Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with 11.x
Showing posts in English
Nel Ramos | 07 May 2009 | 25 comments

Hi Team,

Although we are fortunate to have generous gurus in the field of Symantec AV, still many of us here in this forum needs additional support to master our trade, IT Security.
We need additional information and data that would satisfy our constant thirst for knowledge.
I felt that a blog where we could put all Symantec videos, wether trainings or interviews from the masters could help us to accomplish this feat.

Let's use this blog to help others gain more thru learning.
Being a new member in this forum, This helped me to gain a third of what I know about Symantec through the generous thoughs of our fellow members and advisers.
I also notice that many members in Symantec Connect requests for learning videos.
Why not have a blog that links to them.
Let me start by including this link in the blog.


mon_raralio | 06 May 2009 | 13 comments

Monitoring for virus coming from the Internet would really help in preventing infections, at least on the entry-point where a client accesses a malicious website.
My first step would be to get the reports from the SAV or SEP reporter. The file would contain information on the infection particularly the path where the infection was detected.
Internet files would be stored in C:\Documents and Settings\username\Local Settings\Temporary Internet Files

Take note of the computer name, the username, and the time of infection.

I'm using Internet Explorer History Viewer and checking the remote PCs visited sites (assuming that the user hasn't yet deleted the history) and cross checking the sites visited at the time of infection.
The application shows the history in html table format so it's easy to see the sites visited.

I also use Norton Safe Web to get additional details on the website that was visited....

skjordansk | 30 Apr 2009 | 8 comments

I would believe that the first step to resolving a LiveUpdate issue is to upgrade it to the latest version using this link:

I would like to know people's thoughts on this. The idea is to not spend 15 minutes troubleshooting the issue, since the update may resolve it to being with. Besides, having the latest version of LiveUpdate will prevent any future errors from occuring.

riva11 | 30 Apr 2009 | 9 comments

I'd like to share an interesting application that allows to uninstall dozens of different antivirus programs from a computer system.
It can help for example in case you have to remove an antivirus applications in case of errors during removal or when you need to replace a security application with another .

The AppRemover program is a portable software , free for your personal, non-commercial, use.

Supported Operating Systems :
Windows 2000, 2003, XP (32 / 64 bit), Vista (32 / 64 bit), 2008, Windows 7 beta

Antivirus & Antispyware Applications removed : Support Charts 

Link : AppRemover

rheadley | 28 Apr 2009 | 1 comment

This zip file contains sample reports provided by Jeff Van Gundy on February 26th at the San Diego User's Group meeting. I have also included a message from Jeff on how to instruct customers to deal with the issue with MR4 MP1.

San Diego Altiris User Group.

Thank you for your time yesterday. I was glad to share the capabilities of Symantec Endpoint Protection with you. As I mentioned before, you can always expect to get straight information from me. I and Symantec value you as customers. We understand that you have invested time and money in our solution. Therefore, it is imperative that we make sure we are direct and honest with you in regards to our security portfolio and how it can impact you. It's easy to stand up and tell you how great we are. It's not so easy when we have an issue. But if I and Symantec are to have integrity, then we need to give you all information both good and bad.

Yesterday I told you that we have an issue with Symantec Endpoint...

Nel Ramos | 26 Apr 2009 | 7 comments

Let’s face it team, all of us know that we shall be facing with a virus infection/ outbreak in the near future. Preparation is the key to be resilient on pending virus attacks. In order for us to be prepared, we need to be informed with accurate, intelligent and factual data coming from a reliable source. With these things put together, the chances for us to be pillaged by unknown destructive elements would be minimal.

One good example was when we got information that had word on a possible outbreak of the computer worm CONFLICKER.C a.k.a. W32.Downadup.C on April fool’s Day. Since the site was legitimate, we then geared on how we could deflect a possible breach. We also verified this with other reliable sources with the same positive information. Good thing, Symantec already had posted multiple articles on this worm. We then started to monitor virus definitions updates in all our branches and initiated/ follow up the manual...

Ajit Jha | 25 Apr 2009 | 3 comments

Hello Members,,

I have an utility called NetDiag.exe from Microsoft to share with you.This command-line diagnostic tool helps to isolate networking and connectivity problems by performing a series of tests to determine the state of your network client and whether it is functional.

The Utility is available on the following download link of Microsoft.

Hope it will help members to dignose Network Connectivity problems.

Ajit jha

vikram3500 | 23 Apr 2009 | 2 comments

 Very interesting article i read the past hour up

Marshal8e6, a global provider of Secure Web Gateway and email security products, announced today the findings of its extensive botnet research conducted by the company's TRACElabs threat research group. The data, compiled during the first quarter of 2009, represents two years of in-depth research and observation which provides detailed analysis of the inner workings of major botnets that Marshal8e6 has identified as the biggest spammers.

As part of the study's findings, TRACElabs determined that the Rustock and Xarvester malware provided the most efficient spambot code, enabling individual zombie computers to send 600,000 spam messages each over a 24 hour period.

More of the Article at

Symantec World | 23 Apr 2009 | 0 comments

Hi All,

You want your network secure so have to folow the following points.

• File system protection
Consider how your network resources should be protected. All file servers should have an antivirus solution that actively scans the file system in real time so that, as files are modified or added, the antivirus application can quarantine or repair the affected files before they spread to client systems or other servers. The server should also be protected at the file system level in other ways. For example, all Windows servers should use NTFS, since FAT offers essentially no security. You should also eliminate unnecessary shares, require share permissions for all shares, and use hidden shares where possible to further protect the server from worms that propagate through unprotected shares.

• Don't open an attached file if you do not know what it is, who sent it to you, or you were not expecting it (even if it is from somebody that you know.)...

SAM_SHAIKH | 23 Apr 2009 | 3 comments


W32.Sality is a parasitic virus which infects shared drives and Windows executable files by putting its code to host files. It contains downloader functionality to further install Trojan or key logger components. Sality opens a backdoor that allow the remote attacker to get the full control over the infected computer and in turn the confidential information, representing a serious security risk.

Microsoft - Virus: Win32/
Kaspersky - Virus.Win32.Sality.aa

W32.Sality has the following symptoms:

• Modifies System.ini files (Check for the modified date)
• Services listening on the network port(s).
• Unexpected network trafic to one or more of the domain(s).
• No access to File Monitor.
• Disables Safe mode boot
• Disables regedit and taskmanager
• Disables Antivirus

Upon execution, it starts...