1. Bump up your AV settings to the recommended levels.
Security Response recommends the following Scan Settings
Antivirus Security Setting |
Default Setting |
High Security Policy |
Security Response Recommendation |
Lock settings |
Some |
Some |
All |
Remediation: terminate processes |
No |
No |
Yes |
Remediation: terminate services |
No |
No |
Yes |
Auto-Protect action taken for security risks |
Quarantine/Log |
Quarantine/Log |
Quarantine/Delete |
Network Auto-Protect |
Disabled |
Enabled |
Enabled |
Bloodhound Level |
Default (2) |
Default (2) |
Default (3) |
SEP Startup |
System Start |
System Start |
System Start |
Auto-Protect Scan |
Modify and access |
Modify and access |
Modify and access |
Security Response recommends the following setting changes to Truscan for best protection
Truscan |
Default Setting |
Security Response Recommendation |
Scan Sensitivity |
9/Low |
100 |
Action on Detection |
Log |
Terminate |
Scan Frequency |
1:00 |
00:15 |
2. Follow the "Best Practices", and make sure your users are educated on safe web practices to prevent these types of threats from getting in to your environment.
http://www.symantec.com/business/theme.jsp?themeid=stopping_malware&inid=us_sr_carousel_panel7_best_practices
3. Add Safe Web Lite to your clients to help identify malicious sites.
http://safeweb.norton.com/lite
Best,
Thomas