I don’t know where I caught this thing, but it is invading my browsers, if I do not use the browsers than there are no problems. But the message keeps popping up no matter what I do and no matter which site I visit.
I am attaching a couple of logs.
Two from Malware, one addition and one from FRST. There are two Malware attachments because I did a clean in between before I found this forum.
And I cannot get aswMBR.exe to complete, it errors before it is finished.
After these runs could you let me know if the alerts have ceased
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Download the attached Fixlist.txt to the same location as FRST
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
Thank you and before I reboot from FRST here is the fixlog. As it is getting late where I am, I am going to call it a night and run the other in the morning.
It seems to have solved the problem, do I need to take any further action? ilivid has been installed for about a year, and it has not caused any issues… Did something infect it? Do I dare to try to reinstall it?
Ok I will, thank you. Though have used it for a long time, with no problems. But I probably will not re-install after reading those comments. thanks.
I still think I may have some problem with SVCHOST.EXE. I just got one notification of a possible intrusion but it was blocked. I have gotten only one since fixing the problems, so I dont know if it was random or not.
ATM, we’re waiting for essexboy to come back with personalised and specific fixes for your system. Make any changes you like after the cleansing routine is done and when essexboy gives you the all clear.
It was working fine, but this morning after a reboot it came back, and I know exactly why… I downloaded a program called YTD Downloader to replace the ilivid software I can no longer use, unfortuantely, even though this software has an editor’s rating it is full of malware also. I am very disappointed in CNET. I am sorry to trouble you again for another fix.
Malwarebytes is showing clean.
So I ran AWB and the results are attached. I have already uninstalled the YTD software, but of course that doesn’t help.
AWB results attached, I did not clean yet. In addition the Malwarebytyes software keeps popping up a SVCHOST.EXE problem…
Yes, I actually did visit your site to check on that site, http://www.ytddownloader.com/ before I installed it. As I did not install MyPCBackup, and figured out how not to install it, I figured I would be fine. but I was wrong. I will use your site more often for other software I wish to install in the future. It’s a nice site, and I will be adding my own comments about these two vicious programs soon.
And unchecky looks like a great program, though I always slowly go through new software to uncheck all the boxes, including the one that caused this problem. Just that this particular software was no good to begin with even without any checked boxes… sigh…
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
Dang, this one is more problematic than the last one? I was hoping for a quick fix like the last one… I have used combofix before, but it always worries me it could do more harm… alright, I will download and proceed.
Some interesting things happened during the process. 1. I had to approve the program to run about 4 times during the process, is this normal? 2. I had some registry keys that it couldn’t access. 3. I had no permissions as an admin to save that logfile so I saved it to a USB pen instead. 4. After reboot seems no issues.
Most importantly FireFox window stayed open during the procedure, not sure if this influenced anything. When the system told me don’t run any programs during the process I shut it down while it prepared the log file, so I am not sure if this influenced the output or not… I closed everything else except FF. As I wanted to have the instructions handy.
Everything seems to be working ok. of course still getting the URL:MAL message and SVCHOST issue from Malwarebytes, but other than that, all the programs I usually use any way are working fine. I cannot go through all of them. But there were no error messages after reboot.
