Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

email redirecting threat

Created: 05 May 2013 | 2 comments

My end user click on an email with subject: http://completedomination.net/forums/includes/jdfx.... He get routed to this web page, which did not successfully loaded. He follow up with a full scan and deleted a tracking cookie. May I check if there is further security concern or threat associated?

Operating Systems:

Comments 2 CommentsJump to latest comment

W007's picture

Was the Symantec Installed on these machines, which are infected?

If yes, what Threat is being detected by Symantec?

If not, there are useful some tools that are provided by Symantec for help with finding those hard to detect threats.

1.       The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

2. The SERT (Symantec Endpoint Recovery Tool)is useful in situations where computers are too heavily infected for the Symantec Endpoint Protection client installed upon them to clean effectively.

3. The Load point Analysis Tool generates a detailed report of the programs loaded on your system. It is helpful in listing common loadpoints where threats can live.

Rapid Release Virus Definitions –

http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr

Power Eraser tool –

http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default

How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitionshttp://www.symantec.com/business/support/index?page=content&id=TECH131732&locale=en_US

Support Tool with Power Eraser Tool included –

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

If you are unable to remove the threat(s) from your systems, please submit the suspected files to Symantec or ThreatExpert for analysis. New signatures will be created and included in future definition sets for detection.

http://www.symantec.com/business/security_response/submitsamples.jsp

http://www.threatexpert.com/submit.aspx

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

.Brian's picture

You can update your file definitions and run a full scan once more to verify.

After looking at the link to the site you posted, it comes up with a 401 error. There doesn't appear to have anything malicious on there now so I don't think you have much to worry about.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.