Ad.YieldManager.com warnings, yet nothing found?

Discussion in 'Malware Help (A Specialist Will Reply)' started by GotC, Dec 27, 2009.

  1. GotC

    GotC Private E-2

    Hello,

    As of today (27/12/09) I have been getting odd warnings from my virus scanner when I visit certain (perfecly safe) websites. I use avast! Antivirus version 4.8. I run a Windows Vista Professional, fully up to date and well secured. I use Hitman pro and Windows Defender for removing spyware. My internet browser is the latest version of Safari, which I run in Privacy Mode most of the time. I do not record my browser history and my security settings are always on High.

    The specific message I get it that whenever I visit a certain site (like www.spitsnieuws.nl, a normal Dutch news website), my virus scanner reports that an attempt from Ad.YieldManager to connect to something has been blocked. Now this seems a good thing, that the attempt has been blocked, yet, why do I get the message?

    I have searched the internet and found several topics about this YieldManager. All were cases about hijacked web browsers or even Trojans due to it. I have used the Advanced Search option in Windows and looked for it but the computer wasn't able to find anything named "AdYieldManager" or "ad.yieldmanager.txt".

    Before posting this thread I have read your sticky concerning safety measures and standard malware removal programs. I also ran both Defender and Hitman, both reporting a clean computer.

    I have downloaded nothing suspicious of late, nor do I use p2p programs. I am completely oblivious as to the mysterious warnings/alerts I have been getting since this morning.

    If any of you could clarify the situation or help me solve the problem I would be very greatful.

    Kind Regards,

    Rob

    EDIT:

    The alert log from avast!:
    27.12.2009 14:03:06 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=300x250&s=431758&t=1&x=http%3A%2F%2Fads%2Ecreative%2Dserving%2Ecom%2Fclick%3Bab4b795c%2Dbd0b%2D441d%2Da7e3%2D22290800d385%3B431758%3Bcdnl%2Eyahoo%3B%3B%3B&rnd=582280350 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:04:46 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=120x600&s=716974&_salt=1629066924&B=10&r=0 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:04:46 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=468x60&s=759585&t=1&x=http%3A%2F%2Fads%2Ecreative%2Dserving%2Ecom%2Fclick%3Bcd27abf2%2Dad47%2D4419%2D830c%2D03ba31e853ed%3B759585%3Bcdnl%2Etelegraaf%5Fadmeld%5Fnew%5Fsetup%3B%3B%3B&rnd=314575560 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:04:46 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=336x280&s=759588&t=1&x=http%3A%2F%2Fads%2Ecreative%2Dserving%2Ecom%2Fclick%3Ba0165299%2Dca62%2D44d2%2Da03f%2D4e685e371cb6%3B759588%3Bcdnl%2Etelegraaf%5Fadmeld%5Fnew%5Fsetup%3B%3B%3B&rnd=584982084 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:10:50 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=728x90&s=436479&_salt=17811032&B=10&u=http%3A%2F%2Fwww.huntingnut.com%2Findex.php%3Fname%3DForums%26file%3Dviewtopic%26t%3D5763&r=1 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:10:52 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=728x90&s=436479&_salt=968418696&B=10&u=http%3A%2F%2Fwww.huntingnut.com%2Findex.php%3Fname%3DForums%26file%3Dviewtopic%26t%3D5763&r=1 [ C:\Program Files\Safari\Safari.exe ( 3572 ) ]
    27.12.2009 14:21:00 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=468x60&s=716972&_salt=3608465358&B=10&r=0 [ C:\Program Files\Safari\Safari.exe ( 3704 ) ]
    27.12.2009 14:39:18 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=468x60&s=759585&t=1&x=http%3A%2F%2Fads%2Ecreative%2Dserving%2Ecom%2Fclick%3B066cfcf7%2D8406%2D4d7f%2D948d%2Df7ecc147d47c%3B759585%3Bcdnl%2Etelegraaf%5Fadmeld%5Fnew%5Fsetup%3B%3B%3B&rnd=368399455 [ C:\Program Files\Safari\Safari.exe ( 3704 ) ]
    27.12.2009 14:39:46 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=468x60&s=759585&t=1&x=http%3A%2F%2Fads%2Ecreative%2Dserving%2Ecom%2Fclick%3Be875ed2d%2Df946%2D48f4%2D9c8e%2Dafd3da78f93f%3B759585%3Bcdnl%2Etelegraaf%5Fadmeld%5Fnew%5Fsetup%3B%3B%3B&rnd=589802175 [ C:\Program Files\Safari\Safari.exe ( 3704 ) ]
    27.12.2009 14:39:58 Network Shield: blocked access to malicious site ad.yieldmanager.com/imp?Z=468x60&s=759594&_salt=3799917474&B=10&r=0 [ C:\Program Files\Safari\Safari.exe ( 3704 ) ]
     
    Last edited: Dec 27, 2009
    GotC, Dec 27, 2009
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    Hi

    I've been getting this today in Avast, I think its a false positive in one of todays virus dat file updates, run the manual update now as I think they have fixed this in the last 30mins as I just gained an update and now sites that where showing that issue in adverts to a JScript Trojan are not.

    Just think it was a bad update from Avast that linked some adverts as malware, when they where not, the lastest update seems to have fixed this.
     
    DavidGP, Dec 27, 2009
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds