URL:Mal?

I’ve had the unfortunate pleasure of being one of the victims of the URL:Mal. Avast keeps saying it’s ‘blocking’ a dangerous website, and all I get is the URL:Mal business

So I did find the ‘Logs to assist in cleaning’ topic and did everything it asked and now I want to know if everything is okay or if I need any further assistance~

All Logs attached

I should also add that it keeps doing it despite apparently removing whatever it was on my computer that was a malware. Not only that but now despite having an adblock which never failed before, I’m getting random ads showing.

Did you run AdwCleaner as well ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aq42s3g5)
IE - HKLM\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - SOFTWARE\Classes\CLSID\{32b29df0-2237-4370-9a29-37cebb730e9b}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.conduit.com?searchso [Binary data over 200 bytes]
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - SOFTWARE\Classes\CLSID\{32b29df0-2237-4370-9a29-37cebb730e9b}\InprocServer32 File not found
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No CLSID value found
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\SearchScopes,DefaultScope = {5F970FDE-702B-4ef9-920C-5F2848A5AF26}
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = http://www.astroburn-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
O3 - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll File not found
O3 - HKU\S-1-5-21-715964436-205994579-1868140740-1000\..\Toolbar\WebBrowser: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
[2011/12/22 11:35:52 | 000,000,000 | ---D | M] -- C:\Users\Nikola\AppData\Roaming\OpenCandy
@Alternate Data Stream - 1393 bytes -> C:\Users\Nikola\AppData\Local\Rd8eTj1kBkrdXo:ggaagJ4SBOtoZHo5jZj2xJOyG

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Edit: I’m not sure how to delete my last post but w/e I’ll run the fix.

I ran AdwCleanup and OTL fix, here are the files!

Are you still getting the alerts ?

Nope they seem to have gone, and my browser is now faster, without shockwave crashing :slight_smile:
Thank you so much!!

OK run OTL and press the cleanup button
Run AdwCleaner and press uninstall

Keep safe :slight_smile: