How to stop a Trojan.Gen.2 from coming into my Computer
Created: 06 Jun 2012 | 8 comments
Hi,
I seem to have gotten onto someone's list and I keep getting a Trojan.Gen.2 file coming into my computer. The Symantec EndPoint Protection program is great at quarantining the virus but I am getting a new attack every four to five minutes. How do I get off of the list so they will stop attacking my system? Any help is appreciated.
jcgirl
Discussion Filed Under:
Comments 8 Comments • Jump to latest comment
Find the below links
Run Norton Power Eraser (NPE) through out this link
http://securityresponse.symantec.com/security_response/detected_writeup.jsp?name=Trojan.Gen.2
Thanks In Advance...
Syed Saied
If the suggestion has helped to solve your problem, please mark the post as a solution
Thank you, Syed,
I downloaded and ran the Norton Power Erase and I still have the issue. The virus is not getting into my computer because Symantec is catching it as it comes in. The problem is I am getting these every three to four minutes. How do I get off of this person's list so these stop coming into my system?
Thanks,
jcgirl
are they *.tmp files being detected.
if so i hear they are harmless.
here is a brief info on trojan.gen.2
Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.
Hi awmhove,
Thanks for the response. I have no file extensions. I can not find the file in my computer. Symantec is quarantining it before it reaches my computer. The auto protect window shows the file name: which is usually 80000000.@ . The original location is C:\windows\installer\{83fba3f5-7481-aaac-c689-20b4ee96751e}\U\ I am getting them again today every three to four minutes.
Thank, jcgirl
If you are running an older version of SEP, the conversation in the link below may apply to your situation.
http://www.symantec.com/connect/forums/trojangen2#...
BTW, the latest version of SEP 11 is RU7 MP2.
Ooyala Community Manager - Take our Video Poll
Thank you, Thomas,
I do not have that version. I will check it out. Thanks again.
June
You're being attacked by one of the many versions of the "DNS changer." There's nothing malicious on your PC, it's your router!
Have you changed the default user name and password on your router!? Either way, I suggest changing them again.
Is Windows Update working? Check that, too.
Change the user name and password to your router and I bet this stops happening.
Hi,
Trojan.Gen.2 is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics.
Distribution of Trojans on to compromised computers occurs in a variety of ways. From email attachments and links to instant messages, drive-by downloads and being dropped by other malicious software. Once installed on the compromised computer, the Trojan begins to perform the predetermined actions that it was designed for.
It is recommended to install all the Symantec features AV / PTP/ NTP with latest definitions.Always make sure that your computers are receiving definitions regularly.
You can upgrade your product to latest built.
You windows machines should have all the latest windows updates /Patches.
Please follow best practice guide to handle virus issue.
http://www.symantec.com/business/support/index?pag...
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Would you like to reply?
Login or Register to post your comment.