Hi,
In my pen drive a folder with pc name is being created and inside the folder a recycle bin. Mcaffee is not detecting but Symantec endpoint protection is able to delete the pc name.exe file. I have a screen shot and the chest data from Symantec endpoint protection. I u/l the jpg and the link is
" qes7f.jpg at Free Image Hosting "
and the chest data is as below.
Risk,Filename,Original Location,Status,Date
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/20/2012 10:30 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/25/2012 10:42 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/9/2012 10:56 AM"
"Packed.Generic.307","SSRAMAPRASADx1.exe","f:\SSRAMAPRASAD\SSRAMAPRASAD\","Cleaned","1/25/2012 10:45 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/25/2012 10:45 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/5/2012 7:07 AM"
"Packed.Generic.307","NAIDUx1.exe","f:\NAIDU\NAIDU\","Cleaned","1/20/2012 10:03 AM"
"Packed.Generic.307","HUAx1.exe","f:\HUA\HUA\","Cleaned","1/20/2012 10:05 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/20/2012 10:05 AM"
"Packed.Generic.307","MESSAGEx1.exe","f:\MESSAGE\MESSAGE\","Cleaned","1/20/2012 10:05 AM"
"Trojan.Usuge!gen3","RAMESHx1.exe","F:\RAMESH\RAMESH\","Infected","1/20/2012 9:44 AM"
Here the pc names are RAMESH, HUA,MESSAGE and SSRAMAPRASAD.
Even after the Symantec endpoint protection removed these .exe files the pc name folders are still existing, which are visible only when show hidden files and folders is selected and Hide extensions for known file types and Hide protected operating system files is un-checked.
Please help me how to remove this Trjan.
In my pen drive a folder with pc name is being created and inside the folder a recycle bin. Mcaffee is not detecting but Symantec endpoint protection is able to delete the pc name.exe file. I have a screen shot and the chest data from Symantec endpoint protection. I u/l the jpg and the link is
" qes7f.jpg at Free Image Hosting "
and the chest data is as below.
Risk,Filename,Original Location,Status,Date
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/20/2012 10:30 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/25/2012 10:42 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/9/2012 10:56 AM"
"Packed.Generic.307","SSRAMAPRASADx1.exe","f:\SSRAMAPRASAD\SSRAMAPRASAD\","Cleaned","1/25/2012 10:45 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/25/2012 10:45 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/5/2012 7:07 AM"
"Packed.Generic.307","NAIDUx1.exe","f:\NAIDU\NAIDU\","Cleaned","1/20/2012 10:03 AM"
"Packed.Generic.307","HUAx1.exe","f:\HUA\HUA\","Cleaned","1/20/2012 10:05 AM"
"Packed.Generic.307","RAMESHx1.exe","f:\RAMESH\RAMESH\","Cleaned","1/20/2012 10:05 AM"
"Packed.Generic.307","MESSAGEx1.exe","f:\MESSAGE\MESSAGE\","Cleaned","1/20/2012 10:05 AM"
"Trojan.Usuge!gen3","RAMESHx1.exe","F:\RAMESH\RAMESH\","Infected","1/20/2012 9:44 AM"
Here the pc names are RAMESH, HUA,MESSAGE and SSRAMAPRASAD.
Even after the Symantec endpoint protection removed these .exe files the pc name folders are still existing, which are visible only when show hidden files and folders is selected and Hide extensions for known file types and Hide protected operating system files is un-checked.
Please help me how to remove this Trjan.
Last edited:
