Endpoint Protection

I have an incredibly frustrating virus right now. I get a popup in the lower right corner of every page I visit no matter what browser I use. It also often redirects me to other websites. I'm using Symantec Endpoint Protection and Super Anti-Spyware plus I've tried a couple of other anti-malware programs, but nothing is even detecting the virus. I've tried running them in safe mode as well, all to no avail. I'm really not sure what else to try at this point.

Was the Symantec Installed on these machines, which are infected?

If yes, what Threat is being detected by Symantec?

If not, there are useful some tools that are provided by Symantec for help with finding those hard to detect threats.

1.       The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

2. The SERT (Symantec Endpoint Recovery Tool)is useful in situations where computers are too heavily infected for the Symantec Endpoint Protection client installed upon them to clean effectively.

3. The Load point Analysis Tool generates a detailed report of the programs loaded on your system. It is helpful in listing common loadpoints where threats can live.

Rapid Release Virus Definitions –

http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr

Power Eraser tool –

http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default

How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitions–http://www.symantec.com/business/support/index?page=content&id=TECH131732&locale=en_US

Support Tool with Power Eraser Tool included –

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

If you are unable to remove the threat(s) from your systems, please submit the suspected files to Symantec or ThreatExpert for analysis. New signatures will be created and included in future definition sets for detection.

http://www.symantec.com/business/security_response/submitsamples.jsp

http://www.threatexpert.com/submit.aspx

You'll need try steps suggested above..

Me personally i would use SEP Support Tool first... then check for file system rating... once you get any suspicious sample... forward it to Symantec...

open a support ticket and ask the tech. guy to reveiew for any suuspicious file for submission.

Hi,

Please don't install two antivirus softwares on the same machine.It may cause multiple problems.

We would required more details about issue.

Single machine is affected or multiple machines are affected? SEP version ? OS details with Service pack?

Use latest windows patches and service pack.

SEP client should have all the latest definitions. Use all the SEP featuers i.e AV/AS, PTP & NTP.

Meanwhile you can run Symantec power eraser tool on affected machines.

This tool in inbuilt in SST tool.

Support Tool with Power Eraser Tool included –

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

If you are unable to remove the threat(s) from your systems, please submit the suspected files to Symantec or ThreatExpert for analysis. New signatures will be created and included in future definition sets for detection.

http://www.symantec.com/business/security_response/submitsamples.jsp

If the above suggestions have not worked, try running TDSSKiller:

http://support.kaspersky.com/faq/?qid=208283363