Endpoint Protection

Hi ,

We have couple of computer infected with Security tool malware. I am able to delete some of the suspected files and after that if work's fine, but when I restart the computer Security Tool window opens and starts scanning.

SEP and NSS tools not able to detect this Malware. Help me to remove Security Tool Malware.

Regards,
Rajesh.

Hi Rajesh,

Have you submitted those suspicious files to Symantec Security Response?  Security Response will analyze them and add protection against this malicious tool if they do not already have signatures against that threat.

If you have SEP and wish to prevent the spread of the malware until signatures are ready, I recommend the following: How to use Application and Device Control to limit the spread of a threat.  You just need ot know the MD5 (unique identifier) of the files you wish to block.

Thanks and best regards,

Mick

Rajesh ..Are you awre of ESUG Load ppont ??

If yes , you can run it on the computer , and look into the logs and submitt the files.

If you want anyhelp in that that let me know

Does Symantec have definitions for this threat?

You might try another tool for malware removal.<o p=""></o>

 

Download, install and update the free version of Malwarebytes <o p=""></o>

Once installed, unplug from the internet, restart your computer in SAFE MODE and run a complete Malwarebytes scan..<o p=""></o>You should make sure System restore is turned off. Many infections can become saved in your previous system restore points <o p=""></o>

Restart your computer in Normal Mode and check how things are working.<o p=""></o> Once your computer is clean, you can then enable System Restore.

<o p=""></o>

<o p=""></o>

<o p=""></o>