager.com", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete ad.yieldmanager.com in the following manual removal steps.
    Read more about How to Find ad.yieldmanager.com with File Search Tool


    Step 2 : Detect and Delete Other ad.yieldmanager.com Files
    To open the Windows Command Prompt, go to Start > Run > type cmd and then press the "OK" button.
    Type in "dir /A name_of_the_folder" (for example, C:\Spyware-folder), which will display the folder's content even the hidden files.
    To change directory, type in "cd name_of_the_folder".
    Once you have the file you're looking for type in "del name_of_the_file".
    To delete a file in folder, type in "del name_of_the_file".
    To delete the entire folder, type in "rmdir /S name_of_the_folder".
    Select the "ad.yieldmanager.com" process and click on the "End Process" button to kill it.
    Remove the "ad.yieldmanager.com" processes files:
    yieldmanager
    yieldmanager.txt
    yieldmanager.com
    Never, ever approach a computer saying or even thinking "I will just do this quickly."

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •