Video Screencast Help

Schedulers automatically generating on server due to virus

Created: 29 Apr 2013 • Updated: 29 Apr 2013 | 6 comments

Hi,

We have a production server running eith Windows 2003. From past many days, schedulers are automatically getting generated on the server. We found that this is hapening due to a virus. We scanned the sytem, deleted the schecdulers, and updated the server with latest AV definition again.

 

But the problem did-not resolve. Still the schedulers are generating and SEP is letting it do so!! Anyone please suggest some solution to prevent the virus and its actions.

Operating Systems:

Comments 6 CommentsJump to latest comment

W007's picture

Follow the steps provided in the Article below and submit the files to the Symantec Security Response Team:

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

http://www.symantec.com/connect/articles/using-sym...

How to submit suspicious files via the online submission form that have been quarantined by Symantec Endpoint Protection (SEP) or Symantec AntiVirus (SAV)

Article:TECH97449  |  Created: 2009-01-16  |  Updated: 2012-04-30  |  Article URL http://www.symantec.com/docs/TECH97449
 

 

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

_Brian's picture

Run the Load Point Analysis from the SymHelp Tool and submit

How to collect Load Point Analysis logs for Symantec Support with the SymHelp utility

Article:TECH203028  |  Created: 2013-02-21  |  Updated: 2013-04-26  |  Article URL http://www.symantec.com/docs/TECH203028

 

Running the Load Point Analysis report in the Symantec Endpoint Protection Support Tool

Article:TECH203388  |  Created: 2013-02-28  |  Updated: 2013-03-04  |  Article URL http://www.symantec.com/docs/TECH203388

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SameerU's picture

Hi

Please update the systeme with Latest Microsoft Security Patches

Regards

 

consoleadmin's picture

Kindly check the latest required Microsoft patches are update on system or not?

If not updated then update and scan again or check the status.

Other way

Check the suspected file for virus status on all AV (https://www.virustotal.com/en/)

Collect the log using symhelp and submit to symantec

https://www-secure.symantec.com/connect/articles/u...

https://www-secure.symantec.com/connect/articles/u...

https://www-secure.symantec.com/connect/articles/u...

https://www-secure.symantec.com/connect/articles/s...

https://www-secure.symantec.com/connect/articles/s...

Thanks.

zafar1907's picture

Hi,

You can use different symantec support tool,which you can find in below thread.Use these tool may solve your Issue.. 

 

https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Thanks and Regards,

Mohammad zafar

Please Mark as solution if this comment solved your Issue....

SameerU's picture

Hi

Please do the following.

1. Update the system with Microsoft Latest Security Patches.

2. Run a Full scan on the Server in Safe Mode

Regards