Hi
This is the third attempt at posting here. I have the URL:Mal malware and need help. log files attached.

Could you attach a screenshot of the alert please

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
O4 - HKU\S-1-5-21-1343024091-1482476501-725345543-500..\Run: [hjvfrxuc] E:\Documents and Settings\Administrator\Local Settings\Application Data\jwasjqrf.exe ()

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Here are two more log files

Could you attach a screenshot of the alert as there is more data there

Hi essexboy - thanks so much for the assist here. The alert isn’t happening anymore but it was the red alert box from avast and it was popping up like every few seconds after my last boot (which followed a boot scan by avast). It stopped popping up after I ran all these scans and fixes, but Malwarebytes is still seeing requests to bad URLs so I know its still there lurking. I will run the OTL fix now and send the result.
Best,
Jim

but Malwarebytes is still seeing requests to bad URLs so I know its still there lurking.
when not doing anything .....or when surfing the net?

When surfing especially using Google search box.

How long is OTL supposed to take? It’s been running for several hours now. It says “Killing processes do not interrupt”

OK that is MBAM blocking it… Could you temporarily uninstall MBAM, run the OTL fix and then reinstall MBAM

Hi essexboy,
Ok I didn’t unistall MBAM - I just shut it down and the the fix ran fine. OTL log file attached. Let me know if I do need to uninstall MBAM and rerun the OTL fix.
Thanks!
Jim

Has the alert now ceased ?

I got the avast! red warning box last time I booted the laptop and I still am getting the Malwarebytes alert whenever I go to Google.com - see attached screen capture for malwarebytes alert. I will reboot and capture the red alert box and attach it in my next post.

Oops - I spoke to soon. This time I didn’t get the red alert box from Avast! when I booted, just the Malwarebytes alert.

Hmm that is the German telecom server, does this only occur on google

yes and only in Firefox it seems. When I try to access gmail through Firefox, it hangs at the Loading progress bar, but I can access it through IE just fine.

OK lets try this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
[2013/10/11 08:48:28 | 000,004,232 | ---- | M] () (No name found) -- E:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\6w25ljzd.default\extensions\{915d9670-31c7-11e3-8277-b8ac6f996f26}.xpi

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Hi essexboy,
Ok - ran the OTL fix. Attached are two log files - the one OTL created after the fix and the second is OTL’s log after the Quickscan. Malwarebytes is no longer causing the alert when I go to Google.com and gmail is loading properly again! You’re amazing. Please advise on next steps!

Looks much better, any further problems

No other problems I can see at this time. Thanks so much for your expert guidance!
Best,
Jim

In that case methinks I will send you on your merry way :slight_smile:

Subject to no further problems :slight_smile:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Run AdwCleaner and select Uninstall

Delete AswMBR from the desktop

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF



:Commands
[CLEARALLRESTOREPOINTS] 
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
[*]Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave: