Can anybody help me out as I've tried everything I can find on the internet.
I recently was infected by the WinPc malware browser hijacker, it keep hijacking the IE to get me to install some software, which I didn't. I removed it with Malwarebytes and its all good now.
At the same time Norton kept and still does report "Auto-protect BLOCKED security risk backdoor.tidserv. your computer is secure" Looking closer at report file it keeps stating that the threat came from a Windows temp file (.tmp) with the file changing name every time. I have followed the proceedure to try and get rid of it but I can't find any sign of infection in the first place except for the norton pop up "Auto-protect BLOCKED security risk backdoor.tidserv. your computer is secure". Norton system scan freezes in normal mode for some reason so I scanned in safe mode and nothing was detected.
From symantec.com i checked the registry for the following
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"build" = "standart"
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"serversdown" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\TDSS\"type" = "popup"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\"affid" = "39"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata\"asubid" = "v2test7"
Navigate to and delete the following registry subkeys:
I DIDN'T find any of the above! and still norton keeps telling me "Auto-protect BLOCKED security risk backdoor.tidserv. your computer is secure".
Not sure what else to do?
PS I've posted a DDS log. Had a quick look at it and I couldn't see anything unusual.