Windows Vista 64 Home Premium
Symantec AntiVirus Corporate 64bit Client installed.
When IE8 is open, Every 30 seconds I get a new Symantec action popup to quarantine a double infection of
an infected file
a browser cache.
Symantec Security Responsehttp://www.symantec.com/security_response/index.jsp
Risk Level 1: Very Low
Discovered: June 7, 2009
Updated: June 8, 2009 1:40:12 AM
Type: Trojan, Virus
Systems Affected: Windows 98, Windows 95, Windows XP, Solaris, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Linux, Windows 2000
SUMMARYBloodhound.PDF.13 is a heuristic detection for files that may have been obfuscated or encrypted in order to conceal them from antivirus software.
random named files in my temp directory.
and Symantec can NOT quarantine or delete this file successfully.
As far as I can tell, Symantec reports the browser cache as being permanently deleted. The associated browser cache file IS being permanently deleted by Symantec.
There were similar named Bloodhound related threads on this forum, however none of them provided a final answer on how to remove the underlying... html kit, rootkit, or whatever is causing this.
I have downloaded GMER, OTL, HJT and MalwareBytes
Several years ago I tried to use ComboFix without the help of the HiJackThis team, and ended up having to reformat and reinstall my OS.
So I come here now asking for your help.
Attached is the HiJackThis log. And the two OTL logs.
Attached is the GMER log:
Merged posts. ~ OB
Edited by Orange Blossom, 17 November 2009 - 11:27 PM.
Deactivate link. ~ OB