Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Tuesday, September 8, 2009

spywareremove.com

Al buscar yieldmanager.com sale como primera opción en google.com:
ad.yieldmanager.com Removal Instruction

ad.yieldmanager.com Description and Removal Instructions.
Find and Detect ad.yieldmanager.com on your PC.
Remove, Uninstall and Get Rid of ...


Vorsicht! Attention! Atenzione! Cuida'o!!!!!!!!!!!!!
spywareremove. com/ removeadyieldmanagercom.html es una página muy sugerente en un sitio de apariencia seria y profesional, pero que es para descargar software engañifa (rogue software) que parece ser un software para proteger de sofware malicioso, pero es peor que eso.
Si tiene un problema con infección del "yieldmanager Ad"
blogger45 from here
Junior Member
To tryr to determine were ad.yieldmanager.com is hosted
Execute ->cmd
C:\Documents and Settings\myhome>ping ad.yieldmanager.com
Pinging ad.yieldmanager.com [213.52.227.196] with 32 bytes of data:
Reply from 213.52.227.196: bytes=32 time=76ms TTL=47
Reply from 213.52.227.196: bytes=32 time=68ms TTL=47
Reply from 213.52.227.196: bytes=32 time=70ms TTL=47
Reply from 213.52.227.196: bytes=32 time=70ms TTL=47
Ping statistics for 213.52.227.196:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 68ms, Maximum = 76ms, Average = 71ms
C:\Documents and Settings\myhome>tracert ad.yieldmanager.com
Tracing route to ad.yieldmanager.com [213.52.227.196]
over a maximum of 30 hops:
1 5 ms 4 ms 11 ms 10.49.128.1
2 7 ms 25 ms 7 ms g02-pegasus.crs-1.onvol.net [212.56.128.190]
3 28 ms 21 ms 17 ms g01-draco.crs-1.onvol.net [212.56.129.97]
4 46 ms 38 ms 56 ms 217.15.96.213
5 47 ms 37 ms 35 ms ge1-15.73-1.datastream.com.mt [217.15.97.70]
6 * * 57 ms pal5-maltacom-4-mt.pal.seabone.net [195.22.218.121]
7 78 ms 77 ms 76 ms par8-par1-racc1.par.seabone.net [195.22.210.97]
8 87 ms 83 ms 86 ms prs-b1-link.telia.net [213.248.98.105]
9 84 ms 84 ms * prs-bb1-pos6-1-2.telia.net [213.248.65.77]
10 169 ms * * ldn-bb1-pos7-2-0.telia.net [213.248.64.10]
11 * 196 ms 191 ms ldn-b3-pos6-0.telia.net [213.248.65.238]
12 80 ms * * globix-106876-ldn-b3.c.telia.net [213.248.100.166]
13 66 ms 66 ms 65 ms ge-4-2-0-core2.lhr2.globix.net [209.10.12.225]
14 75 ms * 80 ms so-4-1-0.core1.lhr3.globix.net [209.10.11.150]
15 66 ms 75 ms 66 ms v4-edge5-gw3.lhr3.globix.net [209.10.22.5]
16 * * 71 ms 213.52.198.6
17 70 ms 68 ms 76 ms 213.52.227.196
Trace complete.
C:\Documents and Settings\myhome>
http://www.schwarzl.com/ipcheck.htm...ip3=227&ip4=196
Put in the tcp/ip number you are searching for:
Response from whois.ripe.net:
% This is the RIPE Whois query server #2.
% The objects are in RPSL format.
%
% Note: the default output of the RIPE Whois server
% is changed. Your tools may need to be adjusted. See
% http://www.ripe.net/db/news/abuse-p...l-20050331.html
% for more details.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Note: This output has been filtered.
% To receive output for a database update, use the "-B" flag
% Information related to '213.52.128.0 - 213.52.255.255'
inetnum: 213.52.128.0 - 213.52.255.255
org: ORG-GL5-RIPE
netname: UK-GLOBIX-20001010
descr: Provider
descr: Globix Limited
country: GB
admin-c: DJK15-RIPE
tech-c: ASK33-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: GBIX-RIPE-MNT
mnt-routes: GBIX-RIPE-MNT
source: RIPE # Filtered

organisation: ORG-GL5-RIPE
org-name: Globix Limited
org-type: LIR
address: Globix Limited
Prospect House
80-110 New Oxford Street
London WC1A 1HB
England
phone: +44 20 7611 3000
fax-no: +44 20 7611 3002
e-mail: ripe-admin@globix.net
admin-c: CL1060-RIPE
admin-c: NB78-RIPE
mnt-ref: GBIX-RIPE-MNT
mnt-ref: RIPE-NCC-HM-MNT
mnt-by: RIPE-NCC-HM-MNT
source: RIPE # Filtered
person: David Krauth
address: Globix Limited
address: Prospect House
address: 80 - 110 New Oxford Street
address: London. WC1A 1HB
address: UK
phone: +44 20 7908 8000
fax-no: +44 20 7908 8010
e-mail: dkrauth@globix.com
nic-hdl: DJK15-RIPE
mnt-by: GBIX-RIPE-MNT
source: RIPE # Filtered
person: Adeel Khan
address: Globix Limited
address: 1 Olivers Yard
address: London
address: EC1Y 1HQ
address: UK
phone: +44 20 7611 3115
fax-no: +44 20 7611 3002
e-mail: akhan@globix.com
nic-hdl: ASK33-RIPE
remarks: ************************************
remarks: Please send abuse/spam notifications
remarks: to: abuse@globix.net only.
remarks: ************************************
mnt-by: GBIX-RIPE-MNT
source: RIPE # Filtered
are these people http://www.globix.net/ responsibel for ad.yieldmanager.com spyware?
----------------------------
Source
How to remove one of the most difficult spyware popup infections to date:
ad.yieldmanager.com
This insidious spyware was extremely persistent, avoiding cleaning by a normal set of favorite cleaners: Kaspersky, AVG Antivirus, AVG Antispyware, Spybot, Ad-Aware, Panda Online, HijackThis, l2mfix, VundoFix, Easy Cleaner, CleanUp!, and ewido.net.
At first it was even difficult to identify the type of spyware because the popups didn’t leave many clues other than an occasional “New Offer” popup window. However, after letting the PC system “ferment” a little to let the spyware infestation spread, the ad.yieldmanager.com signature appeared in one of the windows.
The best removal sequence came mostly from this site:
http://www.pchell.com/support/smitfraud.…
where are the steps for removing SmitFraud.
The set of cleaners to run from Safe Mode in this order:
Of the set of cleaners, RogueRemover and Aproposfix were considered the critical programs for this particular spyware infection.
After running all these cleaners the ad.yieldmanager.com spyware was removed completely.
Source:

No comments: