Endpoint Protection

 View Only
  • 1.  acad.lsp and acaddoc.lsp virus and infected files

    Posted Sep 22, 2014 07:30 AM

    We are using SEPM 12.1

    Our company's operations include AutoCAD to a major extent. We are facing performance issues with some of our users and observed that the same is possibly due to virus infected acad.lsp and acaddoc.lsp files.

    What are the best practices to takecare of this type of virus?

    How can we efficiently include certain type of files as infected with SEPM? Is this recommended as AutoCAD uses acad.lsp and acaddoc.lsp files..

     

     

     



  • 2.  RE: acad.lsp and acaddoc.lsp virus and infected files

    Posted Sep 22, 2014 07:33 AM

    What is SEP detecting as? Is it cleaning them?

    Best Practices for Troubleshooting Viruses on a Network

    http://www.symantec.com/docs/TECH122466

    Eliminating viruses and security risks

    http://www.symantec.com/docs/HOWTO27280

    Security Response recommendations for Symantec Endpoint Protection 12.1 settings

    http://www.symantec.com/docs/TECH173752

     



  • 3.  RE: acad.lsp and acaddoc.lsp virus and infected files

    Posted Sep 22, 2014 08:00 AM

    SEP detects at times but not all.

    This is a specific virus affecting AutoCAD operations through modifying files that are commonly utilized. Are there any specific recommendations for AutoCAD lsp virus (acad.lsp & acaddoc.lsp)?  



  • 4.  RE: acad.lsp and acaddoc.lsp virus and infected files

    Posted Sep 22, 2014 08:05 AM

    Symantec has a writeup on it:

    http://www.symantec.com/security_response/writeup.jsp?docid=2003-120513-5257-99

    Do these files need to be written to? If not, you can create an application and deivce control policy so they're read-only.