Endpoint Protection

Two months ago I downloaded something from the Internet through a tool called Orbit. Upon finishing downloading, Symantec Endpoint Protection showed that the file I downloaded contains a Trojan Horse. So I deleted it. The problem is, following days, till today, Symantec Endpoint Protection will show the auto detect window with the file listed every time I boot my computer. So I tried to uninstall both symantec endpoint protection and Orbit, delete the entire folder should containning that file using killbox and run a system clean, but it is still there. Every time I start my computer Symantec still says there is a trojan horse in that file and is has been cleaned. I searched the registry and the entire computer, nothing with the file was found.
How can I deal with it?

Symantec Endpoint Protection version: 11.0.5002.333

Risk Details:
User: SYSTEM
Scan type: Auto-Protect Scan
Source computer: Local Host
Primary action: Clean security risk
status: Cleaned
Secondary action: Quarantine
Current location: D:\download\ (I deleted this folder a long time ago)
Action taken: Cleaned
File size: 0
Has Algorithm: Unknown
Engine category: 0
Action description: The file was repared successfully.

Turn off system restore.Scan the system in safe mode. Also assure that all your PC having latest virus defs and patches....

No surprisingly, this attempt does not help.

Remove SEP
Delete following folders if present
C:\Program Files\Symantec
C:\Program Files\Symantec AntiVirus
C:\Program Files\Common Files\Symantec Shared
C:\Documents and Settings\All Users\Application Data\Symantec
 
Also delete following reg keys
HKLM\Software\symantec
HKCU\Software\symantec
Install SEP and try..

Hi Joey,

You report, "So I deleted it."  Do you mean that you manually deleted the file, or allowed SEP to delete it-?

It may very well be that this dodgy download put something in your computer that is attempting to install a piece of malware every time the computer reboots.  I recommend checking your computer's Load Points for any suspicious or unexpected entries.

It would be helpful if you could export the computer's SEP risk risk history and add it to this thread so that we can see exactly what is being detected, when, and what action is taken....

Thanks and best regards,

Mick

As a user of Windows Vista, I can find only one folder you mentioned there: Symantec Shared. I deleted it.
Then I deleted Symantec folder in ProgramData folder (Hidden) in C drive.
And it is clear now.
I guess the problem is caused by a folder named "STRSP", because I found a file with .bt! exetension there.
Thank you for your solution.

And thank you Mick 2009, too.

Happy to here that your problem got solved.....:)