Mini Spy

Loading...

Latest Threads

Loading...
 
  1. Before you start!
    All given instructions in this forum are customized for each help request, the tools used may cause damage if used on a computer with different infections. If you think you have similar issues, please post the appropriate logs in our Malware Removal Assistance forum and wait for help.

    Please be aware that removing Malware is a potentially hazardous undertaking. We will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for us to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and we cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
    We strongly advise you to backup any personal files and folders before you start.

Intermittent 'Do you want to open or save get-user-id.js from ad.yieldmananager'

Discussion in 'Malware Removal Assistance' started by llamafish, Sep 9, 2013.

  1. llamafish

    llamafish New Member

    Joined:
    Sep 9, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    2
    Hi all,

    This happens intermittently, but obviously I click cancel every time, but the various programs above have not solved this problem. Have been told ad.yieldmanager is from Yahoo, which is why I get it on my emails, but to my knowledge, I haven't had it when on my Flickr account yet. Can anyone suggest a possible cause and solution for this?

    Thanks,

    Dan

    Attached Files:

  2. Fiery

    Fiery 1 of the 4 MalwareTips Founder

    Joined:
    Jan 11, 2011
    Messages:
    2,056
    Likes Received:
    7
    Trophy Points:
    105
    Hi and welcome to MalwareTips! :)

    I'm Fiery and I would gladly assist you in removing the malware on your computer.

    PLEASE NOTE: The first 3 posts of ALL new members require approval by mods/admins. Please be patient if you don't see your post immediately after submitting it.

    Before we start:
    • Note that the removal process is not immediate. Depending on the severity of your infection, it could take a long time.
    • Malware removal can be dangerous. I cannot guarantee the safety of your system as malware can be unpredictable. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system. Therefore, I would advise you to backup all your important files before we start.
    • Please be patient and stay with me until I give you the green lights and inform you that your PC is clean.
    • Some tools may be flagged by your antivirus as harmful. Rest assure that ALL the tools we use are safe, the detections are false positives.
    • The absence of symptoms does not mean your PC is fully disinfected.
    • If you are unclear about the instructions, please stop and ask. Following the steps in the order that I post them in is vital.
    • Lastly, if you have requested help on other sites, that will delay and hinder the removal process. Please only stick to one site.

    <hr>
    Have you tried this guide? http://malwaretips.com/blogs/ad-yieldmanager-virus/ If not, give that guide a try first and let me know if the problem persists and we will go from there.
  3. llamafish

    llamafish New Member

    Joined:
    Sep 9, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    2
    Hi Fiery,

    I've now tried all of them, but still get the message.
  4. Fiery

    Fiery 1 of the 4 MalwareTips Founder

    Joined:
    Jan 11, 2011
    Messages:
    2,056
    Likes Received:
    7
    Trophy Points:
    105
    Ok, please try this.

    Download Malwarebytes Anti-Rootkit from here to your Desktop
    • Unzip the contents to a folder on your Desktop.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Make sure there is a check next to Create Restore Point and click the Cleanup button to remove any threats. Reboot if prompted to do so.
    • After the reboot, perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If there are threats, click Cleanup once more and reboot.
    • When done, please post the two logs in the MBAR folder(mbar-log.txt and system-log.txt)

    Download & SAVE to your Desktop RogueKiller or from here
    • Quit all programs that you may have started.
    • Please disconnect any USB or external drives from the computer before you run this scan!
    • For Vista or Windows 7, right-click and select Run as Administrator to start
    • Wait until Prescan has finished, then click on "Scan" button
    • Wait until the Status box shows "Scan Finished"
    • Click delete and wait until it saids deleting finished
    • Click on "Report" and copy/paste the content of the Notepad into your next reply.
    • The log should be found in RKreport[1].txt on your Desktop
      Exit/Close RogueKiller+
  5. llamafish

    llamafish New Member

    Joined:
    Sep 9, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    2
    The first scan found nothing, but the second found four registry entries. Attached log for that one.

    Shall let you know what effect that has had.

    Attached Files:

  6. Fiery

    Fiery 1 of the 4 MalwareTips Founder

    Joined:
    Jan 11, 2011
    Messages:
    2,056
    Likes Received:
    7
    Trophy Points:
    105
    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

    Note: The log can also be found on your Desktop entitled SystemLook.txt
  7. llamafish

    llamafish New Member

    Joined:
    Sep 9, 2013
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    2
    Thanks fiery, I've had the webpage up all day, with no sign of the message, shall do the above should it appear tomorrow.

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads: Intermittent open
Forum Title Date
Malware Removal Assistance Intermittent 'Do you want to open or save get-user-id.js from ad.yieldmananager' Sep 21, 2013
News Section SSL vulnerabilities leave Android apps open to attack Yesterday at 12:09 PM
System Tuning and Privacy Who needs hackers? bad lazy password opens a third of all doors Yesterday at 3:27 AM
How-To Articles, Tips and Guides OpenSUSE 13.1: Starters Guide Aug 10, 2014
Malware Removal Assistance I opened malware rar to test AV and now PC doing strange things Aug 1, 2014

MalwareTips.com is an independent website.All trademarks mentioned on this page are the property of their respective owners.