We've ran across a machine that was infected with several pieces of Malware - believe they were all symptoms of a larger piece of Malware that was on the machine. However, TDSKiller, MalwareBytes, etc couldn't find it.
Symptoms include: Endpoint Protection failing to install. Symbolic Links/Junctions in C:\Program Files (x86) linking to C:\Windows\System32\Config, Sendori.Service.Exe installed as a Service. We're reimaging the machine, but would like to find other machines that may be infected with this. Anyone know how to find Symbolic Links/Junctions in a query? Robert Carr Senior Systems Programmer Workstation Support Academic Planning, Analytics and Technologies University of Kentucky 100 McVey Hall Lexington, KY 40506-0045 859.257.5599 Service Line 859.257.4195 Direct Line
