"threat has been Detected" You just dodged a bullet..

[PeterDonoghue]

Hi All ..
I'm New to all of this ..so Appologies if i dont get it Right ..
I'm Using AutoCAD2007 ...
In the Last Week .. Avast. Keep Telling me "threat has been Detected"
and
avast! saved your computer from crashing
You just dodged a bullet..

Infection Details

URL: http://dackj.tt2.host.dnsdo.com/en/bullet.cd
Process: C:\Program Files\AutoCAD 2007\acad.exe
Infection: URL:Mal

I followed the Information from Here
..http://forum.avast.com/index.php?topic=53253.0

Logs to assist in cleaning malware
« on: January 09, 2010, 03:27:45 PM »

I will attach all the Relevent Reports ..


Please Help ..
Kind Regards...
Peter Donoghue
peterdonoghue@gmail.com

[Pondus]

Do you also have the OTL logs ?

[Buccalup]

Hello,

Earlier this week I received the same notification as the OP and I was skeptical about its origin.  Had a blue screen shut down this morning.  Any assistance will be greatly appreciated.  I'm a paying avast! customer, if that matters.

Thank you!

 

[Asyn]

Hello,

Earlier this week I received the same notification as the OP and I was skeptical about its origin.  Had a blue screen shut down this morning.  Any assistance will be greatly appreciated.  I'm a paying avast! customer, if that matters.

Thank you!

Please start your own topic..!!

[Buccalup]

Thanks for the warm welcome, Asyn.  I thought, apparently mistakenly, given that my issue was related to the OP's topic that my previous post was in accordance with the board's rules.  Back to the drawing board, I go.

[Pondus]

Thanks for the warm welcome, Asyn.  I thought, apparently mistakenly, given that my issue was related to the OP's topic that my previous post was in accordance with the board's rules.  Back to the drawing board, I go.

helping multipl users in same topic will be chaotic

also your computers are not the same on the inside so any fix presented is uniqe for the machine it was made fore
thats why there is a warning on top of every OTL fix

[Buccalup]

Thank you for the explanation, Pondus.  I didn't realize that this forum was operated in such an individualized manner, (which is wonderful, btw), and I now fully understand my faux pas. 

[Pondus]

Thank you for the explanation, Pondus.  I didn't realize that this forum was operated in such an individualized manner, (which is wonderful, btw), and I now fully understand my faux pas. 

you welcome 

this is the guide to follow.  http://forum.avast.com/index.php?topic=53253.0

[PeterDonoghue]

Hi Pondus....
I'm New to all this ..
I will Try and Attach the Missing Report / Reports ??

Hope you are Keeping Well ... Thanks for Speedy Responce ..

Peter

[essexboy]

Let me know if this stops the alerts

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:OTL
O3 - HKU\S-1-5-21-861567501-362288127-1417001333-500\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKU\S-1-5-21-861567501-362288127-1417001333-500..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
[2012/11/25 13:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\vGrabber-software
[2012/11/25 13:40:13 | 000,001,662 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Video Downloader.lnk

:Files
C:\Program Files\W3i

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[PeterDonoghue]

Hi EssexBoy ...
I ran the Program as you Instructed .. Cutting and Pasting the Text you Attached ..
I let the Whole Lot Run ..the computer Re-booted !! ..
The first OLT report was Estabished Then
I tried AutoCAD 2007 Again and got the Pop-UP !!! Again ..
Ok ..
So...
I ran the fix Again .... And am Posting Now .. I have not Tried AutoCAD since ..
The Second OTL report is AFTER .. I ran the Fix Again ..
I will Attach Both Reports HERE !!!
And Will Again .. Try and Run AutoCAD ..
BTY .. autoCAD Works .. except of course Avast .. Pop-UP !! .. Keeps telling me " ,,,,...Threat Ditected !!  !!
I'm Sending this Now !!! .. And Will POST AGAIN !!! .. to let you knpw .. How Things ARE ..
Thanks for all your Help
Much appreciated !!
Kind Regards
Peter ..

[PeterDonoghue]

Ok ..
 I tried Again ..
 To Open AutoCAD !AutoCAD-- Opens OK !! .. BUT ... Avast Pop-Up ,,, is there AGAIN ..

Also I notice ... that after this Happens .. ( Dont Know if this is Revelant) But Internet Exployer Will Then Not Open .. It tell me there is a Comunication Error .. I'm on Laptop .. with Wi-Fi ! .. Connection to my router ..

I have to Do a Work Around !! .. Like Open Google Chrome !!! . Then Close .. then Open Internet Explorer ( V8) .. I dont Like Chrome !!! .as no access to G-Mail ..etc..etc..

Any more Ideas !!! ??
and thanks AGAIN ..for Your Help ..
Peter ..

[essexboy]

How long have you had autocad ? When was the last time it was updated ?

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[PeterDonoghue]

Hi EssexBoy..
Thanks or you continous Support !!!
I downloaded CombiFixfrom on of the Links You Sent Me ..
Saved it to Desktop ..
Clicked'd on it and it RAN ... I think ... I let it run for about 10 Mins .. but it Seamed to Stall !!
I'm not Sure .. it wasent doing Anything !!
Anyways ,,, I had to Switch off and Re-Boot My Laptop !!
Now I had a Look .. Via - Start / Search /All files and Folders .. For "ComboFix.txt "
but Could not Find " include the C:\ComboFix.txt "
A Funny Thing is Happening with .. Start / Search /All files and Folders .. Its dosent seem to STOP .. It Like its going around in a Constant Loop !!!
ANYWAYS..
ComboFix... Created a Folder called "Qoobox."
I had a Look in that Folder ??
and there are 3 ( NEW) folders within Qoobox with todays DATE .. LastRun .. Test & TestC ..
The Test & TestC folders are Empty ..
The LastRun Folder has a File called Gateway ..
The Only .txt File I cound find were 2 .. Which i will attach .. But i think they are OLD Files belong to ComboFIX ..

Do you Think ComboFIX .. Ran ??

BTY .. I Opened AutoCAD .. Opened a Few .DWG File 's .... And .. NO REPORTS from AVAST ..   !!
........ So it Look Like Avast has Stoped Reporting !!. and YES .. Befor you Ask ... It is Running - I had it disabled when Running and Installing ComboFIX !!
Regards..
Peter

[essexboy]

That log is dated September so 'tis a tad old

Does IE open now ?