Receiving many URL:Mal popups with all browsers. How can we avoid being infected by these? Son only downloads and installs STEAM games. Is there software out there to prevent these items from ever getting on the system to begin with?
Thank you for any assistance you can provide. Also, do you see anything in here that would prevent Windows Updates?
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
Farbar Service Scanner Version: 21-07-2014
Ran by Kendrick (administrator) on 23-11-2014 at 15:47:03
Running from “C:\Users\Kendrick.parker-PC\Downloads”
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
Internet Services:
Connection Status:
Localhost is accessible.
LAN connected.
Google IP is accessible. Google.com is accessible. Yahoo.com is accessible.
Windows Firewall:
Firewall Disabled Policy:
System Restore:
System Restore Disabled Policy:
Action Center:
Windows Update:
Windows Autoupdate Disabled Policy:
Windows Defender:
Other Services:
File Check:
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
Yes, chrome is uninstalled. I’m providing updated logs, not sure if it helps. Also screenshot of the URL:Mal message. No threats detected by malwarebytes.
Appears to be working now, no popups. There was an add in for Mozilla that was still causing trouble, but I removed that. Now I’ll try and figure out the Windows update, so I don’t need to wipe the system.