Endpoint Protection

 View Only

  • 1.  how fix Pendrive shortcut the Folder Virus in sepm 11

    Posted Oct 25, 2013 07:16 AM

    Some  users in our network have recently been affected  by the USB Flash Drive shortcut virus . creates shortcut of folders and hides the folders.

    which virus affect and hwo to fix through sepm 11 ..........please as soon as possible.

     



  • 2.  RE: how fix Pendrive shortcut the Folder Virus in sepm 11

    Posted Oct 25, 2013 07:42 AM

    Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

    Check also this thread

    https://www-secure.symantec.com/connect/forums/short-cut-virus

     

    ###

    Try to install Microsoft patch

    Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution
    Vulnerability
    Microsoft Security Bulletin MS10-046/ (KB2286198)
    http://www.microsoft.com/en-in/download/details.as...

    Microsoft Windows Server Service RPC Handling Remote Code Execution
    Vulnerability
    Nortel Response to Microsoft Security Bulletin MS08-067/ (KB958644)
    http://www.microsoft.com/en-in/download/details.as...

     

     



  • 3.  RE: how fix Pendrive shortcut the Folder Virus in sepm 11

    Posted Oct 25, 2013 08:06 AM

    Submit the sample to symantec:

    http://www.symantec.com/security_response/submitsamples.jsp

    Also, disable autorun for all your PCs.

    Kickoff full scans on them as well.



  • 4.  RE: how fix Pendrive shortcut the Folder Virus in sepm 11

    Trusted Advisor
    Posted Oct 25, 2013 08:17 AM

    Hello,

    Have you created a Case with Symantec Technical Support?? It is adviced to create a case.

    I would advise you to upload this suspicious file to the Symantec Security Response Team on - 

    https://submit.symantec.com/essential

    OR

    http://www.threatexpert.com

    Secondly in your case, it is advisable to follow few important steps:

    1) Make sure all these machines are Patched with ALL Latest MS security patches and service packs.

    2) Make sure the machines are installed with the Latest Symantec virus definitions.

    3) Disable the Autorun Feature on the machine.

    Preventing a virus from using the AutoRun feature to spread itself

    http://www.symantec.com/business/support/index?page=content&id=TECH104447

    Later, incase of suspicious activity still happening, then follow the steps provided in the Article below:

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    Here's some advice from Security Response on how to make the best use of SEP.  Auto-Protect with traditional AV derfinitions alone is not enough for a complete defence against today's sophisticated threats: using IPS, Insight etc is crucial.  And, of course, educated users following best security practice... that';s the best protection.

    http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

    Hope that helps!!