By edteach
Feb 11, 2008
  1. I was having trouble logging on to yahoo mail it kept going to my defalt gateway and saying ad.yieldmanager. I looked this up on line and found it was a type of adwere. I did a search and removed the 2kb ad.yieldmanager file. Was wondering if any one could help me clean out my computer. Here is a copy of hyjack this log. Thanks. Logfile of trend micro hijackthis v2.0.2 scan saved at 8:05:48 pm, on 2/11/2008 platform: windows xp sp2 (winnt 5.01.2600) msie: internet explorer v6.00 sp2 (6.00.2900.2180) boot mode: normal running processes: c:\windows\system32\smss.exe c:\windows\system32\winlogon.exe c:\windows\system32\services.exe c:\windows\system32\lsass.exe c:\windows\system32\ati2evxx.exe c:\windows\system32\svchost.exe c:\windows\system32\svchost.exe c:\windows\system32\wltrysvc.exe c:\windows\system32\bcmwltry.exe c:\program files\lavasoft\ad-aware 2007\aawservice.exe c:\windows\system32\ati2evxx.exe c:\windows\explorer.exe c:\windows\system32\spoolsv.exe c:\program files\common files\aol\acs\aolacsd.exe c:\program files\common files\aol\topspeed\2.0\aoltsmon.exe c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe c:\program files\grisoft\avg anti-spyware 7.5\guard.exe c:\progra~1\grisoft\avg7\avgamsvr.exe c:\progra~1\grisoft\avg7\avgupsvc.exe c:\progra~1\grisoft\avg7\avgemc.exe c:\program files\common files\new boundary\prismxl\prismxl.sys c:\program files\synaptics\syntp\syntplpr.exe c:\program files\synaptics\syntp\syntpenh.exe c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe c:\progra~1\grisoft\avg7\avgcc.exe c:\progra~1\panicw~1\pop-up~1\psfree.exe c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe c:\program files\messenger\msmsgs.exe c:\windows\system32\svchost.exe c:\program files\internet explorer\iexplore.exe c:\program files\internet explorer\iexplore.exe c:\program files\trend micro\analyser v_2\analyser v_2..exe r0 - hkcu\software\microsoft\internet explorer\main,start page = r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = o2 - bho: adobe pdf reader link helper - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll o2 - bho: xbtp03704 class - {1d6c60f6-f97c-4d48-b442-ed2441aa2a66} - c:\progra~1\snipeo~1\snipet~1.dll (file missing) o2 - bho: (no name) - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\sdhelper.dll o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_10\bin\ssv.dll o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll o2 - bho: cbrowserhelperobject object - {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\bae.dll o3 - toolbar: (no name) - {ba52b914-b692-46c4-b683-905236f6f655} - (no file) o3 - toolbar: &google - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll o4 - hklm\..\run: [syntplpr] c:\program files\synaptics\syntp\syntplpr.exe o4 - hklm\..\run: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe o4 - hklm\..\run: [recguard] %windir%\sminst\recguard.exe o4 - hklm\..\run: [!avg anti-spyware] "c:\program files\grisoft\avg anti-spyware 7.5\avgas.exe" /minimized o4 - hklm\..\run: [avg7_cc] c:\progra~1\grisoft\avg7\avgcc.exe /startup o4 - hkcu\..\run: [popupstopperfreeedition] "c:\progra~1\panicw~1\pop-up~1\psfree.exe" o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe o4 - hkcu\..\run: [msmsgs] "c:\program files\messenger\msmsgs.exe" /background o4 - hkus\s-1-5-19\..\run: [avg7_run] c:\progra~1\grisoft\avg7\avgw.exe /runonce (user 'local service') o4 - hkus\s-1-5-20\..\run: [avg7_run] c:\progra~1\grisoft\avg7\avgw.exe /runonce (user 'network service') o4 - hkus\s-1-5-18\..\run: [power2goexpress] na (user 'system') o4 - hkus\.default\..\run: [power2goexpress] na (user 'default user') o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~2\office11\excel.exe/3000 o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.5.0_10\bin\ssv.dll o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.5.0_10\bin\ssv.dll o9 - extra button: - {cd67f990-d8e9-11d2-98fe-00c0f0318afe} - c:\windows\system32\shdocvw.dll o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (yinststarter class) - c:\program files\yahoo!\common\yinsthelper.dll o16 - dpf: {67dabfbf-d0ab-41fa-9c46-cc0f21721616} (divxbrowserplugin object) - o23 - service: ad-aware 2007 service (aawservice) - lavasoft ab - c:\program files\lavasoft\ad-aware 2007\aawservice.exe o23 - service: aol connectivity service (aol acs) - america online - c:\program files\common files\aol\acs\aolacsd.exe o23 - service: aol topspeed monitor (aol topspeedmonitor) - america online, inc - c:\program files\common files\aol\topspeed\2.0\aoltsmon.exe o23 - service: apple mobile device - apple, inc. - c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe o23 - service: ati hotkey poller - ati technologies inc. - c:\windows\system32\ati2evxx.exe o23 - service: avg anti-spyware guard - grisoft s.r.o. - c:\program files\grisoft\avg anti-spyware 7.5\guard.exe o23 - service: avg7 alert manager server (avg7alrt) - grisoft, s.r.o. - c:\progra~1\grisoft\avg7\avgamsvr.exe o23 - service: avg7 update service (avg7updsvc) - grisoft, s.r.o. - c:\progra~1\grisoft\avg7\avgupsvc.exe o23 - service: avg e-mail scanner (avgems) - grisoft, s.r.o. - c:\progra~1\grisoft\avg7\avgemc.exe o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe o23 - service: ipod service - apple inc. - c:\program files\ipod\bin\ipodservice.exe o23 - service: prismxl - new boundary technologies, inc. - c:\program files\common files\new boundary\prismxl\prismxl.sys o23 - service: broadcom wireless lan tray service (wltrysvc) - unknown owner - c:\windows\system32\wltrysvc.exe -- end of file - 6392 bytes
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...