Virus not being caught that hides files and creates shortcuts
Created: 08 Apr 2011 | 5 comments
i am using symantec endpoint protection ver 11.0.5002.333 , and has the current updates, l have several users infected by a virus which creates various names like riepoi.exe / dieroni.exe .This virus hides folders and creates a shortcuts on shared drives or flash sticks. tried scaning the virus but its never caught.had to temporarily use avast to remove some of these virues and avast detected it as a win32:autorun-bpr(wrm).. please help. the virus is usually caught in c:\users\name\riepoix.exe. are there any tools from symantec to remove this or explanation as to why there are no current definitions to remove this..
please help....
Discussion Filed Under:
Comments 5 Comments • Jump to latest comment
submit the files to Symantec team.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
I would suggest to download Rapid Release definitions and scan the PC before submitting the file to Security Response:
http://www.symantec.com/business/security_response...
What updates (service packs and hotfixes) are released for Backup Exec 2012 version?
This is the document explaining how to submit the file:
How to submit a file to the Security Response website
http://www.symantec.com/business/support/index?page=content&id=TECH134967
What updates (service packs and hotfixes) are released for Backup Exec 2012 version?
Hello,
Try to scan infected machines with power eraser tool, download SEP support tool to scan with power eraser.
http://www.symantec.com/business/support/index?page=content&id=TECH134803
If it came with clean result use Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
To download SEP support tool follow the link
http://www.symantec.com/business/support/index?page=content&id=TECH134803
It is recommended to install all the Symantec features AV / PTP/ NTP with latest definitions. Always make sure that your computers are receiving definitions regularly.
You should always upgrade your product to latest built.
You windows machines should have all the latest windows updates /Patches.
Disable Auto run so it won't spread .
Please follow best practice guide to handle virus issue.
http://www.symantec.com/business/support/index?pag...
You can also log a case with Symantec through web portal.
http://www.symantec.com/business/support/index?pag...
http://www.symantec.com/business/support/index?pag...
Chetan Savade
Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.&
Hello,
Use the Symantec Support Tool to find and collect the suspicious files and Submit the same to the Security Response Team.
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
Hope this may help you.
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Would you like to reply?
Login or Register to post your comment.