SEP installed but still getting Antivius XP Pro malware
Updated: 21 May 2010 | 6 comments
This issue has been solved. See solution.
I asked this question before but I don't think I got an answer.
I have the latest SEP installed here with the Antivirus and Antispyware and the Proactive Threat Protection installed. The definitions are up-to date and Auto-Protect is enabled. But it's been happening a little to often lately where clients are getting this "Antivius XP Pro" malware taking over their system. Earlier this year I've had a few similar problems with "Virus Shield" doing this same thing. Why isn't SEP catching this? Is it not designed to catch malware? Am I missing a configuration somewhere? Is there another SEP app I don't have installed?
Please help with some advice. Thanks.
discussion Filed Under:
Comments
hi
did you run a full scan in safe mode?
https://www-secure.symantec.com/connect/forums/antivirus-soft-malware-undetected-sav10-or-sep11-symantec-response
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Hi Rafeeq, I wasn't looking
Hi Rafeeq,
I wasn't looking for a way to remove the infection. For now In the case of the AV malware we just re-image the computer. What I'm looking for is an answer on how this infection made it through SEP and what settings in SEP I could configure to help prevent it from happening in the future.
hi
Went through the thread, seems like the defs are still not able to catch this malware.
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Follow these
Best practices for responding to active threats on a network
Prachand Kumar MCSE-2003 Symantec Technical Specialist (SCTS)
Thanks. I'll look through
Thanks. I'll look through these more thoroughly.
Hello, Symantec requires file
Hello,
Symantec requires file samples to release definitions for the threat on your machine which it failed to identify.
Analyse your computer for recently created files and folders and if you dont recognise them or they seem suspicious, please upload them to the link https://submit.symantec.com/essential.
To search for suspicious files browse to the common load points and unhide the System files from "Folder Options". To know more on how to unhide the hidden files log on to:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/win_fcab_show_file_extensions.mspx?mfr=true
To know the comon loadpoints, refer the document
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2001060517115206?Open&seg=ent
Note: You may need a technical contact ID if you want to submit the suspicious files, which can be obtained from the software vendor or from Symantec technical support. Also go through the information on the bottom of the page before submitting the files.
Hope this helps.
Would you like to reply?
Login or Register to post your comment.