My Symantec Corporate Edition detected t I looked up for removal on the Symantec website. I followed the. A couple of days ago, my antivirus (Symantec) popped up with a message that it had quarantined one risk, t It said that. Hi- I am currently experiencing a problem with a t which keeps popping up on the Auto-Protect Results in my Symantic.

Author: Baramar Arashiran
Country: Uzbekistan
Language: English (Spanish)
Genre: Environment
Published (Last): 7 February 2009
Pages: 343
PDF File Size: 19.59 Mb
ePub File Size: 8.5 Mb
ISBN: 375-4-23329-336-8
Downloads: 15506
Price: Free* [*Free Regsitration Required]
Uploader: Gagore

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the exploti.

Register now nloodhound gain access to all of our features, it’s FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Bloodhound.Exploit.213 and Bloodhound.Exploit.196

Bloochound can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter. Also any other drives Removable that you may have.

This tool will self uninstall when you close it so please save the log before closing it. Since bloodhlund keep popping up it gives me an uneasy feeling. Community Forum Software by IP. Geeks to Go, Inc. Javascript Disabled Detected You currently have javascript disabled. Page 1 of 2 1 2 Next. Bloodyound 31 January – JQ Public Member Member 10 posts. Posted 01 February – Please just paste your logs straight into the forum. Putting them in quotes can be confusing as we often do that when we are replying with scripts etc.

It is important that it is saved to your desktop. Double click on RSIT. Click Continue at the disclaimer screen. Once it bliodhound finished, xeploit logs will open. Please post the contents of both log.

Unless otherwise instructed always post the logs in the forum. If reports don’t fit on one post. It might be necessary to break the explkit up to get them on the forum. Just use as many posts as you need, that’s fine. Posted 02 February – I wasn’t sure how long you wanted the program to look back so I just did the default 1 month. So here ya go. The first is log. DLL O9 – Extra button: DLL O23 – Service: Data Transfer Service dtsvc – Unknown owner – C: LiveUpdate – Symantec Corporation – C: EXE O23 – Service: SessionLauncher – Unknown owner – C: SYS [ ] R2 mdmxsdk;mdmxsdk; C: Posted 03 February – Well nothing really leaping out at me there.


Save it to your desktop.

Update your browser to access the Norton website

Reboot your computer into SafeMode. Double click the setup file to run it. Click Next to continue. It will by default install it to your desktop folder. Hit ok sxploit the prompt for scanning in Safe Mode.

It will then open a box There will be a tab that says Automatic bloodnound. Under Automatic scan make sure these are checked. Also any other drives Removable that you may have After that click on Security level then choose Customize then click on the tab that says Heuristic Analyzer then choose Enable Deep rootkit search then choose ok. Then choose OK again then you are back to the main screen. Then click on Scan at the to right hand Corner. It will automatically Neutralize any objects found.

If some objects are left un-neutralized then click the button that says Neutralize all If it says it cannot be Neutralized then chooose The delete option when prompted. After that is done click on the reports button at the bottom and save it to file, name it Kas. I have a conundrum!? Here is what it showed There doesn’t seem to be anything there. One new thing I’ve noticed is the quarantining of a Symantec program file.

Exploit:Win32/Pidief.B threat description – Windows Defender Security Intelligence

It is an APQ. The file is located in C: Could this be some sort of false positive? No that scan will pick up malware even if it is in quarantine. I expect exploot log has gone.

Bit hard to tell what it picked up. I guess seeing we don’t have anything to go on the question must be to you. How is your computer working now? Are you still experiencing problems?


Posted 04 February – Do you know anything about antivirus ? All I read about is I have attached a picture of what I’m seeing everyday. All these pop up as new files each day. It is really weird.

Is it ok if I post the whole log from that Kapersky thing? Yes please, exactly what I was looking for.

t and t | Tech Support Guy

If it is very long you may have to split it and use more posts. Here is the whole Kapersky log. It is quite short Do you know anything about antivirus It’s just another in that long list of rogue anti-virus progams that install a whole lot of rubbish on your computer. Not showing up on your machine though. Might have been stopped when it tried to get on. Since they keep popping up it gives me an uneasy feeling Once they are in quarantine they cannot hurt your machine.

Most anti-spyware programs have a way to delete quarantined items.

Perhaps you could do that. Depends on which version of Symantec you have but here are the instructions for Symantec 9 or 10 How to delete a quarantined file if it is not needed: Open the Symantec AntiVirus console.

To view the Quarantine list, open the View menu, and select Quarantine. If there are any items present in the Quarantine list, select them and press the red ” X ” button above the list.

This will delete the infected file s from your computer. When you are finished, close Symantec AntiVirus and reboot your computer. I also wonder whether these are mostly cookies. These are harmless but often picked up by anti-spyware programs and quarantined. Sites put these on your computer when you visit. Go to this link http: While they are harmless I don’t leave them on my computer forever.

You can instruct your browser to delete them after a period.