Avast was recommended to me from a friend from the security forum at dslreports. However it’s giving me constant MAL:URL Process windows/explorer.exe popups for a few days now.
I’ve followed several steps to clean and test eg. cleaned temp files, ran malwarebytes, avg, online bitdefender scan and they all come up with nothing.
Another security forum suggested I post here since they couldn’t see anything in all the logs which would suggest anything was wrong. No one can tell me why I’m getting these constant popups.
You have something else on your system that is misusing the explorer file.
This needs further analysis by a malware removal specialist: Follow the information on the link you were given. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Just to start the ball rolling until I get to school, this is the threadhttp://www.dslreports.com/forum/r26942098-Malware-Malicious-URLI posted in yesterday with the logs I was asked for.
The idea is to post the loge here in your post and not on another site.
The helpers are hardly going to visit another site where they would have to register to be able to post.
This forum has the ability to attach the logs to the post so you don’t have to copy and paste the contents over a number of posts, that is easier for you and for the one trying to help.
It wasn’t my intention to not post logs here David, my apologies if I offended. I was just getting a little ansy knowing something was wrong, and not being at work sat at the pc trying to get it fixed.
That said, I’m at work now, and here are the first two logs .I’m not getting the Extras.txt generated after running OTL.txt and I ran it twice. The same thing happened yesterday.
You normally only get the extras.txt when you first run OTL, so I don’t know where it went.
It may be a little while before someone can analyse the logs, essexboy will be at work, he is normally on the forums from about 7PM UK time (now 2pm). Unless one of the other malware removal specialists can pick it up.
Not sure if anyone had time to look at the logs, but since yesterday I downloaded and ran combofix. Since running it, and numerous reboots the mal:url popups have ceased.
Essexboy is normally he one to analyse the logs, but as you can imagine he can get very busy and his time on the forums is limited.
Generally we don’t recommend running Combofix except under guidance as it is a powerful tool and with some of the new malware (you have to get the removal order correct or it can have adverse consequences).
So I think the logs still need to be analysed, to get an idea of what it was to start with and after running combofix (attach that log), essexboy may ask for another OTL scan to ensure everything was removed.
EDIT: I have PM’d essexboy, so hopefully he will be able to get on it after work.
I understand how busy everyone is and I appreciate the effort you guys put into the site.
Combofix was last resort, and hopefully it worked. Logs attached.
I notice from your combofix log - Having two resident anti-virus scanners installed is one too many and not recommended as rather than provide twice the protection it can cause conflicts that could leave you more vulnerable as the two dogs fight over the same bone.
It doesn’t matter if only one is active as that is the nature of resident antivirus scanners, they install low level drivers to hook files so that they can be scanned, it is these low level drivers where the fight starts.
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Trend came with the pc and was never run or activated. I thought I’d uninstalled it, obviously something is lingering. I will check when I go back into work. However, I’m done for the weekend, I don’t go back in until Monday so please don’t think I’m ignoring your advise and fix. I will take care of both on Monday and post again. Have a good weekend.