Author Topic: URL:Mal  (Read 17013 times)

0 Members and 1 Guest are viewing this topic.

rbabyak

  • Guest
URL:Mal
« on: June 11, 2012, 07:18:00 PM »
When using IE, I keep getting the following popup from Avast.  I'm running the Free version. It's extremely annoying. If I use Firefox, I don't have this pop up. Please advise how it can be fixed.

You just dodged a bullet
You may be wondering how you ended up with a virus, especially if you were visiting a ‘normal’ site. The latest research from the avast! Virus Lab shows that more than 80% of malware (viruses, spyware, and the like) spreads through legitimate websites, with only 1% coming from suspicious or ‘dodgy’ sites.

Good thing avast! had your back.

URL: "http://includeit.info/scripts/inl_dmmtc/inldmmtch.js
Process: "C:\Program Files\Internet Explorer\iexplore.exe
Infection: "URL:Mal"

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

brilleaben

  • Guest
Re: URL:Mal
« Reply #2 on: June 14, 2012, 12:07:54 AM »
I'm having the same problem, but in FF13. Did you resolve yours? A french and german dude(tte) seem to have the same problem, but otherwise Google returns so search results. It happens every single time I refresh and also other times.

rbabyak

  • Guest
Re: URL:Mal
« Reply #3 on: June 14, 2012, 04:36:53 PM »
No, mine hasn't been resolved and no one has come up with any suggestions. I'm seeing tons of posts on the same problem.

Someone, help please!!! This is so annoying and Avast doesn't appear to be concerned about people using their free version. With this type of support, I certainly am not motivated to purchase a full version.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89015
  • No support PMs thanks
Re: URL:Mal
« Reply #4 on: June 14, 2012, 05:14:34 PM »
@ rbabyak
- Please 'modify' your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.

Do you happen to be trying to connect to that website ?

Avast isn't the only one to consider that site malicious/suspicious http://sitecheck.sucuri.net/results/includeit.info, though the site appears to have been taken down by the host.

If you aren't trying to connect to that site, then there is a possibility that your browser may have been exploited to redirect to malicious sites.
- This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

rbabyak

  • Guest
Re: URL:Mal
« Reply #5 on: June 14, 2012, 08:14:08 PM »
Here is the OTL file you requested.

I ran the scan as instructed. Since you didn't request the extras file, I am not attaching it.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89015
  • No support PMs thanks
Re: URL:Mal
« Reply #6 on: June 14, 2012, 08:29:25 PM »
I didn't specifically request anything other than you read the information and attach the log(s), which include more than just OTL so that a specialist can analyse them. I'm just preparing the ground.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

rbabyak

  • Guest
Re: URL:Mal
« Reply #7 on: June 14, 2012, 09:07:07 PM »
I sent the OTL log and am running the aswMBR scan. It's been running for a long time and appears to have stopped without completion. It's been on the same file for over 45 minutes.

Please advise.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89015
  • No support PMs thanks
Re: URL:Mal
« Reply #8 on: June 14, 2012, 10:43:41 PM »
I would stop it and run it again, but in the AV Scan selection, rather than Quick, select None, that should hopefully at least allow it to complete. You can also attach the extras.txt, since OTL is complete.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: URL:Mal
« Reply #9 on: June 14, 2012, 10:50:47 PM »
There is not a great deal showing there - I will need the aswMBR log

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Quote
    :OTL
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Complitly) - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Documents and Settings\PC1\Application Data\Complitly\Complitly.dll (SimplyGen)
    O3 - HKU\S-1-5-21-4006778571-1867818608-3964762099-1004\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
    O4 - HKU\S-1-5-21-4006778571-1867818608-3964762099-1004..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://connectwisepartnersummit.com/breakout-sessions/i-want-more-than-connectwise-reports-and-dashboards/" File not found

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89015
  • No support PMs thanks
Re: URL:Mal
« Reply #10 on: June 14, 2012, 10:53:45 PM »
Thanks for joining the topic essexboy.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

rbabyak

  • Guest
Re: URL:Mal
« Reply #11 on: June 14, 2012, 11:33:03 PM »
Attached are the Extras.txt, MBR.dat and aswMBR.txt files.

davidle

  • Guest
Re: URL:Mal
« Reply #12 on: June 15, 2012, 06:29:58 AM »
I've got this problem too! Hope it gets fixed for you, then I might give it a go.

davidle

  • Guest
Re: URL:Mal
« Reply #13 on: June 15, 2012, 06:35:32 AM »
btw I'm using Chrome, would it have something to do with JavaScript console???

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: URL:Mal
« Reply #14 on: June 15, 2012, 06:36:55 AM »
I've got this problem too! Hope it gets fixed for you, then I might give it a go.

Please start a new topic and attach your logs.
You can't use the advice given here, as it's only relevant for the OP's system.

Edit: Typo.
« Last Edit: June 15, 2012, 08:10:35 AM by Asyn »
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0