Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Trojan.gen2

Created: 29 Dec 2010 • Updated: 29 Dec 2010 | 5 comments
This issue has been solved. See solution.

My computer has been doing very strange things since Trojan.gen2 was quarrantined earlier today.  I have had to "download updates", insert new passwords, and many items are appearing double on my computer or not working at all at times.  The computer has asked me to shut it down but I am hesitant to do this because son's computer got zapped with potentially same virus.  We just used his jump drive after a few weeks in my computer and thus the quarrtined trojan.

Comments 5 CommentsJump to latest comment

Rafeeq's picture

once trjon is detected by symantec, it needs a reboot most of the times

reboot your computer in safe mode and run a full scan.

disable system restore and run a full scan in safe mode....

Tebow's picture

How do I reboot in safe mode?

Maciej_Jedrzejczyk's picture

While you are in safe mode, it's always a good idea to delete the content of some common areas where viruses/threats might be residing. You can do it by entering the following commands in command line:

 

1) Delete the content of Symantec Quarantaine with the following command:

DEL /F /S /Q "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine"
RD /S /Q "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine"

2) Delete temp files with the following command:

DEL /F /Q "C:\Documents and Settings\<username>\Local Settings\Temp"
DEL /F /Q C:\temp
DEL /F /Q C:\WINDOWS\Temp

3) Delete Symantec temp files with the following command:

DEL /F /Q "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer_tmp\"
DEL /F /Q "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\"

4) Recreate Symantec Quarantine:

MD "C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\Quarantine"