markswelch
asked on
Trojan Horse DWH####.tmp w/Symantec Corp 10.2.0.298
I am running Symantec Corp 10.2.0.298 with updated signatures. I'm getting multiple notifications a day, the filename is always DWH####.tmp and always with a count of 2. The action taken by the my AV is to quarantine. Does anyone know what is Trojan is or know of a removal tool? Thanks
http://www.symantec.com/connect/forums/generic-trojan-dwhtmp-temp-folder
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Great response. Thanks!
NOTE: for people trying the steps in this solution, please make sure that in CCleaner's advanced options that you UNCHECK the box "Only delete files in Windows Temp folders older than 48 hours". Otherwise you will keep the last couple of days worth of temp files in that folder.
Sorry, but this didn't work for me. I have been dealing with this problem showing up intermittently for over a year now on several different user's machines. Unfortunately, it is hard to test if any "solution" (none have worked for me still) has worked or not because I have to wait until the next day until the problem pops back up.
Although I did the steps recommended in the solution yesterday, I had CCleaner's default setting to leave the last 48 hours of temp files. So, I'll have to wait until tomorrow to see if it works by changing that setting.
However, I "THINK" the real problem is that the quarantined files are still sitting there and getting rescanned each time. So, in addition to running CCleaner set to delete all temp files I deleted all the files listed in quarantine. SAV > View > Quarantine.
System: Vist SP1, SAV 10.2
Sorry, but this didn't work for me. I have been dealing with this problem showing up intermittently for over a year now on several different user's machines. Unfortunately, it is hard to test if any "solution" (none have worked for me still) has worked or not because I have to wait until the next day until the problem pops back up.
Although I did the steps recommended in the solution yesterday, I had CCleaner's default setting to leave the last 48 hours of temp files. So, I'll have to wait until tomorrow to see if it works by changing that setting.
However, I "THINK" the real problem is that the quarantined files are still sitting there and getting rescanned each time. So, in addition to running CCleaner set to delete all temp files I deleted all the files listed in quarantine. SAV > View > Quarantine.
System: Vist SP1, SAV 10.2
I got this taken care of FINALLY!!!
The key here is to delete all the files listed in quarantine. SAV > View > Quarantine
Otherwise, everytime you get new virus definitions, you will continue having this problem. Since by default, SAV rescans your Quarantine folder after receiving new definitions.
The key here is to delete all the files listed in quarantine. SAV > View > Quarantine
Otherwise, everytime you get new virus definitions, you will continue having this problem. Since by default, SAV rescans your Quarantine folder after receiving new definitions.