Video Screencast Help

Risk partially removed

Created: 04 Nov 2011 | 17 comments

Recently I found my computer running slower than usual so I suspected a a virus attack or something. And so I did a full system scan and indeed a virus was found. But the action taken was simply "risk partially removed". I didn't care much about it and just continued doing my stuff but I realize it is still running slowly. I went online and search for solutions and I've tried running the scan in safe mode but no virus was found. I also went ahead with fragmentation but my computer is still running slowly. Is there any solution to help me get rid of that virus/make my computer run as fast as it used to? Thank you!

Comments 17 CommentsJump to latest comment

mon_raralio's picture

Try running a registry cleaner  and other cleanup utilities.

“Your most unhappy customers are your greatest source of learning.”

pete_4u2002's picture

hope you have updated the system with the latest virus definition. Once done, scan in safe mode.

Also check this article

http://www.symantec.com/docs/TECH91705

xmsrandom's picture

Did as you said but still no virus was detected in safe mode.

Mick2009's picture

Hi Xmsrandom,

What threat was it, and what removal instructions are given in its write-up?

It is very likely that some manual action (scan in safe mode, etc) needs to be done to ensure you are completely cleaned. 

What Does "Risk was partially removed" Mean?
Article: TECH94475 | Created: 2009-01-10 | Updated: 2010-12-01 |
Article URL http://www.symantec.com/docs/TECH94475

Please keep this forum thread up-to-date with your progress!

 

With thanks and best regards,

Mick

xmsrandom's picture

I can't remember the exact threat but it was a Trojan virus? There wasn't any removal instructions I think. 

sandra.g's picture

The SEP scan log should have some record of the name of the threat that was found.

sandra

Symantec, Senior Information Developer
Enterprise Security, Mobility, and Management - Endpoint Protection

Don't forget to mark your thread as 'solved' with the answer that best helps you!

xmsrandom's picture

The log is empty. Apparently my settings was set to delete logs older than 1 day. (I wasn't the one who set that)

Swapnil khare's picture

Hello

Please submit the file which is partially removed to Symantec response team at

https:\\submit.symantec.com\gold

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

 

Thomas K's picture

Hello,

 

There are some useful tools that are provided by Symantec to help with finding those hard to detect threats.

1.The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

2. The SERT (Symantec Endpoint Recovery Tool)is useful in situations where computers are too heavily infected for the Symantec Endpoint Protection client installed upon them to clean effectively.

3. The Load point Analysis Tool generates a detailed report of the programs loaded on your system. It is helpful in listing common loadpoints where threats can live.

 

Power Eraser tool http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default

How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitionshttp://www.symantec.com/business/support/index?page=content&id=TECH131732&locale=en_US

Support Tool with Power Eraser Tool included

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

xmsrandom's picture

Hi, I tried using the Power Eraser Tool. It was working fine until it got to the 'Examining load points: BrSerWdm' part and it stopped working. Any idea what's wrong? :/

xmsrandom's picture

I have problems uploading it. Every time it tries to upload it says reload web page or something

Mick2009's picture

Many thanks for continuing to update this thread with oyur progress.  &:)

The best thing to do would be to reboot the computer into safe mode and perform a full system scan, using the very latest available Rapid Release definitions. 

Examine the risk history log after that to see if the identified threats were completely remediated.

After that, back in normal mode, run the SEP Support Tool with load point analysis to see if tehre is anything else that looks suspicious.

With thanks and best regards,

Mick

xmsrandom's picture

I've checked the risk history log but it's empty. I've also run the support tool but there's nothing suspicious.

Thomas K's picture

Did you ever get the suspect file uploaded to Symantec for analysis? If so do you have a tracking number so that I can check on the status of the submission?

xmsrandom's picture

I'm sorry I didn't manage to upload it. Everytime I try to upload it, it say refresh web page and stuffs like that.

mon_raralio's picture

Where in the PC was the threat found? Exact path and filename. [you can replace your name with a generic one if it is in "Documents and Settings" or "Users" folder.

And what were you doing when the alert popped up?

“Your most unhappy customers are your greatest source of learning.”