Author Topic: ilivid ads  (Read 1639 times)

Offline Rick007

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
ilivid ads
« on: March 17, 2013, 02:55:20 PM »
Hey!
I'm stuck with the ilivid ads popping up randomly on webpage. I did uninstall everything I could, but they still are coming back. Any help would be appreciated. I have attached all the log.

Thanks

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.17.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Richard :: RICHARD-VAIO [administrator]

Protection: Enabled

17/03/2013 10:51:50 AM
mbam-log-2013-03-17 (10-51-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 238530
Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Richard\AppData\Local\Temp\pricepeep_130001_1001.exe (Adware.Shopper) -> Quarantined and deleted successfully.
C:\Users\Richard\AppData\Local\Temp\UpdUninstall.exe (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\Richard\Downloads\mplayer_Setup.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.

(end)

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21672
  • Gender: Male
    • Personal Message (Offline)
Re: ilivid ads
« Reply #1 on: March 17, 2013, 03:04:09 PM »
are they still there after running AdwCleaner and Malwarebytes?

Essexboy is notified and will remove any leftovers when he arrive   ;)

Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline Rick007

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
Re: ilivid ads
« Reply #2 on: March 17, 2013, 03:06:10 PM »
Hey Pondus,

yes, they are still there, but only on random webpages on IE.

Thanks

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28966
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: ilivid ads
« Reply #3 on: March 17, 2013, 03:13:28 PM »
Let me know if this cures it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:OTL
IE - HKU\S-1-5-21-539813603-3878447910-1714663330-1000\..\SearchScopes\{06E07138-DB4E-4A28-921B-37EC2E36AC77}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3101810&CUI=UN76230062829833151&UM=1
FF - prefs.js..extensions.enabledAddons: %7B8B2AC248-3917-41cf-82A8-A583EBA5418C%7D:1.0.2
O2 - BHO: (Yealt Class) - {40C78C4E-5AE5-4762-9B7D-D2DE31B03B77} - C:\Windows\SysWOW64\yealt.dll (Yealt)

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Offline Rick007

  • Newbie
  • *
  • Posts: 3
    • Personal Message (Offline)
Re: ilivid ads
« Reply #4 on: March 17, 2013, 04:23:14 PM »
Hey essexboy,

Worked like a charm, your the best. I attached the OTL log.

Thanks

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28966
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: ilivid ads
« Reply #5 on: March 17, 2013, 07:45:22 PM »
When you are happy let me know and we will tidy up

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now