Submit that file to symantec...
https://submit.symantec.com/gold or /basic /essential depending on your support contract of no contract then /retail 

It may be a new variant, also check your AV security settings and make sure you are using the recommended levels.
http://service1.symantec.com/SUPPORT/ent-security....

Make sure your definitions are current and run a full scan in Safe-mode, and see if it gets detected.

You can also submit the file to ThreatExpert for analysis.

http://www.threatexpert.com/default.aspx

We're seeing a bunch of taquito.exe files right now.  They get detected as Trojan.Gen, and they are usually "partially repaired."  But there is no information that would help us determine how to clean them up, or what files and registry changes to look for on infected computers.

It would be nice if Symantec would have a virus signature and information page specific to this threat. 

In the meantime, is there anybody out there who has experience dealing with an outbreak like this?

Are you running Proactive Threat Protection? and is the action set to something other than Log?

Check your PTP logs to see what's in there. Also you may want to turn up your sensitivity level.

Hi Rod and Mitch,

A careful reading of the SEP Risk Logs (info from which is also in the Windows Application Event Logs) is what I recommend in this case.  What files are being detected?  What action is taken?  If it is the same taquito.exe over and over again (in the same location) then see if the action is "partially removed" or similar.  That means that it's time for a full system scan in safe mode to completely remove the threat.

Here's an article with more info: What Does "Risk was partially removed" Mean? (http://service1.symantec.com/support/ent-security....)

Please keep the forum up-to-date with your progress!

Thanks and Best regards,

Mick

" have just started seeing a spate of taquito.exe worms crop up in the office"...Where  do you  see it? If you  see SEP detecting  it, then wghat is the  action taken???

Also run Microsoft MSRT tool and scan system files and program files once with system restore off

http://www.microsoft.com/downloads/en/confirmation.aspx?familyId=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displayLang=en

Trojan.gen is a variant of the Trojan.clampi infection. Check to see if the users of the infected computers are members of local admin on computer. Block outbound traffic on your firewall and make sure you are running SEP 11.0.5000 or better.

We have had the same issue.  Endpoint is NOT detecting the Taquito Virus as well as several other viruses that spread via USB Flash / Memory cards.  They spread very quickly and easily because of using flash memory. 

A co-worker has tried to contact Symantec for a resolution and has absolutely gotten nowhere.  Sadly, Symantec is choosing to ignore this while most other venders including free softwares... AVGFree and MS Security Essentials can easily detect AND remove these infections.  The MS solution seems to coexist with Endpoint without any major side effects and that is our solution... for now

Have any of these malicious files been submitted to Symantec Security Response so they can create defs?

We haven't had anything malicious from them but have read that the .exe could be if anyone actually executed it.  I am not sure if we submitted them because my co-worker had been trying to work with Symantec with no success.  More to the point is that Symantec is leaving us vulnerable and not addressing the issue... while other softwares even FREE versions can handle them.  They are not new at all... these have been out there for quite a while.

Can you elaborate more on what you mean by Symantec not addressing the issue?

Does support not have answers and close the case without resolution?

Have you talked to your account manager or SE?