Have trouble deleting repeated Trojan Horse virus on computer using Symantec Endpoint Protection 11?

80 pts.
Tags:
Antivirus
Firewalls
Symantec Endpoint Protection
Symantec Endpoint Protection 11
Trojan Horse
Trojans
I am having trouble getting rid of a repeating Trojan Horse virus on a computer using Symantec Endpoint Protection Version 11.0.4202.75. I have done the following: performed full scan in safe mode, used Microsoft Baseline Security Analyzer, disconnected computer from network, updated virus definitions, deleted quarantine, disabled system restore, deleted values for associated registries, etc. I have preformed the above, but the trojan horse keeps reproducing in the quarantine as a DWH15AD.tmp file in c:Documents and SettingsAdministratorLocal SettingsTemp or as a APQ103D.tmp file in c:Documents and SettingsAll UsersApplication DataSymantecSRTSPQuarantine. I am currently using Windows Defender right now to help get rid of the virus, but it is currently going through the full scan process. I am not sure how to get rid of this Trojan Horse virus. Please help if you have a solution to this problem. Thank you.

Answer Wiki

Thanks. We'll let you know when a new response is added.

In Safemode, check the registry keys in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run for questionable paths and delete them. Run MSCONFIG.exe and in the Startup tab uncheck any more questionable paths.

Reboot the machine to a boot disk like <a href=”http://www.ubcd4win.com/”>UBCD4Win</a>, and run another updated virus scan.

If your registry and msconfig are clean and the virus files are removed before rebooting, you shouldn’t have to boot from the boot disk. But it will make sure everything is clean.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Kevin Beaver
    It sounds like you're going to have to try multiple tools...I've had to resort to that in the past. Check out this malware removal handbook I wrote that addresses this issue. Best of luck!
    16,495 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following