I've been preparing to post a HJT log for my parents' computer, following the guidance set out. I thought I'd also run through it on my computer for good measure (and also to see if my parents' computer really is running as slow as we think)
As part of the preparations, I used the BitDefender online scan which removed a few old cookies on both machines but now I am left with an orange PC-cillin alert of suspicious changes. When I click Manage Changes it gives me the following details.
QUOTE
ActiveX and other downloaded software (1 change detected)
-BDSCANONLINE control
SOFTWIN(System Change)
Risk Level: Low
Description:
You have downloaded and installed new software from a web site through Internet Explorer. This software permits the installation of still other software components with even more access to your computer without your approval (so-called "drive-by downloads"). Once enough downloaded components have accumulated on your computer, very dangerous software can start running without your permission.
Details:
Description: BDSCANONLINE Control
Source URL: http://download.bitdefender.com/resources/scan8/oscan8.cab
Component File(s): C:\WINDOWS\bdoscandellang.ini,C:\WINDOWS\bdoscandel.exe,C:\WINDOWS\Downloaded Program Files\live.ini,C:\WINDOWS\Downloaded Program Files\scanoptions.tsi,C:\WINDOWS\Downloaded Program Files\lang.ini,C:\WINDOWS\Downloaded Program Files\ipsupd.dll,C:\WINDOWS\Downloaded Program Files\bdupd.dll,C:\WINDOWS\Downloaded Program Files\libfn.dll,C:\WINDOWS\Downloaded Program Files\bdcore.dll,C:\
Company: SOFTWIN
Product(s): bdscanonline
Recommendation:
Although suspicious, this new software or change may serve a legitimate purpose. Please investigate further before taking steps to correct this possible problem.
-BDSCANONLINE control
SOFTWIN(System Change)
Risk Level: Low
Description:
You have downloaded and installed new software from a web site through Internet Explorer. This software permits the installation of still other software components with even more access to your computer without your approval (so-called "drive-by downloads"). Once enough downloaded components have accumulated on your computer, very dangerous software can start running without your permission.
Details:
Description: BDSCANONLINE Control
Source URL: http://download.bitdefender.com/resources/scan8/oscan8.cab
Component File(s): C:\WINDOWS\bdoscandellang.ini,C:\WINDOWS\bdoscandel.exe,C:\WINDOWS\Downloaded Program Files\live.ini,C:\WINDOWS\Downloaded Program Files\scanoptions.tsi,C:\WINDOWS\Downloaded Program Files\lang.ini,C:\WINDOWS\Downloaded Program Files\ipsupd.dll,C:\WINDOWS\Downloaded Program Files\bdupd.dll,C:\WINDOWS\Downloaded Program Files\libfn.dll,C:\WINDOWS\Downloaded Program Files\bdcore.dll,C:\
Company: SOFTWIN
Product(s): bdscanonline
Recommendation:
Although suspicious, this new software or change may serve a legitimate purpose. Please investigate further before taking steps to correct this possible problem.
The alerts pop up unexpectedly and when I open Add/Remove programs, or running any other program (or at least some, including Notepad & Calculator, to mention some base level programs)
I have clicked Allow on the alert but it keeps coming back. If I choose to undo them they will be blocked permanently... great for stopping the alerts (presumably) but what if I need to use the online scan again? Will it be affected?
My parent's also use PC-cillin so I expect to see the same happening there when I go back to it but they had other issues to start with...
I can't find anyone else mentioning this here, which I thought was rather odd given the number of members that must have used it...
Am I OK to just remove the files mentioned? There is nothing in Add/Remove to uninstall it.
