Recently my windows server 2003 got infected with Bloodhound.exploit.343 and w32.sillyfdc.bdm. I tried deleing the "lnk" files and edited the registry in local_machine for "srv15A0". I think the "srv15A0" was added after infection. We have couple shared folders and I am getting pop-up from symantec antivirus which says there is stil infection in shared folders. I tried deleting the lnk files, autorun.inf and setup0005.fon files but it comes back again and again. Could you advise me how to clean those infection from server. I do have symatec antivirus corporate edition 10 on the server and client. Even though symatec says the treat level is low, it is really annoying. Is it the server creating those files again and again or it is coming from any of the infected client machine. Please help.

Hi, In addition to the suggestions in your another thread: http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/cc55a2a0-4a44-4f2c-a37a-d11e06779fba I highly recommend you to scan for virus and malwares on both the server and client sides. For more information and support on virus issues, I would also like to suggest that you call Microsoft PC Safety telephone number, 1-866-727-2338 (1-866-PCSAFETY). This service offers no-charge assistance for virus-related issues or questions. Also, you can check Microsoft Security and Privacy Web site at: http://www.microsoft.com/security/ This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.