Endpoint Protection

 View Only

  • 1.  DWH Trojan Horse

    Posted May 21, 2010 07:53 PM

    I installed SEP 11.0.6 on one of our machines running Windows 7 x64 and keep getting a DWH.....tmp virus being detected in the TEMP directory. I know that this was an issue in previous versions, but can't seem to be able to find a resolution. Any ideas on how to get rid of it?


  • 2.  RE: DWH Trojan Horse
    Best Answer

    Posted May 21, 2010 09:02 PM

    Hello ALyman,

    Try following the instructions in the following document. If you are unable to clear out any of the directories mentioned, you may try following the instructions in Safe Mode.

    That, coupled with running RU6 (or RU6a), has fixed it for most people I've encountered with that issue.

    Regards,
    James



  • 3.  RE: DWH Trojan Horse

    Posted May 23, 2010 08:50 PM
    Here is a good article that gives reasons for this issue: http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/5acc619d5a30571b882573980069a3cd?OpenDocument. Although as you said this should be fixed in the version you are running. I haven't heard of this happening at all in RU6...

    Since we have not seen this in your version could you call in and make a case? If you do please post your case number so we can follow it.


    Thanks
    Grant


  • 4.  RE: DWH Trojan Horse

    Posted May 26, 2010 10:14 AM

    Hello ALyman,

    Have you been able to try the document I linked you? If so, did it resolve your issue?

    Regards,
    James


  • 5.  RE: DWH Trojan Horse

    Posted May 26, 2010 10:22 AM
    Hi,

    This mostly happens if the virus definitions get corrupt.

    You can follow the below mentione steps.

    1] Un-install SEP from add/remove program.
    2] Delete all the symantec folder.
    - c:\Program Files\Symantec\
    - c:\Program Files\Common Files\Symantec Shared
    - c:\Documents and Settings\All Users\Application Data\Symantec
    3] Re-isntall the client as un-managed client. Then make is managed.

    this should solve your problem if not then.

    Run cleanwip & Re-isntall the client.


  • 6.  RE: DWH Trojan Horse

    Posted May 28, 2010 08:11 PM
    Same problem happened when I went from RU5 to RU6a? I'm also running windows 7 x64? Keep getting trojan's being found with DWH*.tmp files being created in the temp directory. Will try above to see if it resolves


  • 7.  RE: DWH Trojan Horse

    Posted Jun 01, 2010 10:31 AM

    The solution that I marked that seemed to correct the issue wasn't really correct in the file locations as it was meant for an earlier version of Windows, but I just searched for the same folders in the Windows 7 x64 version. I think that the issue stems from the xfer folders. I haven't seen anymore popups, but I'll keep my fingers crossed.