Malicious URL Blocked

Hello–

Over the last few days, I get a malicious URL blocked warning when I visit certain sites (such as weather.com) with Chrome. The warning didn’t come up when I went to weather.com with Firefox. I’ve scanned with Malwarebytes and that says my computer is clean. I also scanned with Avast, and it doesn’t find any infected files either. I ran adwcleaner as well. Is something wrong with my computer or with Chrome, or is this a false positive? I’ve attached a screencap of the warning I received and the webpage it sends me to with more information.

Thanks!

Malwarebytes log:
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.06.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Charles :: CHAMILLER-PC [administrator]

2/6/2013 3:14:03 PM
mbam-log-2013-02-06 (15-14-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 226591
Time elapsed: 15 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

adwcleaner log:

AdwCleaner v2.111 - Logfile created 02/06/2013 at 15:09:53

Updated 05/02/2013 by Xplode

Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

User : Charles - CHAMILLER-PC

Boot Mode : Normal

Running from : C:\Users\Charles\Desktop\adwcleaner.exe

Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Charles\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\Interface{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface{E7435878-65B9-44D1-A443-81754E5DFC90}

***** [Internet Browsers] *****

-\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\g70tbdm7.default\prefs.js

[OK] File is clean.

-\ Google Chrome v24.0.1312.57

File : C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.


AdwCleaner[S1].txt - [2628 octets] - [06/02/2013 15:09:53]

########## EOF - C:\AdwCleaner[S1].txt - [2688 octets] ##########

when it say URL:mal it means the url is on a block list…

report on the url on the bottom avast warning you posted
http://www.urlvoid.com/scan/afe.specificclick.net/

hpHosts list afe.specificclick.net. as ATS

ATS - Ad/tracking servers This classification is assigned for domains being used for advert or tracking purposes

attach a OTL diagnostic log and one of the removal experts will have a look inside
you find it here. http://forum.avast.com/index.php?topic=53253.0

Thanks for the quick reply!

I’m attaching the OTL logs.

i think you may have a small bug sitting in your browser, guessing a easy fix

malware remover is notified, should be here soon. :wink:

Could you run chrome in the incognito mode please and let me know if that stops the alerts

Incognito mode : http://support.google.com/chrome/bin/answer.py?hl=en&answer=95464

I didn’t get any alerts when I was using Incognito mode.

OK start chrome normal then disable the extensions one a t a time, checking between each for redirects
Once the culprit is revealed could you let me know what the name is then uninstall it

Details : http://support.google.com/chrome/bin/answer.py?hl=en&answer=113907

I don’t have any Chrome extensions enabled or installed.

OK we will have to fully uninstall and then re-install chrome

Uninstall chrome via control panel
Then follow the instructions on this page http://support.google.com/chrome/bin/answer.py?hl=en&answer=111899

Reboot and then re-install chrome

Sorry for the delay, was at work for most of the day…

Uninstalling and re-installing seemed to fix the problem. Thanks for the help!

My pleasure, unfortunately Chrome is so different to the other browsers that my tools will not remove cleanly all that can be seen

Run OTL and press the cleanup button to remove it