MALWARE WARNING: Felix Draeseke - String Quintett in A Major, Op. 77 (1901)

Started by Derek Hughes, Thursday 16 January 2014, 08:48

Previous topic - Next topic

Derek Hughes

I tried to download this, but became suspicious of the extra goodies which were bundled with it, and went to the YouTube recording instead. Despite my stopping the download, one or two pieces of adware have installed themselves: jdj.openmace and the Bandoo Media Movies Toolbar. These may or may not be linked. Kaspersky Antivirus doesn't regard them as threats, but various sites on the Web do. If I try to uninstall the Movies Toolbar through Control Panel, I am directed to Bandoo Media's proprietary uninstallation program, of which I am naturally wary. Is any Draeseke fan also adept in removing malware?

thalbergmad

You need to restore your computer to an earlier date. I have done this before and it removes malware and unwanted toolbars.

The only downside being that you will lose any programmes you might have installed after your nearest restore date.

Thal

jerfilm

If you don't want to do a restore, you might try Malwarebytes anti-malware.  I've used it for some years and very successfully.

Jerry

britishcomposer

I am very sorry and concerned about this. Of course I have removed the file.
I checked it with my antivirus programme, which is a professional version of Kaspersky. As you said, Derek, Kaspersky cannot find any fault.
Virus warnings at mediafire have occurred in the past but they had something to do with the inner structure of mediafire (I think) and didn't mean that the files were infected.
But this now seems to be quite another case...
I recorded this piece myself and digitised it a couple of years ago. I uploaded it uncompressed as an mp3-file and wonder if those "goodies" are on my computer or came to the file while or after uploading it.

Any idea? Did any other member download the file with similar results before?

I check my computer regularly with Kaspersky and haven't had any major problems since then. (Well, could be a good or a bad sign...)
The service team which checked my computer a few years ago recommended using Kaspersky.

Again, I am very sorry for causing such nasty inconveniences.

britishcomposer

I just noticed that the Draeseke Quintet has been downloaded 31 times. I would very much appreciate to know if other members had the same trouble as Derek!

Derek Hughes

When I attempted to download the quintet, something called iLivid Download Manager intervened. I've now Googled iLivid, and this does seem to be problematic.

Still, Malwarebytes has come to the rescue. Thanks to Mark and others for suggesting it. It will doubtless have further uses in future.

britishcomposer

I have just written to mediafire and asked them to check the file. Moreover I have asked if this problem has occurred before or if it is my fault, etc.
I will keep you up to date.

britishcomposer

This is what mediafire wrote me:

Hello,

Thank you for contacting MediaFire. I am happy to answer your questions today.

I have downloaded and tested the file and it came back clean. I would need to know what browser they were using and virus protection software they have. It's possible that they are getting a false positive or an ad on the page triggered the warning. Either way your file is virus free and so is our site.

Derek Hughes

I've just downloaded britishcomposer's recording of Rubinstein's Don Quixote. That was straightforward, without the invasive oddities that accompanied the Draeseke download. I cannot begin to think of an explanation. Thanks to everyone for their help and diligence.

Derek Hughes

I spoke too soon. I noticed that a separate iLivid window had appeared in connection with the Rubinstein download. It was this that had caused the trouble last time. Where does this come from? Is it a problem with my computer that attaches itself to the MediaFire site, or is it related to MediaFire?

Mark Thomas

Derek, I have just downloaded Mathias' Don Quixote from MediaFire with no difficulty, and certainly no invasive iLivid window appears.

Sorry to be the bearer of bad news, but I do wonder if your browser is infected with a trojan which tries to install iLivid whenever you try to download a file using your browser? If you have Malwarebytes installed, do a full system scan with that and see if anything comes up. Have a look and see if your browser has an add-on or extension installed which doesn't look familiar to you, and uninstall it.

jerfilm

I get the ilivid thing once in a while, too.  One thing you might try - your browser probably has an option that won't let pop up windows show up and you might try activating that.

Jerry

Mark Thomas

This page, has recommendations for removing an iLivid infection It recommends using MalwareBytes to do the job.

Derek Hughes

I've just noticed that, despite my attempts to stop it, iLivid downloaded the Draeseke quintet--as an .exe file. This wasn't flagged as suspicious when I did a general Malwarebytes scan, but when I searched my hard disk for the word 'iLivid' the quintet file came up. I individually scanned it with Malwarebytes and it was marked as suspicious.

iLivid's own website describes it as 'The ultimate downloader for Mediafire, FileServe, Hotfile and more'. It may be a one-way marriage, but iLivid does seem to have the ability to ambush the unwary as they use legitimate download sites.

Mark Thomas

I wonder if it took it's name from its victims tendency to exclaim: "I, livid"?