Have trouble deleting repeated Trojan Horse virus on computer using Symantec Endpoint Protection 11?
Home > IT Answers > Security > Have trouble deleting repeated Trojan Horse v...
XavierD
15 pts.
0
Q:
Have trouble deleting repeated Trojan Horse virus on computer using Symantec Endpoint Protection 11?
Symantec Endpoint Protection, Trojan Horse, Trojans, Antivirus, Firewalls, Symantec Endpoint Protection 11
I am having trouble getting rid of a repeating Trojan Horse virus on a computer using Symantec Endpoint Protection Version 11.0.4202.75. I have done the following: performed full scan in safe mode, used Microsoft Baseline Security Analyzer, disconnected computer from network, updated virus definitions, deleted quarantine, disabled system restore, deleted values for associated registries, etc.

I have preformed the above, but the trojan horse keeps reproducing in the quarantine as a DWH15AD.tmp file in c:\Documents and Settings\Administrator\Local Settings\Temp or as a APQ103D.tmp file in c:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\Quarantine.

I am currently using Windows Defender right now to help get rid of the virus, but it is currently going through the full scan process.

I am not sure how to get rid of this Trojan Horse virus. Please help if you have a solution to this problem. Thank you.
ASKED: Jul 14 2009  7:34 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Mshen
23535 pts.
0
A:
 RATE THIS ANSWER
+1
Click to Vote:
  •   1
  •  0
  • AddThis Social Bookmark Button
In Safemode, check the registry keys in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run for questionable paths and delete them. Run MSCONFIG.exe and in the Startup tab uncheck any more questionable paths.

Reboot the machine to a boot disk like UBCD4Win, and run another updated virus scan.

If your registry and msconfig are clean and the virus files are removed before rebooting, you shouldn't have to boot from the boot disk. But it will make sure everything is clean.
Last Answered: Jul 15 2009  0:28 AM GMT by Mshen   23535 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

KevinBeaver   7610 pts.  |   Jul 18 2009  11:47PM GMT

It sounds like you’re going to have to try multiple tools…I’ve had to resort to that in the past. Check out this malware removal handbook I wrote that addresses this issue. Best of luck!

 
0