Help Needed With URL:MAL Pop Up Warning

Hi,

I am asking you to run these scans because some of the tools that we use show us different things and analyze differently. :slight_smile:

OK thanks I was just wondering.

I am located in an area that is having a major snow event so it might be some time tomorrow before I can run the next scans.

No problem. Thanks for letting me know. Stay warm!! :slight_smile:

Hello Jeffce

When I download the Junkware Removal Tool I am getting a message that says that the file appears malicious and recommends discarding the download. Please advise is this download safe?

Thank you.

Yes the download is safe. :slight_smile:

OK thank you.

And sorry one more question your instructions said to turn off protection. Doe that mean turning off Avast because assuming that I do have something lurking in my computer I’m afraid to turn off Avast as I continue to get random pop ups.

Thank you.

Yes…please disable Avast for the time being while you are running that scan. Really…if Avast is picking it up, we should be able to remove it regardless of whether or not Avast is running. :slight_smile:

Hi Jeffce

Thank you for the reassurance. I have just completed 4 hours of shoveling snow and I am dead tired so i will run the next scan that you want tomorrow.

Sounds like a plan. :slight_smile:

Hello Jeffce

JRT and OTL scans are attached.

I also lost some icons after the JRT scan was run. The icons affected are Action Center, Windows Update, Windows Explorer, and Quickset. When I go into the customize screen for icons and notifications I get the following message when I try to set them to “Show Icon And Notifications”

This notification icon is not currently active. It will be shown the next time it becomes active.

Could you run the same set of instructions I provided for OTL in the last response but this time be sure to press Run Fix this time. It looks like you pressed Run Scan instead.

Attach the OTL log when completed.

Hi Jeffce

I apologize I did run the previous OTL as Scan instead of FIX. The Fix Log is now attached.

Could you also please advise on why I am now getting this message for some missing icons after completing your latest set of instructions.

This notification icon is not currently active. It will be shown the next time it becomes active.

The icons missing are Action Center,Windows Host Process(Rundll32), Dell DataSafe Local Backup, Windows Task Manager, Windows Update, Windows Explorer, and Quickset.

Thanks for letting me know.

Let’s continue and then come back to the missing icons issue. :slight_smile:


http://i1224.photobucket.com/albums/ee380/jeffce74/mbam-3.jpg
Malwarebytes

Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.

ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator
[*]Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.[*] Turn off the real time scanner of any existing antivirus program while performing the online scan[*]Tick the box next to YES, I accept the Terms of Use.[*]Click Start[*]When asked, allow the activex control to install[*]Click Start[*]Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.[*]Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.[*]Click Scan[]Wait for the scan to finish[]When the scan is done, if it shows a screen that says “Threats found!”, then click “List of found threats”, and then click “Export to text file…”[] Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.[]Close the ESET online scan, and let me know how things are now.

Hello Jeffce

Here are the next set of logs. Thank you for your continued assistance.

Those both look good. The entries found by ESET are fine. Any other malware problems?? :slight_smile:

Hi Jeffce

I have had a couple of pop up warnings in the last 24 hours. If all of these scans that have been done are not showing any malware or infection then what explanation can there be for this?

Hi,

When you say popup warnings…are you referring to Avast? Can you give me a screen shot of what you are seeing?

Hi Jeffce

Yes it is an Avast warning. Red pop up warning with the Avast voice that says threat has been detected. When I click on more details it says:

URL: hxxp://afe.specificclick.net/?l
Process: C:\Program Files\internet explorer\iexplore.exe
Infection: URL:Mal

I have not gotten it again yet but I guess if we need to table this until I get it again that is fine. How would I capture a screen shot and post it here?

Meanwhile if we are going to table this then are you confident so far that I do not have a problem to worry about and is there any clean up that I need to do for all of the various tools that I have downloaded over the last few days. I have seen posts from essexboy where he suggests clean up activity after a problem has been solved.

Also is there anything that I can do can do for this message that I get for some icons:
This notification icon is not currently active. It will be shown the next time it becomes active.

Hi,

Yes we will remove our tools when finished. :slight_smile:

So you have not received any more alerts from Avast about that? Don’t worry about posting a screenshot. The information that you gave me was just fine.

Let’s see about fixing up that warning about your icons now.

Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.

I would like for you to go to the page here >> http://www.sevenforums.com/tutorials/13102-notification-area-icons-reset.html and follow the instructions provided. This should fix up your problems with the Notification Icons.

Let me know how that works for you.

Hello Jeffce

I have run the registry backup process and the reset notification area icons process. I believe that it looks and acts as I would expect.

So here are my next set of questions that I would appreciate a reply to.

  1. In the notifications area icons I see Windows host process (Rundll32) Bluetooth. I researched this and saw conflicting reports that it is a legitimate Microsoft process to execute DLL’s or it could be a malicious virus. I looked at this process running in task manager and its location was in Windows\System32 which seems legitimate. So it this a legitimate process?

  2. I have not received a MAL pop up warning message in a couple of days, seems to have stopped as suddenly as it started. All of the tools and scans that we have run have not detected a virus or spyware. I also ran an Avast boot scan and it did not detect any isuue. So is it safe to now conclude that I have a clean computer at this point>

I have seen several threads since I started mine where users have complained that they suddenly started getting the same pop up warning I was getting for specificlick.net. So is this a fluke warning that all of us recent posters started to get?

  1. Assuming we can conclude that I am safe is it now time to do any cleanup work for all of the tools that I have downloaded in the past few days?

Thank you so much for your help. I am very grateful for your time and patience.