Intermittent 'Do you want to open or save get-user-id.js from ad.yieldmananager'

L

llamafish

New Member
Thread author
Sep 9, 2013
4
Hi all,

This happens intermittently, but obviously I click cancel every time, but the various programs above have not solved this problem. Have been told ad.yieldmanager is from Yahoo, which is why I get it on my emails, but to my knowledge, I haven't had it when on my Flickr account yet. Can anyone suggest a possible cause and solution for this?

Thanks,

Dan
 

Attachments

  • aswMBR.txt
    3.2 KB · Views: 114
  • OTL.Txt
    76.9 KB · Views: 134
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Hi and welcome to MalwareTips! :)

I'm Fiery and I would gladly assist you in removing the malware on your computer.

PLEASE NOTE: The first 3 posts of ALL new members require approval by mods/admins. Please be patient if you don't see your post immediately after submitting it.

Before we start:
  • Note that the removal process is not immediate. Depending on the severity of your infection, it could take a long time.
  • Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start.
  • Please be patient and stay with me until I give you the green lights and inform you that your PC is clean.
  • Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives.
  • The absence of symptoms does not mean your PC is fully disinfected.
  • If you are unclear about the instructions, please stop and ask. Following the steps in the order that I post them in is vital.
  • Lastly, if you have requested help on other sites, that will delay and hinder the removal process. Please only stick to one site.

<hr>
Have you tried this guide? http://malwaretips.com/blogs/ad-yieldmanager-virus/ If not, give that guide a try first and let me know if the problem persists and we will go from there.
 
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Ok, please try this.

Download Malwarebytes Anti-Rootkit from here to your Desktop
  • Unzip the contents to a folder on your Desktop.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Make sure there is a check next to Create Restore Point and click the Cleanup button to remove any threats. Reboot if prompted to do so.
  • After the reboot, perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If there are threats, click Cleanup once more and reboot.
  • When done, please post the two logs in the MBAR folder(mbar-log.txt and system-log.txt)

Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select Run as Administrator to start
  • Wait until Prescan has finished, then click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • Click delete and wait until it saids deleting finished
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
    Exit/Close RogueKiller+
 
L

llamafish

New Member
Thread author
Sep 9, 2013
4
The first scan found nothing, but the second found four registry entries. Attached log for that one.

Shall let you know what effect that has had.
 

Attachments

  • RKreport[0]_D_09112013_140343.txt
    1.8 KB · Views: 267
Fiery

Fiery

Level 1
Jan 11, 2011
2,007
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
:filefind
*yield*

:folderfind
*yield*

:Regfind
yield
Click to expand...
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
 
L

llamafish

New Member
Thread author
Sep 9, 2013
4
Thanks fiery, I've had the webpage up all day, with no sign of the message, shall do the above should it appear tomorrow.
 

Similar threads

MrClass
  • Locked
Actual Threat or Scam?
Replies
2
Views
895
Windows Malware Removal Help & Support
MrClass
MrClass
Anthony Qian
    • Like
Advice Request How do you submit False Positive samples to McAfee effectively?
Replies
10
Views
1,682
McAfee
Anthony Qian
Anthony Qian
Gandalf_The_Grey
    • Like
    • Applause
    • Thanks
Jensd: Upgrade to Windows 11 22H2 on unsupported hardware
Replies
11
Views
1,603
Windows 11
anirbandutta01
anirbandutta01

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top