Hi.
I keep getting this message every 2 minutes about the computer is being blocked from communicating with a dangerous site.
It’s really drive me crazy.
What do I do with this?
The object is: 62.122.73.203/545/getcfg.php
The path is: C:\USERS\ADRY\APPdata\Tocal\Temp\dat6248.TMP.EXE
The process responsible for probably trying to access malicious sites, C:\USERS\ADRY\APPdata\Tocal\Temp\dat6248.TMP.EXE, looks like an undetected piece of malware, probably a trojan downloader.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
If multiple scanners detect this it should be sent to avast:
Send the dat6248.TMP.EXE sample to avast as a Undetected Malware:
Open the chest and right click in the Chest and select Add, navigate to where you have the sample and add it to the chest (see image). Once in the chest, right click on the file and select ‘Submit to virus lab…’ complete the form and submit, the file will be uploaded during the next update.
Now try and clear/empty all your temp folders, this may well be protected so it might not work.
So try this tool TFC - Temp File Cleaner by OldTimer
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC. - So as you can see it is important to do the above work and send the sample to avast before running this tool.
####
Now - If you haven't already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).
- 1. MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. [url=http://www.superantispyware.com][b]SUPERantispyware[/b][/url] (SAS). On-Demand only in free version.
Don't worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.