# What is Yieldmanager? Anyone know?



## AlecinOz (Mar 25, 2007)

Hi,

I have started getting stacks of junk (ads) from this crowd. Can anyone tell me what Yieldmanager is and, I guess more importantly, how do I get rid of it! I'm using XP and when I do a search, I'm informed that it's a .sol file (associated with Adobe??????) 

This stuff only started appearing last week and I reckon its piggy-backed its way on to the PC. As I'm not the only user of the computer somebody else could have downloaded something to do with Adobe, but as they ain't around to ask, can you guys help?

Ta
Alec


----------



## Cheeseball81 (Mar 3, 2004)

* *Click here* to download *HJTsetup.exe*.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to *C:\Program Files\Hijack This*.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the *Do a system scan and save a log file* button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
*DO NOT* have Hijack This fix anything yet. Most of what it finds will be harmless or even required.


----------



## AlecinOz (Mar 25, 2007)

Hi Cheeseball 81,
I hope this works  lol I have never tried this before.
Thanks, by the way.
Alec

Logfile of HijackThis v1.99.1
Scan saved at 11:34:21, on 21/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [Backup NOW! Scheduler] "c:\Program Files\NewTech Infosystems\NTI Backup NOW! 4\Schdlr32.exe" -s
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {46C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDPass Class) - http://www.cdpass.com/cdkey/CDPass.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183175508953
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\Acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

WOW!! How cool is that??? Does that also explain why I have such a really slow "Startup"?
A


----------



## Cheeseball81 (Mar 3, 2004)

Yeppers

Download the Trial version of *Superantispyware Pro (SAS)*: 
http://www.superantispyware.com/superantispyware.html?rid=3132

Install it and double-click the icon on your desktop to run it.
· It will ask if you want to update the program definitions, click Yes.
· Under Configuration and Preferences, click the Preferences button.
· Click the Scanning Control tab.
· Under Scanner Options make sure the following are checked:
o Close browsers before scanning
o Scan for tracking cookies
o Terminate memory threats before quarantining.
o Please leave the others unchecked.
o Click the Close button to leave the control center screen.
· On the main screen, under Scan for Harmful Software click Scan your computer.
· On the left check C:\Fixed Drive.
· On the right, under Complete Scan, choose Perform Complete Scan.
· Click Next to start the scan. Please be patient while it scans your computer.
· After the scan is complete a summary box will appear. Click OK.
· Make sure everything in the white box has a check next to it, then click Next.
· It will quarantine what it found and if it asks if you want to reboot, click Yes.
· To retrieve the removal information for me please do the following:
o After reboot, double-click the SUPERAntispyware icon on your desktop.
o Click Preferences. Click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o It will open in your default text editor (such as Notepad/Wordpad).
o Please highlight everything in the notepad, then right-click and choose copy.
· Click close and close again to exit the program.
· Please paste that information here for me with a new Hijack This log.


----------



## AlecinOz (Mar 25, 2007)

Hi Cheeseball81,

Here goes.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/22/2007 at 01:12 PM

Application Version : 3.9.1008

Core Rules Database Version : 3290
Trace Rules Database Version: 1301

Scan type : Complete Scan
Total Scan Time : 01:20:00

Memory items scanned : 371
Memory threats detected : 0
Registry items scanned : 5354
Registry threats detected : 0
File items scanned : 66194
File threats detected : 44

Adware.Tracking Cookie
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][7].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][3].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][8].txt
C:\Documents and Settings\Alex\Cookies\[email protected][6].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][2].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][1].txt
C:\Documents and Settings\Alex\Cookies\[email protected][10].txt
C:\Documents and Settings\Alex\Cookies\[email protected][11].txt
C:\Documents and Settings\Alex\Cookies\[email protected][5].txt
C:\Documents and Settings\Alex\Cookies\[email protected][9].txt
C:\Documents and Settings\Jim\Cookies\[email protected][1].txt
C:\Documents and Settings\Jim\Cookies\[email protected][2].txt


----------



## AlecinOz (Mar 25, 2007)

Hi again.

I should have mentioned that, regarding the scan I just sent you, it relates only to the C: Drive. i.e. I did not scan the D: Drive which was also checked when I got to that part of the process. Apart from anything else I don't even know what the Drive is!! 'though I do know that it has about half of the computer's memory allocated to it. 

Alec


----------



## Cheeseball81 (Mar 3, 2004)

Are you still having problems


----------

