Is this a virus?

I keep getting the message that the computer is being blocked from communicating with a dangerous site:

the object is 62.122.73.203/545/getcfg.php

The path is in the C: Asus/Appdata/Local/Temp/DAT827F.tmp.exe

Apparently it’s related to a async file, as it’s named Async Trace DLL

What do I do with this?

You might have been infected with either TR/Kazy.8389.7/6 or TR/DyCode.B.9 or TR/Malagent.A.536 or Trojan-Dropper.Win32.Mudrop.as this domain is alive and spreading these kinds of malware:
I think it is the Mudrop one, because no av detects this as yet there: http://forum.avast.com/index.php?topic=61867.0 and for cleansing: http://forum.avast.com/index.php?topic=61867.0 (use safe mode and disable/enable system restore),

polonus

Okay, as I am a complete and total newbie, is there a step-by-step detail for me to follow, somewhere? I am very nervous about trying to do anything with the computer’s “innards”, as it were.

Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs HERE in this topic and not in the guide )

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log )

Essexboy will look at the log`s when he arrives here later today

Okay, I’ve followed that stuff - the logs are attached.

Essexboy will be here in about 2 - 3 hours

Knock wood - but so far the problem hasn’t been huge, just highly annoying. Unfortunately, the reports I could understand said nothing was wrong. ???

Thank you for all your help.

C: Asus/Appdata/Local/Temp/DAT827F.tmp.exe
you may try this while waiting, it sometimes work

Temp File Cleaner by OldTimer
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.

[Unregister Dlls]
[Processes - Safe List]
YY -> dat827f.tmp.exe -> C:\Users\Asus\AppData\Local\Temp\DAT827F.tmp.exe
[Registry - Safe List]
< FireFox Extensions [Program Folders] > -> 
YY -> Java Console   -> C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
YY -> Java Console   -> C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
YY -> Java Console -> C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
< Run [HKEY_USERS\S-1-5-21-350271379-3965886678-2468626992-1000\] > -> HKEY_USERS\S-1-5-21-350271379-3965886678-2468626992-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> "DAT827F.tmp.exe" -> C:\Users\Asus\AppData\Local\Temp\DAT827F.tmp.exe [C:\Users\Asus\AppData\Local\Temp\DAT827F.tmp.exe]
[Custom Items]
:Files
ipconfig /flushdns /c
:end
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
  

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

I tried the latest suggestion by Pondus, and for the time being, I haven’t had any more pop-up messages. Should I still try the fix, or will it cause a new problem if the issue has been cleared up already?

follow Essexboy advice

Here’s the latest log.

TFC killed the file and I removed the reg key ;D

How is it running now ?

Running smoothly and there’s no pop-up panic. Yay! :slight_smile:

I do believe y’all are geniuses. Heh. I can’t thank you enough, honestly. I know it’s ridiculous, but even with all the backups in the world - remote or otherwise - my whole blinkin’ world is on this thing. I tend to panic easily, so you’ll probably hear from me again.

I apologize in advance for that, of course.

No probs - just run OTS and hit the cleanup button

Hi, uhm, I also got this an hour ago or so, and I tried the fix, but unfortunately, it didn’t work for me.

If it’s any help, I will note that I only downloaded OTS, and the MalwareBytes Anti-Malware.

I have the logs from my most recent try (I’ve tried twice as of this post). As should be obvious, I’m also a complete newbie, and I ask that you be patient with me, if I am doing something wrong.

when you ask for help, always start a new topic and not inside someone else’s
helping multiple people in same topic will be chaotic

you find the new topic button above the orange line here http://forum.avast.com/index.php?board=4.0

Alright, I will, thanks for pointing that out.