EMEA Endpoint Management and Mobility Group (EMM)

 View Only

  • 1.  EXE generate automatically

    Posted Mar 11, 2013 07:19 AM

    We have symantec endpoint protection 11.In the some system New folder .exe file generated.plz help



  • 2.  RE: EXE generate automatically

    Broadcom Employee
    Posted Mar 11, 2013 07:21 AM

    run symhelp with loadpoint and upload the suspicious file to Security Response.



  • 3.  RE: EXE generate automatically

    Posted Mar 11, 2013 07:22 AM
    Submit the file to security response for analysis


  • 4.  RE: EXE generate automatically

    Posted Mar 11, 2013 02:55 PM

    You can as well open a case with Symantec and provide them with the Symhelp log with the Loadpoint analysis - they will check it against the Symantec Reputation database.



  • 5.  RE: EXE generate automatically

    Posted Mar 25, 2013 02:43 PM

     

    Download following tools to remove new folder.exe virus follow the link below to downlaod the tool

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe ( run tools In safe mode )

    Manually remove it (new folder.exe Fix)

    Delete File named svichossst.exe

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    “@”=[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    “Yahoo Messengger”=

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    “Shell”=”Explorer.exe “



  • 6.  RE: EXE generate automatically

    Posted Mar 25, 2013 04:16 PM

    Why are you recommending combofix and deleting folders/exe's/registry locations that we don't even know if they exist on the users machines?

    Please follow the steps listed 14 days ago by Pete, Brian and Sebastian.



  • 7.  RE: EXE generate automatically

    Posted Mar 26, 2013 01:49 AM

    Hi

    Please submit the file to Symantec Security Response Team for analsying

    Regards

     



  • 8.  RE: EXE generate automatically

    Posted Mar 26, 2013 05:42 AM

    "Thumbs up" to the advice, above.

    I also recommend ensuring that your network is following these Best Practices from Security Response:

    http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

    And that you check your SEPM logs to see if there are any suspicious files that SEP is heuristically detecting.

    Using SEPM Alerts and Reports to Combat a Malware Outbreak

    https://www-secure.symantec.com/connect/articles/using-sepm-alerts-and-reports-combat-malware-outbreak

    Please do keep this thread up-to-date with your progress!

     



  • 9.  RE: EXE generate automatically

    Trusted Advisor
    Posted Mar 26, 2013 11:34 AM

    Hello,

    I completely agree with Cameron and Mick.

    I would suggest you to scan the machine with SymHelp / Support Tool and submit the files to the Symantec Security Response Team:

    Using SymHelp, how do we collect the Load Point Analysis Logs and Submit the same to Symantec Technical Support Team.

    Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    Hope that helps!!



  • 10.  RE: EXE generate automatically

    Posted Mar 28, 2013 01:33 AM

    HI,

    Scan with SymHelp, and submit the files to Symantec Security Response Team.

    Regards

    Ajin