Ad.yieldmanager.com is a popup virus that seems to have relations with sponsorship, ib.adnxs.com and web.longfintuna.net. It needs an efficient way to remove it before it causes more popup ads. And the most efficient way to prevent it from coming back is manual method.
1. About Ad.yieldmanager.com
Ad.yieldmanager.com is a pop-up adware that appears not only Firefox,
but also Internet Explorer and Google Chrome. It acts in two different ways,
they respectively are:
*Ad.yieldmanager.com keeps randomly popping up, wanting to open or save
get-user-id.js from it on Yahoo mail.
*Ad.yieldmanager.com keeps popping up commercial ads during browsing
session.
(Here is one of the ads that ad.yieldmanager.com displays)
2. Does the picture posted here ring a bell? Popup ads like sponsorship and
web.longfintuna.net once popped up the same commercial content, which well
explains that ad.yieldmanager.com popup collaborates with other popup ads,
including ib.adnxs.com, ads.bluelithium.com and others.
Such popup like ad.yieldmanager.com has been identified as a virus because
it generates material interests to its makers by:
*Luring victims to click on the displayed ad from its domain with content
catering to victims appetite after gathering information stored in the memory of
the target machine.
*Filching confidential data stored on browser as well as the kernel part of the
target machine to resell to other spammers.
*Hijacking conversations via video calls.
*Invading log-in credentials to accounts, especially banking account, if any.
*Carrying on fraudulent purchase.
*Making spam mails as a way to collect more information of more people.
Ad.yieldmanager.com popp has long been known to wide range of PC users
as a browser malware, however, it makes its way to keep affecting users, and
its distribution source is the World Wide Web. By making vicious sites to be
3. searched by Google, utilizing drive-by download, exploiting vulnerability on
server, web sites and existing in recommended installation,
ad.yieldmanager.com popup manages to affect users easily.
Annoying Ad.yieldmanager.com Popp
It has been reported by one of its victims that ad.yieldmanager.com popup
kept him from using the “back” button to navigate to a prior screen. It is not
only annoying but irritating. Victims trying hard to remove
ad.yieldmanager.com popup found that Norton 360 claimed to remove the
program but its processes and services were still in the task manager; no
delete messages were given when trying to delete the cookie from temp
cookie files; no indication of ad.yieldmanager.com popup is showing in
Control Panel;what’s even worse, the popup virus over rides restore to earlier
date, which undoubtedly to post difficulties in removing ad.yieldmanager.com
popup. As a matter of fact, ad.yieldmanager.com has make changes to kernel
part of a system the moment it displays in-page popup ads on browsers. Such
random and arbitrary modification is sufficient enough to form vulnerability
4. which is easily being taken advantage by deadly virus. Thus, with its
infiltration goes on, more dysfunctions can be encountered:
*Choppy laggyness happens quite often.
*Executable error messages are popping up when attempts are made to
remove ad.yieldmanager.com popup.
*Page loading speed is sliced down significantly.
*More unknown programs are installed onto the computer without
permission.
*More popup ads are coming into sight.
Therefore, victims should remove ad.yieldmanager.com popup as soon as
possible.
How Can I Remove Ad.yieldmanager.com
Popp from My Computer?
5. One: Exterminate running process of ad.yieldmanager.com
popup.
•
Windows 8
□ Start screen.
□ Type ‘Task’.
□ Hit Process tab.
□ Find and select items related to ad.yieldmanager.com.
□ Press ‘End’ to remove ad.yieldmanager.com popup.
•
Windows7/vista/XP
□ Hold Ctrl, Alt and Delete key combination together.
□ Task Manager windows pops up.
6. □ Hit Process tab.
□ Find and select items related to ad.yieldmanager.com.
□ Press ‘End Process’ to remove ad.yieldmanager.com popup.
Should one encounter error message telling the process you are planning on
ending cannot be exterminated, please follow the instructions below:
•
Windows 8
□ Start screen.
□ Type ‘Task’.
□ Task Manager window appears.
□ Hit View tab.
□ Select ‘Show Kernel Times’/ ‘Select Process Page Columns’.
□ Tick PID (Process Identifier)
7. > Press OK.
> Find ‘LSASS.exe’ for its image of the User Account which does not belong
to system.
> Back to desktop and press Win key and R together.
> Put in ‘CMD’ and press Enter key.
8. > Type ‘ntsd –c q -p (PID, the number you saw on Task Manager)’ (without
quotation marks).
> Press Enter key.
•
Windows 7/XP/Vista
> Hold Ctrl, Alt and Delete key combination together
> Task Manager shows
> Hit View tab.
→ follow the same process as depicted above.
Two: Reset browser to help remove ad.yieldmanager.com popup.
•
Internet Explorer
□ Open Internet Explorer.
□ Click on the Tools menu and then select Internet Options.
□ Click on the Advanced tab before clicking on the Restore Defaults button.
□ Press OK
•
Firefox
9. □ Click on the Firefox button.
□ Select Help.
□ Go to Troubleshooting information.
□ Locate a box containing ‘Reset Firefox’ button on the left upper corner of the
web page.
•
Google Chrome
□ Choose ‘Customize and Control Google Chrome’ menu.
□ Select ‘Options’.
□ Click ‘Under the Hood’ tab on ‘Options’ window.
□ Click ‘Reset to Defaults’ button.
Three: Manually modify browser settings to remove
ad.yieldmanager.com popup further.
•
Firefox
10. □ Click on the Tools menu at the top of the Firefox window.
□ Go to Manage Add-ons.
□ Made modification under Extensions tab and Plugins tab respectively.
•
Google Chrome
□ Click on ‘Customize and control’ Google Chrome icon
.
□ Select ‘Settings’.
□ Manage ‘Extension’.
□ Select ‘manage search engine’ to make your favorite site as your homepage
and search engine should there be any arbitrary changes to the
corresponding sections.
•
Internet Explorer
□ Go to Tools.
□ Choose ‘Manage Add-ons’.
11. □ Find and click on something useless including ad.yieldmanager.com popup
in ‘Toolbars and Extensions’, ‘Search Providers’ respectively and remove
them.
□ Click ‘Disable’/ ‘Remove’ to confirm the removal of selected items including
ad.yieldmanager.com popup.
Four: Activate build-in popup blocker to stop
ad.yieldmanager.com popup from appearing.
•
Mozilla Firefox
□ Open Mozilla Firefox.
□ Click Tools.
□ Go to Options.
□ Click the Web features button on the left hand side of the Options window.
□ Choose ad.yieldmanager.com and press ‘OK’ to confirm the change.
•
Microsoft Internet Explorer
□ Open Internet Explorer.
□ Click Tools.
12. □ Choose Options.
□ Select Privacy tab.
□ Locate pop-up Blocker section at the bottom of the Privacy tab.
□ Check “Block pop-ups” option to stop ad.yieldmanager.com popup.
•
Google Chrome
□ Modification in Extension section could have stopped ad.yieldmanager.com
popup; if one has Google Toolbar, one can use the free popup blocker offered
by the toolbar to stop ad.yieldmanager.com.
Five: Show hidden files and folders before finding out and
deleting any item associated with ad.yieldmanager.com popup in
Drive C.
•
Windows 8
□ Open Windows Explorer by clicking on Windows Explorer application from
Start Screen.
□ Select View tab on Windows Explorer window.
□ Tick ‘File name extensions’ and ‘Hidden items’ options.
□ Press ‘OK’ to confirm the change.
13. •
Windows 7/XP/Vista
□ Open ‘Control Panel’ from Start menu.
□ Search for ‘Folder Options’ and hit Enter key.
□ Under View tab to tick ‘Show hidden files and folders and non-tick Hide
protected operating system files (Recommended)’.
□ Click ‘OK’ to confirm the change.
Six: Empty out all Temp folders under System32.
□ Click into C Disk.
□ Double click on Temp folder under System 32.
□ Press Ctrl and A key together and release the keys simultaneously after all
items are selected.
14. □ Right click on one of the selected items.
□ When a drop down list shows, press Shift and D key together.
□ A box comes up for confirmation if you want to delete all without putting
them in Dustbin.
□ Press Enter key.
Seven: Go to the Database and navigate to
HKCUSOFTWAREMicrosoftWindowsCurrentVersion
HKEY_CURRENT_USERSoftwareMicrosoftWindows
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows
15. to find items related to ad.yieldmanager.com malware contained
in folders of infected browser (e.g. IE, Mozilla Firefox, Google
Chrome)
•
Windows 8
□ Move your mouse over lower right screen.
□ Type ‘regedit’/‘regedit.exe’
□ Hit Enter key.
•
Windows 7/XP/Vista
□ Press Win key and R key together.
□ Type ‘regedit’ (without quotation) in the box.
□ Hit Enter key.
Kindly reminder: Don’t forget to restart the infected computer after doing all
the steps shown above and get back into normal mode again to see if
ad.yieldmanager.com popup is gone. If error message prompts up after
16. reboot to tell that files cannot be found, it is indicating that some registry keys
are still under modification, which can be either made by
ad.yieldmanager.com’s leftovers or other items brought in by ad.yieldmanager
popup. The same process needs to be done all over again to remove any
suspicious items to help its survival.
Tips to prevent ad.yieldmanager.com popup affection:
□ Scan with anti-virus programs or other types of security utilities to find out
any patches that need update.
□ Impose restrictions on Apache.
□ Disable banner that shows what is actually running on a target computer;
besides, disable ServerSignature and ServerTokens as well.
□ Disable Directory index by opening up terminal before executing the
following commands:
1) rm -f /etc/apache2/mods-enabled/autoindex.load;
2) rm -f /etc/apache2/mods-enabled/autoindex.conf.
17. □ Disable WebDAV, a file access protocol of HTTP, to assure that potential
attackers cannot modify files to upload vicious codes by deleting dav, dav_fs
and dav_lock files on terminal through commands:
1) rm -f /etc/apache2/mods-enabled/dav.load;
2) rm -f /etc/apache2/mods-enabled/dav_fs.conf;
3) rm -f /etc/apache2/mods-enabled/dav_fs.load;
4) rm -f /etc/apache2/mods-enabled/dav_lock.load.
□ Turn off request from TRACE HTTP to prevent online conversation from
being hijacked by navigating the terminal to /etc/apache2/apache2.conf.
□ Restrict vulnerability in IIS.