Liveupdt.com thread problem

[Izzwizzy]

Hello,

I have these daily Liveupdt.com potential thread blocked that pops up now and then when I visit sites like Twitch and Twitter/X and a few others for the past months or so. 

What does it mean and how can I get rid of that? 

[AdvancedSetup]

Hello @Izzwizzy and

 

Let's go ahead and run a couple of scans and get some updated logs from your system. Please read the entire post below before starting so that you're more familiar with the process

Then follow each step in the order provided. Unless otherwise asked, please attach all logs

 

Please make the following system changes:

• If you have not done so already - Enable System Protection and create a NEW System Restore Point
• Temporarily disable your antivirus real-time protection or other security software first only if it blocks or interferes with the scans or downloads.. Make sure to turn it back on once the scans are completed
• Temporarily disable Microsoft SmartScreen to download software below only if needed. Make sure to turn it back on once the downloads are completed
• Disable-Fast-Startup
• Show-Hidden-Folders-Files-Extensions

Please run the following scans:

1. Click the following link and run a  Scan with AdwCleaner
2. Click the following link and run a  Scan with Malwarebytes 
      RESTART the computer
3. Click the following link and run a  Scan with Farbar Recovery Scan Tool 
    

Example image of where to click to attach files when posting your reply

 

Thank you

 

[Izzwizzy]

Hello and thank you!

I've attached all the scan results, I hope I've done it correctly. 

AdwCleaner[C00].txt Scan report.txt FRST.txt Addition.txt

[AdvancedSetup]

Thank you for the logs @Izzwizzy

Please temporarily disable the Microsoft Controlled Folder Access under the Windows Defender Security settings, which will block many attempts at trying to clean the system.

Then run the fix below

 

 

Please run the following fix

 

NOTE: Please read all of the information below before running this fix.

• NOTICE: This script was written specifically for this user, for use on this particular machine.
• Running this on another machine may cause damage to your operating system that cannot be undone.

Once the fix has been completed, please attach the file FIXLOG.TXT to your next reply

Farbar program:   FRSTEnglish.exe

Save the attached file:  FIXLIST.TXT to this folder C:\Users\izzyw\Desktop\

NOTE. It's important that both files, FRSTEnglish.exe, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real-time antivirus or security software before running this script. Once completed, make sure you re-enable it.

 

 

Run the Farbar program with Admin rights and press the Fix button just once and wait.

The fix may possibly take up to 60 minutes to complete

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log named Fixlog.txt in the same folder you ran the Farbar program from. Please attach that log on your next reply.

 

1. NOTE:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity.
2. NOTE: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications may be automatically closed.
               Also, make sure you know the passwords for all websites as cookies may possibly be removed in some cases, but not all cases.
3. NOTE: As part of this fix, it will also reset the network to default settings including the firewall. If you have custom firewall rules you need to save please export or save them first before running this fix.

The following directories are emptied:

• Windows Temp
• Users Temp folders
• Edge, IE, FF, Chrome, and Opera caches, HTML5 storages, Cookies and History
• Recently opened files cache
• Discord cache
• Java cache
• Steam HTML cache
• Explorer thumbnail and icon cache
• BITS transfer queue (qmgr*.dat files)
• Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

[Izzwizzy]

Hello,

Here is the fix log file. 

Fixlog.txt

[AdvancedSetup]

Please run the following @Izzwizzy

 

Dr.Web CureIt!

Please download the Dr.Web CureIt! anti-virus utility
https://free.drweb.com/

 

You will need to send them an email to obtain a link to download the scanner, please do so

• The downloaded file will normally have a unique name such as:  q7a9tr4p.exe
• Close all open applications and locate the downloaded file and double-click to run it
• The program will take a moment to launch and bring up the License and Update screen
• Place a check mark to agree to the terms and then click on the Continue button
• Click the underlined link Select objects for scanning
• On the top left click the Scanning objects that should automatically check all objects
• Click the small wrench and make sure there is a check on Automatically apply actions to threats
• Then click the large button on bottom right Start scanning
• Once the scan has completed there will be a link named Open report click that and a log named cureit.log should open in Notepad
• The log is saved in the folder named Doctor Web in the top of your user profile folders
• Please attach that log on your next reply

 

 

 

[Izzwizzy]

34 minutes ago, AdvancedSetup said:

"You will need to send them an email to obtain a link to download the scanner, please do so"

I can download it straight from your link, do I still have to email them for a link to download the scanner? 

 

[AdvancedSetup]

If you can download without sending an email, please do

 

[Izzwizzy]

Sorry, I couldn't edit my last reply but I did have to send an email to get the link, anyways there were no threats found with this scanner either. 

cureit.log

[AdvancedSetup]

Please download Firefox if needed and set it to be the DEFAULT browser.

Then using Firefox as the default browser are you still having this block alert on any site?

 

[Izzwizzy]

Yes, but this time I've received two different block messages on the Firefox browser that I've just downloaded and the only tabs that I had open were Discord and TwitchTV

[AdvancedSetup]

Exit out of and Disable running both Twitch and Discord temporarily

Then let me know if you get the block or not

 

[AdvancedSetup]

Basically both of those applications can have users posting links to junk, spam, trash, malware, etc. and Malwarebytes is doing it's job blocking it.

 

[AdvancedSetup]

Please post back the logs from today

 

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location

 

 

RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged

 

 

If you click on the View option you should get something similar to the following with other options available.

 

 

 

 

 

[Izzwizzy]

I've only had the browser version of Discord and Twitch open on Firefox and not the aplications.

Detection log 1.txt Detection log 2.txt

[Izzwizzy]

Here are a couple more blocks while only watching Twitch on Firefox.

[AdvancedSetup]

It doesn't matter. Again, Twitch and Discord are open public applications that thousands of people get infected from every year. I can post links to malware all day long and Discord and Twitch are not going to block it.

As long as you continue to use these applications I highly advise you to keep Malwarebytes real-time protection enabled. It will help keep you from getting infected. It's doing it's job.

 

If you shut down ALL browsers and messaging, and email and simply browse the Internet you should have no block alerts.

 

[Izzwizzy]

3 minutes ago, AdvancedSetup said:

If you shut down ALL browsers and messaging, and email and simply browse the Internet you should have no block alerts.

But how am I supposed to brows the internet if I shutdown all browsers?

And, can my computer get infected just by watching Twitch streams or browsing Discord because I haven't been clicking any links, it just happens randomly.

Is normal to get these block alerts and should I ignore them?

[AdvancedSetup]

Sorry, I mean, Shut down from Discord, Twitch - do not go to those sites

When not on those specific sites I bet you're not getting detections

 

[Izzwizzy]

Oh, you mean that Malwarebytes detects some of the suspicious links that are posted on Twitch and Discord and it blocks them even when I'm not clicking on them or even seeing them.

[AdvancedSetup]

Yes, they're in/on the page of the site and so we detect it and block it. It's not stopping Discord or Twitch from running. It's just stopping bad links from them.

Just trying to get you to run without them so you can see that yourself.

 

[AdvancedSetup]

Unless there is some other issue I think you should be all good.

Please let me know if you need anything else or are still having unresolved issues

 

[AdvancedSetup]

We're glad that we were able to assist you.

The following information will help you to keep your computer and data safer as well as improve your overall privacy

1. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.
   https://www.howtogeek.com/780233/best-password-manager/
2. Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/
3. Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download     https://patchmypc.com/about-us
4. Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2
5. Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ 
6. Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security

Malwarebytes Browser Guard

•   Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee
•   Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser
•   Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/

uBlock Origin

• Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm 
• Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak 
• Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin

 

Cybersecurity basics & protection
Everything you need to know about cybercrime
https://www.malwarebytes.com/cybersecurity

 

Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog  https://blog.malwarebytes.com/

Hopefully, we've been able to assist you with correcting your system issues.

Thank you for using Malwarebytes. Please tell your friends and family if they too need assistance with malware removal

 

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following to help you better protect your computer and privacy Tips to help protect from infection

Thank you