Endpoint Protection

 View Only

  • 1.  Dwh virus, how to fix it?

    Posted Jan 29, 2016 05:10 AM

    Hi, I'm having a problem with my symantec endpoint protection. The software reports virus some time everyday, however, I notice that all the virus are from symantec itself, and the directory doesn't exist at all. How can I fix this problem? It is really annoying.

    QQ图片20160129110426.png

    As you can see, all files have similar names like dwh***.format. I am completely confused. What may result in this problem? My version is 12.1.4100.4126.



  • 2.  RE: Dwh virus, how to fix it?

    Posted Feb 02, 2016 03:35 PM

    Go thru this article:

    When new virus definitions are in place and the quarantine is being scanned, a DWH file is created and detected by Auto-Protect

    http://www.symantec.com/docs/TECH102953



  • 3.  RE: Dwh virus, how to fix it?

    Posted Feb 03, 2016 11:19 AM

    Hi Ha,

    What version of SEP are you running?  Upgrade to the latest release and minimize many of the causes of this known behavior.

    A similar issue:

    Virus being detected in the quarantine folder of the Symantec Endpoint Protection client APQ*.tmp
    Article URL: http://www.symantec.com/docs/TECH167254

    I recommend configuring SEP to delete the malware that it encounters.  There's little point in storing quarantined files forever, unless you have spare disk space that you're determined to use.

    With thanks and best regards,

    Mick



  • 4.  RE: Dwh virus, how to fix it?

    Posted Feb 03, 2016 01:48 PM

    My version is 12.1.4100.4126. I think it is already the latest version because I cannot update anymore.



  • 5.  RE: Dwh virus, how to fix it?

    Posted Feb 04, 2016 03:39 AM

    I am not able enter the folder DefWatch.DWH because it doesn't exist at all. But how could Symantec find so many viruses in this unexisted folder???



  • 6.  RE: Dwh virus, how to fix it?

    Posted Feb 29, 2016 09:44 AM

    It may be set to hidden