05-15-2012 01:03 PM - edited 05-15-2012 01:14 PM
Hi, I am having trouble getting rid of Trojan.Gen.2 and hope someone here can help. I saw some other posters had similar problems but, because my situation is a bit different from those I found, I am starting a new thread.
I am using Symantec Endpoint Protection version 11.0 on a Sony Vaio laptop running 64-bit Windows 7. Symantec lately pops up every few minutes telling me that the auto-protect scan found Trojan.Gen.2 in a file called 80000032.@ (always this name). It says the file was successfully quarantined, but then I get the same message again ... and again ...
Looking at "Details", Symantec says that the internet browser cache was deleted and the file 80000032.@, located in C:\Windows\Installer\...gobbledigook...\U, was quarantined successfully.
I think I started seeing this message several days ago, but it's only in the last day or so that it's started popping up every couple minutes. So far, I haven't noticed system performance to be affected in any other way (I can still turn the machine off and on normally, reboot normally, etc. and my web browsers - Firefox and IE - are not being rerouted).
Attached are some recent logs with details. Any help would be greatly appreciated.
05-15-2012 01:37 PM
Please download hxxp://download.bleepingcomputer.com/farbar/FRST64.ex
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
On the System Recovery Options menu you will get the following options:
Windows Complete PC Restore
Windows Memory Diagnostic Tool
06-19-2012 04:25 AM
I would suggest you to check this Article:
and submit the Suspicious Files to the Symantec Security Response Team.
and Check these Threads:
In the future, it would be best to post SEP product issues in the Connect forums, as this is a consumer product (Norton) forum.
Hope that helps!!