8lbbrown

Thanks eyeball - it certainly looks related... But the spreadsheet is used daily (recently more than once) and has only triggered the one alert. I would have thought that every time it was used (it is used for the same tasks each time) that it would trigger the alert, for as long as the offending Symantec signatures were in use? Also, there are no graphics in the spreadsheet, so I am scratching my head to see why excel would be creating emf files? However, there has been no other suspicious activity since Thanks for your help, 8lb

Running SAV 9.0 on a networked PC, user received the following notification while working on an excel file: Symantec Anti-Virus Notification Scan Type: Auto-Protect Scan Threat: Bloodhound.Exploit.45 File: C:\Windows\Temp\~DF3B02.TMP Location: Quarantine Computer: xxxx User: xxxx Action Taken: Qaurantine succeeded: Access denied Date Found: Sunday, 13 November 2005 14:52:39 As I understand auto-protect, this service scans files AS THEY ARE ACCESSED. (Opened, moved, copied, etc). The user was working on an excel spreadsheet, there was no other activity on the pc. No other applications in use, and a virus scan was not in progress. So what would have triggered an auto-protect notification? Does this mean that something else touched a file on the users pc? Any help appreciated, With thanks,