system
1
I always get a popup message saying ‘Malicious URL blocked, avast Network Shield has blocked a harmful site’ every few minutes. The details of the popup message are:
object: http:/networksecurityx.hopto.org/
infection: URL: Mal
process: C:\PROGRA~1\TURBO~1.…_hfilter.dll
i found the .dll file from ‘C:\Program Files\Turbo Internet\plugin’. Under the file name of this .dll file says it is a firewall helper. I don’t recall installing turbo internet on my computer. deleting the folder or the .dll file is denied because it is being used.
I honestly don’t know how to fix this problem.
Your help is very much appreciated.
Pondus
2
follow instructions and attach logs (not copy and paste) http://forum.avast.com/index.php?topic=53253.0
run in order listed
AdwCleaner / Malwarebytes / OTL / aswMBR
when done, removal experts will be notified and help you
when finish, all tools used will be removed
system
3
thanks. following the procedures now. attached here is the log from adwcleaner.
system
4
attached here is the log from malwarebytes
system
5
attached here is the log from OTL
Pondus
6
when done… rerun AdwCleaner … and this time click clean
malware removers are notified, it may take some hours before they are online so be patient
system
7
attached here is the log from OTL …
system
8
attached here is the log from aswMBR
Is this an internet café computer ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll File not found
[2013/11/01 09:56:23 | 000,328,123 | ---- | M] () (No name found) -- C:\Documents and Settings\DAWALA\Application Data\Mozilla\Firefox\Profiles\e1q1ywbh.default\extensions\jid0-raWjElI57dRa4jx9CCiYm5qZUQU@jetpack.xpi
[2013/11/01 09:45:13 | 000,160,554 | ---- | M] () (No name found) -- C:\Documents and Settings\DAWALA\Application Data\Mozilla\Firefox\Profiles\e1q1ywbh.default\extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi
[2013/11/09 13:36:46 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\svchost0
[2013/11/05 13:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Turbo Internet
[2013/11/13 15:19:39 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\hpopkoux.sys
[2013/11/13 12:30:16 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dyjsxcn.sys
[2013/11/11 19:21:39 | 000,000,000 | ---D | M](C:\wind?ws) -- C:\wind?ws
[2013/11/11 19:21:39 | 000,000,000 | ---D | C](C:\wind?ws) -- C:\wind?ws
:Files
C:\Program Files\Turbo Internet
C:\Program Files\Minibar
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
system
10
yes this is an internet cafe computer. i cannot do the OTL fix right now, perhaps later or tomorrow. on the other hand, when i tried to open avast user interface, a authorization window appears saying that an attempt has been made to enter a protected area of avast (general program access), requiring a password. i do not know the password,in fact i didnt set the password. what should i do to remove or know the password?
Pondus
11
If you dont know the password you need to use the uninstall tool www.avast.com > support > downloads
Then reinstall avast
system
12
should i uninstall the avast via control panel? i cannot find the uninstall tool in avast directory.
Pondus
13
If password protected the only way is the uninstall tool
Pondus
14
Is this your internett cafe?
Does your customer use USB stick on the computers?
If so this is a free must have program MCShield usb protector www.mcshield.net
You may wait with installing that untill you get all clear from essexboy
system
15
after running uninstall utility, the files in avast directory were completely removed/deleted. i installed the latest avast free antivirus. i think the one i uninstalled was a pro antivirus since the one i am currently using does not have a network shield.
The shields within V9 have merged so there will appear to be less than V8
How is the computer behaving ?