Quote:I booted up my laptop this morning, and within 10 seconds of hitting the power button, was slapped with a Blue Screen of Death. When startup repair had finished its work, Windows (Vista, urgh) loaded correctly, but SAV Auto-Protect was not enabled, and all of my virus definitions had been deleted. Not good.Maybe. Many attacks know how to disable the most popular virus and spyware protections.
A quick update through the built-in Symantec updater fixed the definitions problem, but now, whenever I try to enable Auto-Protect, it comes on for a few seconds and then becomes disabled again. It's a little baffling.
I typed in a general search about the problem into Google, and was about to click one of the links that came up when it hit me that I was about to navigate to sites unknown completely naked. So, instead of playing Internet Russian Roulette, I decided to come here for some help.
The problem seems to have first manifested while my computer was booting and is logged as "Symantec Antivirus Auto-Protect Failed to Load." After that, the next log is after startup repair had run and simply reports that the virus definitions database was missing.
I'm running Vista Student edition with Symantec Antivirus Home and Student edition. I can't recall any risky browsing or downloads I may have made, though I am running BitTorrent.
Any and all help would be much appreciated.
Edit: Checking through the log of the last scan I did reveals this: "Could not scan 8 files inside C:\Temp\SAV102VistaHomeStudent\SAV102VistaHomeStudent.exe due to extraction errors encountered by the Decomposer Engines." Significant?
I'd install something non-Symantec and free until you re-enable your protection. I use the free version of AVG at home, from Grisoft.
http://free.avg.com/
Here is a link to McAfee forensics tools.
Here is a link to Symantec's web based security and virus scanner.
Then, depending on how savvy, and comfortable you are with your registry and system files, I'd start digging into it off the network. I would go through the registry, hosts file, browser extensions, files, permissions, installed and running programs and services, etc and see if anything has been tampered with.