This virus has recked havoc on my network machines infecting all MS office 2007,2010,2013 documents(excel, word,powerpoint ,onenote) rendering them unreadable.

Please assist me with solutions. I desperately need to recover my documents.

Hello,

What sep version are you using ?

You can download sep tool

http://www.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

hello,

If above issue not resolved you can collect suspicious file and submit symantec support team

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

You can create case also

How to create a new case in MySymantec

http://www.symantec.com/business/support/index?page=content&id=TECH58873

How to update a support case and upload diagnostic files with MySupport

http://www.symantec.com/docs/TECH71023

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:

• United States: https://support.broadcom.com (407-357-7600 from outside the United States)
• Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
• United Kingdom: +44 (0) 870 606 6000

Additional contact numbers: http://www.symantec.com/business/support/contact_t...

Kindly follow the below steps :

1) Remove these sysrems from network

2) On one system, run SepSupprt tool & collect the suspected file with the help of Loadpoliint option.

3) Submit these files on symantec portal, also confirm on Virus total site.

Hello onismo,

Just checking to see if you were able to overcome this threat, and what steps helped you accomplish that.  Your experiences may be of benefit to other admins in the same situation.

Many thanks in advance!

Mick

Hi Onsimo,

I have same infection on my network but SEP is detecing it as w32.silly, w32.downadup 

I have run all the above recommemded, symantec scan says it detected it and deleted it, but the same threat jumps up the same next day.

Please letting us know by what you did to fix the issue.

Did you disable autorun?

Where is it being detected? USB drive?

Hi Brian,

Yes, autorun.inf is blocked through symantec, Yes on the USB drive.

Symantec detects excels sheets and words iles as infection, sometimes it detected a threat on the physical machine.

Have you considered using ADC to block file from executing from a USB?

Hi Brian,

You mean this article right

http://www.symantec.com/docs/TECH131741

Yes i have implemented it but it's the documents that are getting detected as threat