Repeated bloodhound.pdf.28 infections
Posted 04 July 2013 - 08:21 AM
Posted 04 July 2013 - 09:47 AM
Then make sure you have the latest Java which today is 7 update 25. Once you update, I'd go into the Control Panel, Java, and then Security. Slide it up to the highest security level and then if you don't use Java everyday I would uncheck Enable Java Content in Browser. OK. If you go to a website that absolutely needs Java you will have to go back in and check the box again.
Posted 05 July 2013 - 07:33 AM
I did not know the new log file would overwrite the old one and be given the same name, but I don't think this should be a problem.
I tried to attach last night's log file but I got an error message trying to zip it and it was automatically renamed "aswBoot.zip.tmp" and when I attempted to attach that file, website says "you aren't permitted to upload this kind of file." If you need last night's scan log, let me know what to do to send it to you.
Posted 05 July 2013 - 10:10 AM
You can click on Settings and then Virus Chest then change Maximum Size of Chest to 0. Alternatively you can just let it delete everything it finds. Go back in to Security, Antivirus and under the settings for the Boot-time scan change it to Delete. OK
Posted 05 July 2013 - 10:43 AM
I cleared the Java cache & updated it as per your instructions. I also updated my version of Fox-It Reader. The reason I switched to Fox-It was my belief that my "bloodhound" problem was some type of exploit of Adobe Reader.
Posted 05 July 2013 - 11:54 AM
I expect that since both programs work about the same they may both be vulnerable to the same exploits. In any case anything that interfaces with the Internet (as Java, Adobe Reader and Foxit do) needs to be kept up to date.
Posted 05 July 2013 - 12:20 PM
Posted 05 July 2013 - 03:21 PM
Posted 05 July 2013 - 05:21 PM
This helps eliminate a possible threat.
Posted 05 July 2013 - 06:19 PM
Anyway, what's next?
Posted 06 July 2013 - 12:51 AM
I think the files were really deleted. You do have two corrupt archives which you should manually delete:
C:\Users\RR\Downloads\Touch Pro2 apps\NYDNPocketPC2005.CAB
I would run the boot-time scan one more time just to be sure but I think you got it all. Does your hard drive have more space now?
Posted 06 July 2013 - 11:14 AM
I manually deleted the two files you said were corrupted and then I emptied the virus chest.
I will run another boot-time scan tonight and send you the report. I will worry about reactivating Windows 7 after that.
Posted 07 July 2013 - 09:39 AM
1. When doing a Boot time scan, in "settings" should areas to be scanned be "All hard disks" and/or "system drive"? I did check both but I am not sure that was necessary but I did not know what system drive refers to.
2. What type of AVAST scans should I do in the future? Full System scans?
3. Should I delete Symantec Endpoint Protection? If so, how will I know if those temp files start accumulating again? (The Symantec dialog box listing all those files that popped up each time was annoying but at least it notified me that malware was detected.) Will AVAST pick them out like Symantec did? After constantly manually deleting the quarantined files in Symantec why wasn't my system clean? Will similarly nfected files just pop up again?
4. Is it safe to delete old Malwarebytes logs?
5. Re: Windows reactivation: Is it necessary? In Control Panel/System and Security/System it says "Windows is activated" and gives my Product ID #.
Posted 07 July 2013 - 10:17 AM
I think we have proven that Avast can detect the problem so I don't see any reason to keep Norton. You will probably need to reactivate the Norton drivers and services using Autoruns in order to remove Norton. Make sure you run the Norton Removal Tool also: ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
Obviously Norton has a problem cleaning its Quarantine folder - or you just told it to hide them rather than delete.
You can remove any MBAM logs.
You only need to reactivate if it is saying your copy is not legal. If the error has gone away then don't worry about it. If you still have the error and reactivating doesn't help you can try a System Restore to a time before we ran the boot-scan. If all else fails you will have to call Microsoft and get them to fix it.
Posted 08 July 2013 - 08:10 PM
If not, what, if any, of the tools I downloaded for your evaluation should I keep?
I've noticed two new things: (1) All file full name extensions are now visible, and (2) Some folders in My Documents now have a picture of a lock next to their icons, and when I click on those it tells me the folder is unavailable to me ("access is denied"). These folders appear to be duplicates of unlocked folders with the same names in the Documents library.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users