Endpoint Protection

Hi,

One of our user faces virus in his laptop due to this unable to receive mails to outlook. Is there any symantec tools to remove the virus or risk

The virus is related to "adware"

Can anyone suggest!!!

Regards,

TK

isn't SEP installed on the affected machine?

there is tool called SERT to remove the AV as a standalone

System Requirements documentation for the Symantec Endpoint Recovery Tool (SERT)

http://www.symantec.com/business/support/index?page=content&id=TECH134882

Symantec Endpoint Recovery Tool (SERT) download comes as an ISO (disk image). How do I use this?

http://www.symantec.com/business/support/index?page=content&id=TECH131685

How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitions

http://www.symantec.com/business/support/index?page=content&id=TECH131732

Is SEP detecting that Virus? If not then use the details mentioned by PETE. SERT is one of the best tool to be used in this scenario.

Hi,

You can use Norton power Eraser tool for scan virus

http://security.symantec.com/nbrt/npe.aspx

Is your system infected? Symantec tools to help clear an infection

https://www-secure.symantec.com/connect/forums/how-prevent-users-disabling-exiting-altiris-client-and-altiris-agent

Hi,

We checked the machine through sepm console, Risk has been deleted but user machine is nt getting update with latest definations. Can we repair the sep, Run norton power erarser tool.

Regards,

TK

update te client first. you can use the jdb file.

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

http://symantec.com/docs/TECH104363

you can use NPE or SERT tool.

You can also try the Symantec Power Eraser

About Symantec Power Eraser

How to run Symantec Power Eraser with the SymHelp utility

Hello,

In case, if your system is infected, symantec tools to help clear an infection. Check this Link:

www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Try running the SymHelp Utility which may assist you to understand the basic issues.

https://www-secure.symantec.com/connect/articles/about-new-symhelp-tool-sep-121ru2

Symantec Help (SymHelp) is a utility designed to quickly and efficiently diagnose common issues encountered on multiple Symantec products. SymHelp can identify most of the problems that you might run into when installing the client, and provide instructions on how to solve them. 

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

Symantec Power Eraser using Symantec Help (SymHelp) Tool.

https://www-secure.symantec.com/connect/articles/symantec-power-eraser-using-symantec-help-symhelp-tool

Symantec Endpoint Recovery Tool (SERT)

https://www-secure.symantec.com/connect/articles/symantec-endpoint-recovery-tool-sert

Here's some advice from Security Response on how to make the best use of SEP.  Auto-Protect with traditional AV derfinitions alone is not enough for a complete defence against today's sophisticated threats: using IPS, Insight etc is crucial.  And, of course, educated users following best security practice... that';s the best protection.

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Secondly, I would also advise you to create a case with Symantec Technical Support - 

How to create a new case in MySupport

http://www.symantec.com/docs/TECH58873

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:

• United States: https://support.broadcom.com (407-357-7600 from outside the United States)
• Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
• United Kingdom: +44 (0) 870 606 6000

Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp

Hope this helps!

Hello,

You can run the NPE tool to clean the virus. To run this tool Internet Access is require.

It definately clean the virus from Laptop, if in case you find any of other suspicious file that not removed then submit the file to symantec security.

https://submit.symantec.com/websubmit/retail.cgi

https://www.virustotal.com/en/(Submit the file to analyzes suspicious files)

For defintion update first you can clean the available defintion, may be it corrupted

How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually
http://www.symantec.com/docs/HOWTO59193

How to determine if virus definitions of Symantec Endpoint Protection client (SEP) 11 or 12 Small Business Edition, are corrupted
http://www.symantec.com/docs/TECH97677

Hi,

First disable system restore in windows.

Next, boot into safe mode and running a Disk Cleanup (right-click the C drive, Properties, Disk Cleanup) - that will delete all the files that are in these temporary locations, and perform a full system scan in safemode.

Hi, 

Is that system is SEP client installed and updated properly.

if yes please perform a full scan and check out the results or else you can down load the Power eraser and do a offline scan.

Regards

Ajin

Hello,

Here is an excellent 12.1 report that can use to spot suspicious files in your environment:

Using SEPM Alerts and Reports to Combat a Malware Outbreak

https://www-secure.symantec.com/connect/articles/using-sepm-alerts-and-reports-combat-malware-outbreak

Hope that helps!!