Hello all, I am not sure what is going on with my computer and am hoping to get some help.
I have Symantec Endpoint Protection installed and my auto protect continues to quarantine Bloodhound. Exploit. 292 files in batches at the same time (15 today and 9 yesterday). One of the Bloodhound. Exploits is always in the SYSTEM user and the rest are in my user. However whenever I try to run a full scan, it comes up with nothing.
Any clue as to whats going on here/what I can do to fix this thing?
Turn off System Restore. Run a scan in safe mode or in normal windows if you AV wont work in safe mode.( It should really), and remove virus. then turn System Restore back on. Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations
thanks for the quick replies, I have done what both of you advised and the only thing that came up on the scans were 2 tracing cookies from firefox, and today I just quarantined 59 Bloodhound. Exploit. 292 files.
Any other suggestions or should I just try both aford's guide and mibix's idea again?
If you ran through my guide, then all the current infections should be gone. You did run each step in safe mode with networking, right?
If yes, then you're either getting a new infection each day, or your Symantec scanner is feeding you bad results.
Disable or uninstall the Symantec scanner, run through the guide again, and then install Microsoft Security Essentials, Avast, or Avira. Then, see if they notify you of any infections in the next few days.
ok sorry for the late response I have been busy, so everything is fine now I am using Avira, thankfully those were just false positives, is there anyway to tell where the files that Symantec thought were bad came from? they were all temp files starting with DWH.
Symantec should've given a file location of the files they thought were infected. You can check the time they were created, and maybe the name of the containing file (mozilla, IE, limewire...etc), you can sometimes narrow it down. But it's hard telling sometimes.