solved malicious url since installing avast 6

since upgrading to avast 6 i keep getting messages saying malicious url or trojan horse blocked every 5 to 10 mins. i know nothing about computers can anyone tell me why this is happening and if its safe to use my computer.

  1. Don’t panic. As long as the word “blocked” is there, no need to be afraid. ;D

  2. What is your operating system? Windows 7? Vista? XP?

  3. Do you have any other antivirus software installed?

xp and no not that i am aware of

Okay, so here we go:

Download Malwarebytes Antimalware free by clicking on the blue MBAM in my signature.
Install it.
Start it.
Go to the update tab and update it.
Then start a “Quick scan” (takes only few minutes).
A log will appear after the scan - save that to your disk and post the file here (click “Additional Options” at the bottom of post editor window to attach the saved log file).

We’ll continue then.

Scanning now but seems to be taking a while hope you still there

At least two more hours… then it’s time to drive home and I’ll be online again for 2 or 3 more hrs.

We’ll get this done.

You selected “Quick Scan”?

Yes

Still scanning…? :o

wont let me upload file

What? Why not? What does it say?

Can you copy the content and paste it as normal text in a post?

Don’t know how to do that

Open the log-file with notepad.
Mark the text.
Copy it (ctrl + C) and paste (ctrl + V) it in your post.

What is the error message when you try to upload it?

www Malwarebytes’ Anti-Malware 1.50.1.1100
.malwarebytes.org

Database version: 6498

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

03/05/2011 14:04:12
errors2

Scan type: Quick scan
Objects scanned: 185484
Time elapsed: 58 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 22
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 22
Files Infected: 42

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\WINDOWS\igasetacokuvomu.dll (IPH.Trojan.Hiloti.B) → No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMService (Spyware.Passwords.XGen) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Spyware.Passwords.XGen) → No action taken.
HKEY_CLASSES_ROOT\CLSID{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\TypeLib{6F098504-CDB1-420f-A2E6-DDC0B835FEDF} (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\Interface{30B15818-E110-4527-9C05-46ACE5A3460D} (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\HBLiteAX.Info.1 (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\HBLiteAX.Info (Adware.Hotbar) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{4D1EC4CA-4B92-4324-B8F8-C9A6ED06A8AE} (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\CLSID{4E674574-3F0B-491d-8AE3-F90B43A34FD6} (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\HBLiteAX.UserProfiles.1 (Adware.Hotbar) → No action taken.
HKEY_CLASSES_ROOT\HBLiteAX.UserProfiles (Adware.Hotbar) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{4E674574-3F0B-491D-8AE3-F90B43A34FD6} (Adware.Hotbar) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{258C9770-1713-4021-8D7E-1F184A2BD754} (Adware.ShoppingReport2) → No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} (Adware.ShoppingReport2) → No action taken.

CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{DB38E21A-E229-4942-87CE-E717109FC8C6 HKEY } (Adware.ShoppingReport2) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) → No action taken.
HKEY_CURRENT_USER\Software\hblitesa (Adware.HotBar) → No action taken.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\HBLite (Adware.HotBar) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HBLiteSA (HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{EB620C54- Adware.HotBar) → No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Aqiquba (IPH.Trojan.Hiloti.B) → Value: Aqiquba → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\HBLite@HBLite.com (Adware.HotBar) → Value: HBLite@HBLite.com → No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\documents and settings\all users\application data\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) → No action taken.
c:\documents and settings\charlotte\application data\HBLite (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA (Adware.Hotbar) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2 (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\db (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\dwld (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\report (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\res1 (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2 (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\db (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\dwld (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\report (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\res1 (Adware.ShoppingReport2) → No action taken.
c:\program files\HBLite (Adware.Hotbar) → No action taken.
c:\program files\HBLite\bin (Adware.Hotbar) → No action taken.
c:\program files\HBLite\bin\11.0.363.0 (Adware.Hotbar) → No action taken.

c:\program files\HBLite\bin\11.0.363.0\firefox (Adware.Hotbar) → No action taken.
c:\program files\HBLite\bin\11.0.363.0\firefox\extensions (Adware.Hotbar) → No action taken.
c:\program files\HBLite\bin\11.0.363.0\firefox\extensions\plugins (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\start menu\Programs\Hotbar (Adware.Hotbar) → No action taken.

Files Infected:
c:\WINDOWS\igasetacokuvomu.dll (IPH.Trojan.Hiloti.B) → No action taken.
c:\WINDOWS\Temp\cveo\setup.exe (Spyware.Passwords.XGen) → No action taken.
c:\documents and settings\liam\local settings\temp\38.tmp (Malware.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\ecsxamwonr.tmp (Trojan.Hiloti) → No action taken.
c:\documents and settings\liam\local settings\temp\tcj.exe (Heuristics.Shuriken) → No action taken.
c:\documents and settings\liam\local settings\temp\tck.exe (Heuristics.Shuriken) → No action taken.
c:\documents and settings\liam\local settings\temp\tcl.exe (Heuristics.Shuriken) → No action taken.
c:\documents and settings\liam\local settings\temp\tcm.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tcn.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tco.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tcp.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tcr.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tcs.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\liam\local settings\temp\tct.exe (Trojan.FraudPack.Gen) → No action taken.
c:\windows\temp\trz19.tmp (Trojan.Downloader) → No action taken.
c:\windows\temp\trz1e.tmp (Trojan.Downloader) → No action taken.
c:\windows\temp\trz3b.tmp (Trojan.Downloader) → No action taken.
c:\windows\iz3dps.dll (Trojan.Hiloti) → No action taken.
c:\windows\tfozua.exe (Trojan.FraudPack.Gen) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA\HBLiteSA.dat (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA\hblitesaabout.mht (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA\hblitesaau.dat (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA\hblitesaeula.mht (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\application data\HBLiteSA\hblitesa_kyf.dat (Adware.Hotbar) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\Config.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) → No action taken.

c:\documents and settings\Diane\application data\shoppingreport2\cs\db\Sites.dbs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\dwld\whitelist.xip (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\report\send_storage.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Diane\application data\shoppingreport2\cs\res1\whitelist.dbs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\Config.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\db\Aliases.dbs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\db\Sites.dbs (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\dwld\whitelist.xip (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\report\aggr_storage.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\report\send_storage.xml (Adware.ShoppingReport2) → No action taken.
c:\documents and settings\Liam\application data\shoppingreport2\cs\res1\whitelist.dbs (Adware.ShoppingReport2) → No action taken.
c:\program files\HBLite\bin\11.0.363.0\firefox\extensions\install.rdf (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\start menu\Programs\Hotbar\about hotbar.lnk (Adware.Hotbar) → No action taken.
c:\documents and settings\all users\start menu\Programs\Hotbar\hotbar customer support center.lnk (Adware.Hotbar) → No action taken.
c:\documents and settings\ lnk (Adware.Hotbar) → No action all users\start menu\Programs\Hotbar\hotbar uninstall instructions.taken.

thats all of it

  1. Rather heavyly infected…

Run MBAM again and have everything it finds deleted and quarantined.
Then run it again and post the log again.

i still have the malware bytes file on computer should i just quarentine everything now or do i have to run it again first

You can quarantine now. Good. (Reboot may be required)

Then post the log after that.

Pressing quarantine nothing happening should I try remove selected