Sign in with
Sign up | Sign in
Your question
Solved

Virus?

Last response: in Windows 7
Share
September 9, 2010 3:56:30 PM

Hello all, I am not sure what is going on with my computer and am hoping to get some help.

I have Symantec Endpoint Protection installed and my auto protect continues to quarantine Bloodhound. Exploit. 292 files in batches at the same time (15 today and 9 yesterday). One of the Bloodhound. Exploits is always in the SYSTEM user and the rest are in my user. However whenever I try to run a full scan, it comes up with nothing.

Any clue as to whats going on here/what I can do to fix this thing?

Thanks

More about : virus

a b $ Windows 7
September 9, 2010 4:16:40 PM

Turn off System Restore. Run a scan in safe mode or in normal windows if you AV wont work in safe mode.( It should really), and remove virus. then turn System Restore back on. Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations
m
0
l
a b 8 Security
a b $ Windows 7
September 9, 2010 6:32:48 PM

Run through the malware guide in my signature.
m
0
l
Related resources
September 11, 2010 9:20:17 PM

thanks for the quick replies, I have done what both of you advised and the only thing that came up on the scans were 2 tracing cookies from firefox, and today I just quarantined 59 Bloodhound. Exploit. 292 files.

Any other suggestions or should I just try both aford's guide and mibix's idea again?
m
0
l
a b 8 Security
a b $ Windows 7
September 11, 2010 10:35:32 PM

If you ran through my guide, then all the current infections should be gone. You did run each step in safe mode with networking, right?

If yes, then you're either getting a new infection each day, or your Symantec scanner is feeding you bad results.

Disable or uninstall the Symantec scanner, run through the guide again, and then install Microsoft Security Essentials, Avast, or Avira. Then, see if they notify you of any infections in the next few days.
m
0
l
September 12, 2010 3:14:40 PM

haha yes I did it in safe mode with networking, I'll try what you said and post back in a couple of days
m
0
l
September 22, 2010 6:36:34 PM

ok sorry for the late response I have been busy, so everything is fine now I am using Avira, thankfully those were just false positives, is there anyway to tell where the files that Symantec thought were bad came from? they were all temp files starting with DWH.

thanks for all the help
m
0
l

Best solution

a b 8 Security
a b $ Windows 7
September 22, 2010 6:44:16 PM

Symantec should've given a file location of the files they thought were infected. You can check the time they were created, and maybe the name of the containing file (mozilla, IE, limewire...etc), you can sometimes narrow it down. But it's hard telling sometimes.
Share
September 24, 2010 12:48:50 AM

Best answer selected by pythonic13.
m
0
l
a b 8 Security
a b $ Windows 7
September 24, 2010 2:00:37 AM

Thanx for the vote :) 
m
0
l
!