Win 7 Security 2011
Created: 31 Mar 2011 | 9 comments
Is anyone else seeing alot of the Win 7 Security malware hitting machines? My helpdesk is reporting an that they have been getting alot of calls on this. Symantec any idea on how to prevent it?
Discussion Filed Under:
Comments
May be a new variant. Do you
May be a new variant. Do you have a sample that you can submit to Security Response?
http://www.symantec.com/business/security_response...
New signatures can then be created in an upcoming definition release.
no they have just been fixing
no they have just been fixing it manually. i have ask them to let me know when a new one comes in so I can get on the machine and call it in. Is there a removal tool for this out yet?
There is no tool specifically
There is no tool specifically for this threat. Try the Power Eraser utility, it is included in the SEP support tool.
http://www.symantec.com/business/support/index?pag...
Make sure the SEP
Make sure the SEP definitions are latest. Try increasing the sensitivity of the Truscan Proactive threat protection.
Also, run SEP support tool-loadpoint on the infected computer, and try to upload the logs here...
-VKalani
Hi, It is recommended to
Hi,
It is recommended to install all the Symantec features AV / PTP/ NTP with latest definitions.Always make sure that your computers are receiving definitions regularly.
You can upgrade your product to latest built i.e RU6 MP3
You windows machines should have all the latest windows updates /Patches.
Apply application and device control policies, block USB etc.
Disable Autorun.
Please follow best practice guide to handle virus issue.
http://www.symantec.com/business/support/index?pag...
Thanks and Regards,
Chetan Savade
Technical Support Analyst,
End Point Security, Enterprise Technical Support
Try these.
Hello,
You need to work on this immediately. Please check the Article and Submit the Suspicious files to the Symantec Security Response.
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | SCTS | ITIL v3
Follow me on Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helped yo
As a side task, users should
As a side task, users should be educated on the dangers of FakeAV and what to look for and not do.
Endpoint Knowledge Base
Security Best Practices
As Brian stated, education of
As Brian stated, education of the threat landscape is a must.
See the Security Best Practices - https://www-secure.symantec.com/connect/forums/whe...
this is Nth time we see similar...
This is maybe 1000th times we see this, making long story short this threat is an advanced fast updating threat distributed using different attack vectors. Symantec is not good at detecting it first hand but with help of limited user access + updated flash + updated java (if existed on client) + update adobe reader and utilizing SEP hardening application & device control policy you may reach a pretty safe ground.
Would you like to reply?
Login or Register to post your comment.