virus detection
Created: 17 Jan 2013 | Updated: 28 Jan 2013 | 19 comments
This issue has been solved. See solution.
hi
anyone help me to clean trojan.gen virus from my network. affected system 4-5. virus count is high.
Discussion Filed Under:
Comments 19 Comments • Jump to latest comment
What is the current version of SEPM in your N/W?
If it lower than 11.7 then need to upgrade, This issue is fixed in RU7MP2
https://www-secure.symantec.com/connect/forums/virus-name-trojangen
Latest SE version is 110-ru7-mp3
https://www-secure.symantec.com/connect/articles/latest-symantec-endpoint-protection-releases-sep-121-ru2-and-sep-110-ru7-mp3
upgrade with the above mention version
Regards
Sumit G.
When i scanned the system not of any virus detected. On server detected virus extension is file "dwh.tmp".
I have read your links and update to my superior as per the link. We are going to plan the upgrade with Latest version.
Sep version is 11.0.6300.
HI,
What sep are you using ?
If you are running an older version of SEP, the conversation in the link below may apply to your situation.
http://www.symantec.com/connect/forums/trojangen2#...
BTW, the latest version of SEP 11 is RU7 MP2.
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
I have already mention the SEP version nd it is lower than RU7 MP2. I have read the attach link and will try the mention.
Hi,
Please update the system with latest anti virus definition and do a full scan of the system and then
Run the Symantec NPE (Nortan power eraser) tool on the system.
Even you can manually remove the same.
Go through the below link..
http://blog.yoocare.com/how-to-get-rid-of-trojan-g...
Removal Tool
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
Latest defintion is already updated. This virus detect with .tmp fextension and path is also as temp folder wheniam going to scan no detection. So as per above comment we are going to upgrade to fix it.
Have you upgrade with latest version or your issue fixed or not?
If it fixed then please mark the helpful comment as a solution.
Regards
Sumit G.
You can run as well following tools:
- Symantec Power Eraser:
http://www.symantec.com/business/support/index?pag...
- bootable SERT tool:
http://www.symantec.com/business/support/index?pag...
Hello,
Are you able to detect the infection source?
Hello,
Have you done the above things,
Please let me know if problem is resolved..
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
This a generic name. Is it occurring on one or multiple PCs?
SEP Knowledge Base
Endpoint SWAT
Best practice to troubleshoot virus on the network
http://www.symantec.com/docs/TECH122466
It's a known issue. You need to upgrade to the latest version of SEP.
To stop this from happening, the quarantine scan on virus definition update can be disabled: edit Antivirus and Antispyware policy > Windows Settings > Quarantine > General, under "When New Virus Definitions Arrive" choose "Do nothing".
SEP Knowledge Base
Endpoint SWAT
Hi Vipin,
Please let me know if problem is resolved?
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
I have upgraded the version, Monday I will confirm if issue still persist.
Thank you vipin for the update,
Please let me know if i can help you.??
Thank& Regards,
Ambesh
Please mark your thread as 'SOLVED' with the answer that helps you.
K Vipin. If you will not get any issue on Monday then will mark the solution to helpful comment.
Hi
Please send the infected file to the Symantec Security Response, so they will analyse the same and revert back with the definitions set which should be used for scanning
https://submit.symantec.com/websubmit/retail.cgi
Regards
Would you like to reply?
Login or Register to post your comment.