please help people..

Hi crazypotatos,

First I just want to make sure you are actually using SEP and not a Norton product. The only reason I say this is because it sounds like you are a home user and that makes me think you might actually be running one of the Norton products like 360. If that is the case please visit their site here to post: http://community.norton.com/norton/.

If you are really using SEP then you should do a full scan in safe mode with system restore off. This is better than just a full scan.The full details of this can be found in this guide: http://service1.symantec.com/support/ent-security..... Hopefully this solves your issue.

If that does not find the virus then you should submit the file to symantec. We can then analize it and incorporate it into the next rapid release definition. Details on how to submit the file to symantec are here: http://service1.symantec.com/support/ent-security..... After that you should then apply the latest rapid release definition to your computer. Details of that are found here: http://service1.symantec.com/support/ent-security.....

If any of this was confusing please don't hesitate to post back or pm me. Just as a side note you should also try to tell where/how you got the virus. For instance did you visit any questionable sites, or use torrent clients lately? Not that it matters too much, but it might help you to identify where you got the virus so you can attempt to not fall into that same trap again.

Cheers
Grant

Yes is is endpoint. My neighbor is a computer saleman and he has the business pack thing. I'll try what you said and I'll reaspond back in the morning when this is done.

How do I turn off system restore? I found a thing on microsoft's website but it said it was going to delete stuff or something. And how do I put it into safe mode?

Sorry, that guide didn't really tell me what you explained.

Just to help explain why new files appear even while you're not using the computer.  Malware often tries to download and install additional malware, which is probably why you were getting regular warnings.  So there is an infection on your computer that is grabbing these files.

Ok so while I was at school, i did the full scan on safe mode and with system restore off. While the scan didn't find anything, SEP isn't finding it automatically. Ill notify you if it comes up again. I also unplugged my ethernet cable while the scan was going.

Ug great. Its back again. I think it may be from this one site, although I'm not sure...

I'm gonna try to remove it again later today...

@Crazypotatos

Any updates on how its going?

Ok I got rid of the actual trojan, but now whenever I click on a link on google, anyother random site pops up. It happens 75% of the time. I downloaded Malwarebytes's anti-malware to remove it, but when I "remove" it, it just keeps coming back. Its really annoying since I am a student.

SEP doesn't detect this thing though.. and I don't know where the orginal file and folder is where it is located.

Help please

Hi Crazypotatoes,

If posssible, please submit those files which keep coming back to Security Response.  They will perform an analysis on them and update the definitions used to detect and remove such threats.  Many of the hundreds of detections added daily are created in response to submissions from Symantec customers.

Symantec Technical Support have tools similar to the one you used which can help identify any additional suspicious files.

I also recommend running a "disk cleanup"- anything malicious in your  temp locations willl be deleted.  Plus, make sure that your MS patches are fully up to date.

Hope this helps!

Thanks and best regards,

Mick

I just ran the disk cleanup and it didn't do anything. it just got rid of some old files. Do you mean that error checking thing?