Endpoint Protection

Hi,

We have a customer encountered Wujiplayer.exe virus application being installed on their server.




How can we remediate this? 

Hello.

IF sepm not detect you can submit submission file in symantec responce team.

Could you zip each of the folders and submit the zip files (without password) to the Symantec Security Response Team on : 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

is the SEP autoprotect working?

is the SEP definition upto date?

have you excluded any specific files?

can you upload the file to Symantec security response.

https://submit.symantec.com/websubmit/essential.cgi

Hi,

Go through the following steps

1) Install all the SEP features i.e. AV/AS, PTP & NTP.

1) System should be updated with Service packs and windows patches.

2) Make sure the machines are installed with the latest third party applications.

3) Disable the Autorun Feature if not using SEP 12.1.

4) Scan the full system in safe mode.

5) Use Symantec power eraser to scan the system.

http://www.symantec.com/theme.jsp?themeid=spe-user...

Best practices for responding to active threats on a network

http://www.symantec.com/docs/TECH122466 

If these steps couldn't help then I would also suggest to submit suspicious files to the Symnatec.

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/docs/TECH102419