12-15-2009 11:15 AM
Apollogies in advance to all if this has been answered and I just couldn't find the answer. I've searched with "Adobe" here and else where and find references to the terrible nasty virus attacking the Adobe 9.1 and earlier and can only find recommendations to uprade ( already done that of course) but nothing about removal tools to un-do the virus....So...
This started when I was viewing a PDF on my local drive and received a sudden grey pop-up that did not have the usual appearance as in Windows with the navy blue header or an Adobe logo on it ... It read approximately "Adobe update 9.0 downloading..." and I immediately cancelled it. However on the next bootup I couldn't startup normally and WinXP just powered off- over and over. I couldn't even boot up into safe mode and ended this by booting into LAST KNOWN GOOD. Next I uninstalled all ADOBE components and DL'ed new ADOBE READER 9.2, FLASH 10 and the mandatory AIR. Also ran LIVE UPDATE and full scan
Sys = WinXPSP3 with auto-update,, NIS '0917.1 running nearly daily LIVE UPDATE and QUICK SCANS, ACER netbook wireless 3G via tether WiFi is disabled, all NIS-found cookie domains added to the PROHIBITED SITES list in IE7
Now a blank GOOGLE search web page as my home page >www.google.com< takes 30-40 seconds to load instead of the usual 3-4 seconds and even this post screen is so unresponsive it's like back in 1985 teletype terminals. If NORTON is just an 'alarm' and not a removal tool, where is a searcch term to find a tool to find & remove whatever bug I've caught?
Thanks in advance and happy holidays to all :-)
12-15-2009 11:21 AM - edited 12-15-2009 11:23 AM
A couple of questions advices first :
Never ever use this flawed application Adobe Reader . Foxit Software products are much smaller , much ligher and not that vulnerable as Adobe softwares . If you are typical home user and don't need something specific that might be available only on Adobe products , immediately get rid of their reader and install FoxitReader from www.foxitsoftware.com
You mention you've got NIS 09 but also write 17.1 (version 17.1 is Norton 2010)
1. Open your Norton product
2. Click Help&Support , then Check for New Version
If you need , do upgrade to version 2010
Run Live Update , update and perform full scan.
Finally , download Malwarebytes AntiMalware (MBAM) from http://www.malwarebytes.org/mbam.php
(Free version) . Do install it and Update it . At the end , leave it run Quick Scan . It might take about 5 minutes.
At the end , post MBAM's log.
12-15-2009 11:30 AM
There are a few things you can do to see if it improves the situation first. Clear your browser cache and the Windows>temp files. You can give us a Hijackthis log, just use the executable file for the download. This will let us look at what is on your system that might contribute to the problem. Also, you can download and install Superantispyware, to see if it picks up anything of note.
When something like this occurs, it is unwise to click on anything. If you are connected to the net via wire, disconnect it right away. Use Alt+F4 or Ctrl+F4 to back out of where you are. Then clear caches and temp, then run scans.
You will be able to save the logs to Notepad and attach using the "add attachments" link you will find below the orange post button.
12-15-2009 12:07 PM
I just read that there is a security issue with Adobe Reader again and that it is in the wild. They are looking into another update and suggesting that you turn off Java Script. Here is the article about that.
Success always occurs in private and failure in full view.
12-15-2009 12:43 PM
You can give us a Hijackthis log, just use the executable file for the download. This will let us look at what is on your system that might contribute to the problem.
HiJackThis is an extremely outdated utility that is pretty much useless nowadays . It doesn't provide the information necessary to have a look at everything that starts-up automatically . Microsoft Autoruns is the one that gives enough information for all autoruns http://technet.microsoft.com/en-us/sysinternals/bb
963902.aspx , and it can save a pretty compact log file
12-16-2009 02:38 AM - edited 12-16-2009 02:45 AM
So first, thanks to all and regrets I didn't know 17.1 was NIS 2010, minor demerits I hope. I still don't see 2010 listed in ABOUT yet I accept the naming.
Next ADOBE is gone, as in removed entirely and my browser improved immediately but not entirely back to 3-5 seconds to load GOOGLE.COM. And Ididn't mention prior that clearing all files is SOP after every web sessionsi n my world. Thanks for all suggestions and warnings.
Then I DL & quickscan (9mins 5 sec) with MBAM - it found no malicious infected items at all.
Then I also performed LIVE UPDATE in NIS and a FULL SCAN and no threats detected.
Then I DL & ran AUTORUNS.
There are several files with no DESCRIPTION, PUBLISHER, and file path not found <<<< IS THIS what I'm tying to find?
12-16-2009 07:06 AM - edited 12-16-2009 07:09 AM
It would help us if you would run a HiJackThis scan and post the log here using the add attachment under the post button. The log will show us what you are running on your computer. Sometimes entries on there can point or give clues to something malicious or to missing files or to old programs which should be updated. Yes it is one scan which can't provide all the necessary information, but it can help to find problems with some things. HiJackThis is a dangerous tool in the hands of people who don't know what to do with it and try deleting things which shouldn't be deleted.
Please download HiJackThis from http://www.malwarehelp.org/how-to-curepart-3-using
Since you are running a netbook, you have to make sure you have the right types of programs on it and that they aren't too intensive for a netbook also. With a netbook, you are limited as to what you can use it for.
Success always occurs in private and failure in full view.