AvenueMedia.DyFuCA

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Windows Defender (Beta 2) is set to run automatically every day at 2:00PM.
Over the last 2 weeks, the Trojan listed above has been detected and
successfully removed every day. My AntiVirus (Norton 2006) and my other
spymware/adware programs have not detected its presence. I am running
Defender V. 1.1.1347.0 and Definitions V.1.14.1643.13. I also ran a search
of my system (XP Home SP-2) and could not locate this file. Thanks.
 
Jim;
It's probably being detected in System Restore, take a look in the System
Event log to see exactly where it's being located. Another quick check
would be to turn off the option "Scan the contents of archived files and
folders for potential threats." WD does not clean detections in System
Restore or detections in zipped (archived) files, or quarantined files, all
those have to be cleaned manually but they are not harmful in that state.
 
Hi Dave:

Thanks for your post. I deleted all previous System Restore points,
cookies, internet files, etc. Also, unchecked the box in WD "scan the
contents of archived files & folders for potential threats". I found the
"offending" file in my Norton A/V 2006 Quarantine folder lableled as
"3BF16F46". I was unable to delete it or rename it as I kept getting the
"access denied" message. Since I was unable to delete or rename the file, WD
keeps "finding" it and removes it as the default setting. Any suggestions?
Thanks.
 
Hi Dave:
Success!!! After my first reply to you, I went into the Norton A/V 2006
program and clicked on the Quarantine & Restore link listed under the Reports
link. There were 5 high risk items quarantined, so I deleted them all. Then
I went back to the Norton Quarantine folder and the "3BF16F46" file was gone.
Then I ran WD and no items were found that needed attention. Thanks for
your thoughtful post to my query.
 
BTW VailJim , Thanks for posting back and thanking another very dedicated and
knowledgeable user. That's always a nice jester when we get back a post
indicating if the suggestions were helpful or not.
--
 
Great to hear Jim, you got it. So you should force one new restore
checkpoint now since your system should be ultra clean at this point.
You need a good restore point in case something critical might happen.
 
--
Blue 2009


Dave M said:
Jim;
It's probably being detected in System Restore, take a look in the System
Event log to see exactly where it's being located. Another quick check
would be to turn off the option "Scan the contents of archived files and
folders for potential threats." WD does not clean detections in System
Restore or detections in zipped (archived) files, or quarantined files, all
those have to be cleaned manually but they are not harmful in that state.

--

Regards, Dave


Thanks Bill, I have already found (I think) their location and didn't know that I could do what you have suggested, but i will try and keep you all posted.
 
Some folks are comfortable at the command line and others are not--let us
know if you need step by step instructions for something.

 
Back
Top