Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Sep client

Created: 25 May 2013 | 11 comments

Hi,

 

One of our user faces virus in his laptop due to this unable to receive mails to outlook. Is there any symantec tools to remove the virus or risk

The virus is related to "adware"

 

Can anyone suggest!!!

Regards,

TK

Operating Systems:

Comments 11 CommentsJump to latest comment

pete_4u2002's picture

isn't SEP installed on the affected machine?

there is tool called SERT to remove the AV as a standalone

System Requirements documentation for the Symantec Endpoint Recovery Tool (SERT)

http://www.symantec.com/business/support/index?page=content&id=TECH134882

Symantec Endpoint Recovery Tool (SERT) download comes as an ISO (disk image). How do I use this?

http://www.symantec.com/business/support/index?page=content&id=TECH131685

How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitions

http://www.symantec.com/business/support/index?page=content&id=TECH131732

Ajit Jha's picture

Is SEP detecting that Virus? If not then use the details mentioned by PETE. SERT is one of the best tool to be used in this scenario.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

TK_TKS's picture

Hi,

We checked the machine through sepm console, Risk has been deleted but user machine is nt getting update with latest definations. Can we repair the sep, Run norton power erarser tool.

 

Regards,

TK

pete_4u2002's picture

update te client first. you can use the jdb file.

How to manually update definitions for a managed Symantec Endpoint Protection Client using the .jdb file

http://symantec.com/docs/TECH104363

you can use NPE or SERT tool.

.Brian's picture

You can also try the Symantec Power Eraser

About Symantec Power Eraser

Article:TECH134803  |  Created: 2010-01-09  |  Updated: 2013-05-07  |  Article URL http://www.symantec.com/docs/TECH134803

How to run Symantec Power Eraser with the SymHelp utility

Article:TECH203683  |  Created: 2013-03-08  |  Updated: 2013-05-23  |  Article URL http://www.symantec.com/docs/TECH203683

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

In case, if your system is infected, symantec tools to help clear an infection. Check this Link:

www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Try running the SymHelp Utility which may assist you to understand the basic issues.

https://www-secure.symantec.com/connect/articles/about-new-symhelp-tool-sep-121ru2

Symantec Help (SymHelp) is a utility designed to quickly and efficiently diagnose common issues encountered on multiple Symantec products. SymHelp can identify most of the problems that you might run into when installing the client, and provide instructions on how to solve them. 

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

Symantec Power Eraser using Symantec Help (SymHelp) Tool.

https://www-secure.symantec.com/connect/articles/symantec-power-eraser-using-symantec-help-symhelp-tool

Symantec Endpoint Recovery Tool (SERT)

https://www-secure.symantec.com/connect/articles/symantec-endpoint-recovery-tool-sert

Here's some advice from Security Response on how to make the best use of SEP.  Auto-Protect with traditional AV derfinitions alone is not enough for a complete defence against today's sophisticated threats: using IPS, Insight etc is crucial.  And, of course, educated users following best security practice... that';s the best protection.

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Secondly, I would also advise you to create a case with Symantec Technical Support - 

How to create a new case in MySupport

http://www.symantec.com/docs/TECH58873

Phone numbers to contact Tech Support:-

Regional Support Telephone Numbers:

  • United States: 800-342-0652 (407-357-7600 from outside the United States)
  • Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
  • United Kingdom: +44 (0) 870 606 6000

Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp

Hope this helps!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

technical_specialist's picture

Hello,

You can run the NPE tool to clean the virus. To run this tool Internet Access is require.

It definately clean the virus from Laptop, if in case you find any of other suspicious file that not removed then submit the file to symantec security.

https://submit.symantec.com/websubmit/retail.cgi

https://www.virustotal.com/en/(Submit the file to analyzes suspicious files)

For defintion update first you can clean the available defintion, may be it corrupted

How to clear out definitions for a Symantec Endpoint Protection 12.1 client manually
http://www.symantec.com/docs/HOWTO59193

How to determine if virus definitions of Symantec Endpoint Protection client (SEP) 11 or 12 Small Business Edition, are corrupted
http://www.symantec.com/docs/TECH97677

KNP's picture

Hi,

First disable system restore in windows.

Next, boot into safe mode and running a Disk Cleanup (right-click the C drive, Properties, Disk Cleanup) - that will delete all the files that are in these temporary locations, and perform a full system scan in safemode.

AjinBabu's picture

 

Hi, 

Is that system is SEP client installed and updated properly.

if yes please perform a full scan and check out the results or else you can down load the Power eraser and do a offline scan.

Regards

Ajin

Mithun Sanghavi's picture

Hello,

Here is an excellent 12.1 report that can use to spot suspicious files in your environment:

Using SEPM Alerts and Reports to Combat a Malware Outbreak

https://www-secure.symantec.com/connect/articles/using-sepm-alerts-and-reports-combat-malware-outbreak

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.