Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

*.src-click-download.xyz in browser

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

*.src-click-download.xyz in browser

Unread postby marionthorne » October 29th, 2016, 2:24 pm

My first indication that something was wrong was that whenever I opened up my browser (firefox), another firefox process would appear in my task bar instead of opening in the same firefox thread as usual.
Image
Then, another tab would open up automatically each time I opened firefox a tab would open offering to update my browser with the path "*.src-click-download.xyz/ + string of characters". The asterisk is there because each time, that part of the url would be different.
I boot-time scanned my computer with avast, which finally removed what I thought had been the source of the problem (yahoo! powered), but the problem persisted. I then used adwcleaner, which stopped that page from appearing every time I open it.

However, firefox still opens a new slot in the task bar, which indicates to me that the root of the problem is still there. I'm all out of ideas, so I was hoping you guys could help me with this.
You do not have the required permissions to view the files attached to this post.
marionthorne
Active Member
 
Posts: 2
Joined: October 29th, 2016, 2:06 pm
Advertisement
Register to Remove

Re: *.src-click-download.xyz in browser

Unread postby pgmigg » October 29th, 2016, 8:13 pm

Hello marionthorne,

Welcome to the forum! :)

I am pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: *.src-click-download.xyz in browser

Unread postby pgmigg » October 29th, 2016, 8:39 pm

Hello marionthorne,

P2P Advisory!
IMPORTANT: There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent
As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove P2P Program
  1. Please press the Windows Key + R.
  2. Enter appwiz.cpl into the text box and click OK.
  3. Locate the following programs:
    µTorrent
  4. Press the Uninstall or Uninstall/Change button and carefully follow any prompts to uninstall the program.
    • Take care to read through any prompts completely! Some uninstallers may attempt to trick you into keeping the program.
    • Do this for every program listed.
    • Don't worry if you can't find one of the programs. Just be sure to let me know in your reply.
  5. When all listed programs have been uninstalled, please close Control Panel
  6. Once finished reboot (restart) your computer.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 3.
TSG - SysInfo utility
  1. Please download SysInfo.exe and save it to your Desktop.
  2. Right click SysInfo.exe and select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. The small square window will be opened with already highlighted text - please right click on it, select Copy and then paste it in your next post.

Then:
Please tell me is this computer used for business purposes and/or connected to a business network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Your decision about P2P programs
  3. Contents of CKFiles.txt log file
  4. Contents of TSG - SysInfo utility
  5. Answer to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: *.src-click-download.xyz in browser

Unread postby marionthorne » October 29th, 2016, 11:24 pm

Everything seems to've gone smoothly, and I've removed the P2P program from my computer.
Also, this is my personal computer, but it is connected to a public network (college campus WiFi).

SysInfo:
Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Home, 64 bit
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz, Intel64 Family 6 Model 61 Stepping 4
Processor Count: 4
RAM: 8106 Mb
Graphics Card: Intel(R) HD Graphics 5500, 1024 Mb
Hard Drives: C: 913 GB (593 GB Free);
Motherboard: Acer, Aspire VN7-571G
Antivirus: Windows Defender, Disabled

CKFiles.txt:
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\fx\nparticles_examples\crackegg.ma
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\fx\nparticles_examples\.mayaswatches\crackegg.ma.swatch
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\modeling\sculpting_stamps\.mayaswatches\rgb_crackedfun1.tif.swatch
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\modeling\sculpting_stamps\.mayaswatches\rgb_mudcracks.tif.swatch
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\paint_effects\fun\cracks.mel
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\examples\paint_effects\fun\cracks.mel.icon
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\plug-ins\xgen\presets\expressions\samples\color\procedural\patterns\cracks_brokenglass.se
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\resources\l10n\ja_jp\scripts\crackshatter.res.mel
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\resources\l10n\zh_cn\scripts\crackshatter.res.mel
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\scripts\others\crackshatter.mel
c:\autodesk\wi\autodesk maya 2017\x64\maya\autodesk\maya2017\scripts\others\crackshatter.res.mel
c:\program files\autodesk\maya2017\examples\fx\nparticles_examples\crackegg.ma
c:\program files\autodesk\maya2017\examples\fx\nparticles_examples\.mayaswatches\crackegg.ma.swatch
c:\program files\autodesk\maya2017\examples\modeling\sculpting_stamps\.mayaswatches\rgb_crackedfun1.tif.swatch
c:\program files\autodesk\maya2017\examples\modeling\sculpting_stamps\.mayaswatches\rgb_mudcracks.tif.swatch
c:\program files\autodesk\maya2017\examples\paint_effects\fun\cracks.mel
c:\program files\autodesk\maya2017\examples\paint_effects\fun\cracks.mel.icon
c:\program files\autodesk\maya2017\plug-ins\xgen\presets\expressions\samples\color\procedural\patterns\cracks_brokenglass.se
c:\program files\autodesk\maya2017\resources\l10n\ja_jp\scripts\crackshatter.res.mel
c:\program files\autodesk\maya2017\resources\l10n\zh_cn\scripts\crackshatter.res.mel
c:\program files\autodesk\maya2017\scripts\others\crackshatter.mel
c:\program files\autodesk\maya2017\scripts\others\crackshatter.res.mel
c:\program files\blender foundation\blender\2.76\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files\krita (x64)\share\apps\krita\brushes\a_crackled.gbr
c:\program files (x86)\pcsx2 1.4.0\pcsx2_keys.ini.default
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\coreblueprints\emitters\eggcrackemitter.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\dinos\dino_wounds\cracked_holes_mask.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\dinos\dino_wounds\cracked_mask.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\dinos\dino_wounds\cracked_mask02_n.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\dinos\dino_wounds\cracked_mask_n.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\effects\textures\generic\crackmask.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock5_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock6_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock7_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock9_lavacrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\environment\marketplace\materials\mic_rock_lavacrack_basemic.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\general\oiljarcrackemitter.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\primalearth\sound\sfx\temp\eggcrack.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\scorchedearth\environment\manticorearena\rocks\t_rock_01_cracks_e.uasset
c:\program files (x86)\steam\steamapps\common\ark\shootergame\content\scorchedearth\environment\ruins\modularbuildings\materials\t_ruins_cracks.uasset
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1acr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1mes.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1mon.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1spr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1stk.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker1thg.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2acr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2mes.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2mon.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2spr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2stk.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker2thg.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3acr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3mes.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3mon.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3spr.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3stk.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\character\geargroup\helmet\dhelmetnutcracker3thg.upk
c:\users\public\daybreak game company\installed games\dc universe online\unreal3\dcgame\cookedpc\dcfxgroups\power\electric\dcfxpowele_thundercrack_imp.upk
scanner sequence 3.ZZ.11.MSAAK0
----- EOF -----
marionthorne
Active Member
 
Posts: 2
Joined: October 29th, 2016, 2:06 pm

Re: *.src-click-download.xyz in browser

Unread postby pgmigg » October 30th, 2016, 12:05 pm

=====================
Cracked/Illegal Software:
=====================

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • Illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW FRST logs :

  • FRST.txt.
  • Addition.txt.
  • Details of the problems you're experiencing.
  • Link to your closed topic.

Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 103 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware