Video Screencast Help

Windows Repair Virus / unhide.exe

Created: 10 Dec 2013 • Updated: 11 Dec 2013 | 10 comments
IN's picture

We believe we have a couple of systems infected with this virus.  SEP did not catch it.  Can anyone tell me about this virus and the best way to detect and clean it? 

Thanks

Jennifer

 

Operating Systems:

Comments 10 CommentsJump to latest comment

.Brian's picture

A couple of things:

You can run a Load Point analysis and submit to Security Reponse:

How to collect and submit to Symantec Security Response suspicious files found by the SymHelp utility

Article:TECH203027  |  Created: 2013-02-21  |  Updated: 2013-05-23  |  Article URL http://www.symantec.com/docs/TECH203027

 

You can run the Symantec Power Eraser to see if it can catch it:

How to run Symantec Power Eraser with the SymHelp utility

Article:TECH203683  |  Created: 2013-03-08  |  Updated: 2013-11-21  |  Article URL http://www.symantec.com/docs/TECH203683

 

You can also review some helpful links here:

http://www.symantec.com/docs/TECH98929

http://www.symantec.com/docs/TECH122466

If the Power Eraser doesn't detect anything, you may need to try a third party tool such as Hitman Pro or Malwarebytes

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

IN's picture

Thank you Brian.  I'll let you know if this helps.  

.Brian's picture

Any success?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

AJ_01's picture

You can analysis that file from Virus total site, it show you the report of the site which can detect that file as a virus. If symantec not detect as a virus then you can submit that to symantec for analysis and symantec can provide the rapid file to remove the virus.

https://www.virustotal.com/

Submit file on Symantec

https://submit.symantec.com/websubmit/essential.cgi

Is your system infected? Symantec tools to help clear an infection

https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

Regard

AJ

AjinBabu's picture

Hello, 

Run a full scan and check if helps after an update.

Regards

Ajin

 

Mick2009's picture

Hi Jennifer,

The name of a file does not help much - files can be renamed anything at all.  Run Power Eraser and see if that removes it.

 SEP did not catch it.

Which components of SEP are you using?  If you are usign AV alone, then I strongly recommend that you add IPS, firewall, SONAR/PTP protection and the other available technologies, too.

Two Reasons why IPS is a "Must Have" for your Network
https://www-secure.symantec.com/connect/articles/two-reasons-why-ips-must-have-your-network

Using SEPM Alerts and Reports to Combat a Malware Outbreak
https://www-secure.symantec.com/connect/articles/using-sepm-alerts-and-reports-combat-malware-outbreak

 

Hope this helps!

Mick

 

 

 

 

With thanks and best regards,

Mick

SameerU's picture

Hi

Run the Symantec Power Eraser tool to collect the suspicious files by referrring the below link

http://www.symantec.com/theme.jsp?themeid=spe-user...

Regards

 

Mick2009's picture

Hi Jennifer,

Just a ping to see if you have any update on this?  Did you get the file submitted, and was detection put in place?

many thanks!

Mick

With thanks and best regards,

Mick

AJ_01's picture

Have you submit the suspected file in Symantec or not, what is current status?

Regard

AJ

.Brian's picture

Do you need more assistance with your problem or were you able to get it resolved?

If you could post an update for followers of this thread that would be most helpful.

Otherwise, if resolved, you can close the thread out by clicking the "Mark as solution" link at the bottom left on the most helpful post. If multiple posts helped to solve your problem, please click the "Request split solution" link at the bottom left, select the most helpful posts and click the "Submit" button. This will benefit admins looking for a resolution to the same problem.

Thanks and take care,
Brian

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.