Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

virus detection

Created: 17 Jan 2013 • Updated: 28 Jan 2013 | 19 comments
This issue has been solved. See solution.

hi

anyone help me to clean trojan.gen virus from my network. affected system 4-5. virus count is high.

Comments 19 CommentsJump to latest comment

Sumit G's picture

What is the current version of SEPM in your N/W?

If it lower than 11.7 then need to upgrade, This issue  is fixed in RU7MP2

https://www-secure.symantec.com/connect/forums/virus-name-trojangen

Latest SE version is 110-ru7-mp3

https://www-secure.symantec.com/connect/articles/latest-symantec-endpoint-protection-releases-sep-121-ru2-and-sep-110-ru7-mp3

upgrade with the above mention version

Regards

Sumit G.

SOLUTION
vipinart's picture

When i scanned the system not of any virus detected. On server detected virus extension is file "dwh.tmp".

I have read your links and update to my superior as per the link. We are going to plan the upgrade with Latest version.

Ashish-Sharma's picture

HI,

What sep are you using ?

If you are running an older version of SEP, the conversation in the link below may apply to your situation.

http://www.symantec.com/connect/forums/trojangen2#...

BTW, the latest version of SEP 11 is RU7 MP2.

 

Thanks In Advance

Ashish Sharma

 

 

vipinart's picture

I have already mention the SEP version nd it is lower than RU7 MP2. I have read the attach link and will try the mention.

Ambesh_444's picture

Hi,

Please update the system with latest anti virus definition and do a full scan of the system and then 

Run the Symantec NPE (Nortan power eraser) tool on the system.

Even you can manually remove the same.

Go through the below link..

http://blog.yoocare.com/how-to-get-rid-of-trojan-g...

 

Removal Tool

 

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

vipinart's picture

Latest defintion is already updated. This virus detect with .tmp fextension and path is also as temp folder wheniam going to scan no detection. So as per above comment we are going to upgrade to fix it.

Sumit G's picture

Have you upgrade with latest version or your issue fixed or not?

If it fixed then please mark the helpful comment as a solution.

Regards

Sumit G.

SebastianZ's picture

You can run as well following tools:

- Symantec Power Eraser:

http://www.symantec.com/business/support/index?pag...

- bootable SERT tool:

http://www.symantec.com/business/support/index?pag...

cus000's picture

Hello,

Are you able to detect the infection source?

Ambesh_444's picture

Hello,

Have you done the above things,

Please let me know if problem is resolved..

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

.Brian's picture

This a generic name. Is it occurring on one or multiple PCs?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

.Brian's picture

It's a known issue. You need to upgrade to the latest version of SEP.

To stop this from happening, the quarantine scan on virus definition update can be disabled: edit Antivirus and Antispyware policy > Windows Settings > Quarantine > General, under "When New Virus Definitions Arrive" choose "Do nothing".

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Ambesh_444's picture

Hi Vipin,

Please let me know if problem is resolved?

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

vipinart's picture

I have upgraded the version, Monday I will confirm if issue still persist.

Ambesh_444's picture

Thank you vipin for the update,

Please let me know if i can help you.??

 

Thank& Regards,

Ambesh

"Your satisfaction is very important to us. If you find above information helpful or it has resolved your issue. Please don't forget to mark the thread as solved."

rs_cert's picture

K Vipin. If you will not get any issue on Monday then will mark the solution to helpful comment.

SameerU's picture

Hi

Please send the infected file to the Symantec Security Response, so they will analyse the same and revert back with the definitions set which should be used for scanning

https://submit.symantec.com/websubmit/retail.cgi

Regards