Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

How to stop a Trojan.Gen.2 from coming into my Computer

Created: 06 Jun 2012 | 8 comments

Hi,

I seem to have gotten onto someone's list and I keep getting a Trojan.Gen.2 file coming into my computer.  The Symantec EndPoint Protection program is great at quarantining the virus but I am getting a new attack every four to five minutes.  How do I get off of the list so they will stop attacking my system?  Any help is appreciated.

jcgirl

Comments 8 CommentsJump to latest comment

Syed saied's picture

Find the below links

Run Norton Power Eraser (NPE) through out this link

http://securityresponse.symantec.com/security_response/detected_writeup.jsp?name=Trojan.Gen.2

 

Thanks In Advance...

Syed Saied

If the suggestion has helped to solve your problem, please mark the post as a solution

jcgirl's picture

Thank you, Syed,

I downloaded and ran the Norton Power Erase and I still have the issue.  The virus is not getting into my computer because Symantec is catching it as it comes in.  The problem is I am getting these every three to four minutes.  How do I get off of this person's list so these stop coming into my system?

Thanks,

jcgirl

awmhove's picture

are they *.tmp files being detected.

if so i hear they are harmless.

here is a brief info on trojan.gen.2

Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.

jcgirl's picture

Hi awmhove,

Thanks for the response.  I have no file extensions.  I can not find the file in my computer.  Symantec is quarantining it before it reaches my computer.  The auto protect window shows the file name:  which is usually 80000000.@ .  The original location is C:\windows\installer\{83fba3f5-7481-aaac-c689-20b4ee96751e}\U\  I am getting them again today every three to four minutes.

Thank, jcgirl

Thomas K's picture

If you are running an older version of SEP, the conversation in the link below may apply to your situation.

http://www.symantec.com/connect/forums/trojangen2#...

BTW, the latest version of SEP 11 is RU7 MP2.

jcgirl's picture

Thank you, Thomas,

I do not have that version.  I will check it out.  Thanks again.

June

machinegun51's picture

You're being attacked by one of the many versions of the "DNS changer."  There's nothing malicious on your PC, it's your router!

Have you changed the default user name and password on your router!?  Either way, I suggest changing them again. 

Is Windows Update working?  Check that, too.

Change the user name and password to your router and I bet this stops happening.

 

Chetan Savade's picture

Hi,

Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.

Trojan horse programs pose as legitimate programs or files that users may recognize and want to use. They rely on this trick to lure a user into inadvertently running the Trojan. Often a Trojan will mimic a well known legitimate file name or pose as a particular type of file, like a .jpg or .doc file to trick a user.

Distribution of Trojans on to compromised computers occurs in a variety of ways. From email attachments and links to instant messages, drive-by downloads and being dropped by other malicious software. Once installed on the compromised computer, the Trojan begins to perform the predetermined actions that it was designed for.

 
Check this link for more details:http://www.symantec.com/security_response/writeup.jsp?docid=2011-082216-3542-99
 

It is recommended to install all the Symantec features AV / PTP/ NTP with latest definitions.Always make sure that your computers are receiving definitions regularly.

You can upgrade your product to latest built.

You windows machines should have all the latest windows updates /Patches.

Please follow best practice guide to handle virus issue.

http://www.symantec.com/business/support/index?pag...

 

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<