Security Community Blog

Rishi Bhaskar | 26 May 2009 | 3 comments

The following activities were performed:-
1.I observed that backdoor.trojan was infecting the files win.exe and dod.exe and Symantec was protecting them in this time of protection Symantec gave a popup of autoprotect . Also observed that this virus was causing the volume drives not to be opened by double clicking instead by rightclick >explore.
2.Now I tried to folder options and tried to unhide but folder options was not working so now by command prompt run >c:autorun.inf to check for exe file so it came as e:winfile.jpg
3.Now in run >cmd>I typed attrib -r –s –h autorun.inf to unhide it and attrib -r –s –h winfile.jpg .The file would appear and disappear so to solve this follow steps below.
a)DOWNLOAD LATEST RAPID RELEASE and deploy it on the client pc or if rapid release does not deploy download .xdb file and rename it from .zip to .xdb and paste it at c:documnetsandsettings/all users/ .Then turn off system restore and...

top 10 reason why company should purchase DLP

i2professional@yahoo.com | 08 Jun 2009 | 4 comments

i would like to encourage you all to share your opinions on top 10 reason that you feel justifies the need for DLP

Klif.sys virus

skc skc | 29 Jul 2010 | 3 comments

Hi all,

Need solution badly!!!!!!!!!

When i open my drives semantic anti virus detects and deletes Klif.sys virus and opens in new window. This happens every time when i open drive. Is there any why yo remove virus.

any solution.?

Conficker Revisited

carubin | 05 May 2009 | 6 comments

Today one of our sites overseas was hit by the confickr Trojan. This was unforturante considering that we had been preparing for this for months and felt that we had things under control. The site admins had not followed our advice and were thus treated to a very unpleasant Monday.

Fortunately, we had already put together a doomsday kit which I ftp'ed them as soon as I got to work and got the alert as to their problem.

The kit consisted of 4 parts:

1. The latest Symantec virus definitions in a self extracting, self installing format
2. The executable for MS08-067
3. The Microsoft Malicious Software Removal Tool from February 2009
4. A reg hack to disable the autorun.inf function (a documented Confickr attack vector)

At our shop we burned a bunch of CDs for this just in case we couldn't deliver this with NS or DS. Thank goodness we haven't had to use it.

Please consider using the "Marked As Solution" and "Voting" Options to Help other Community Members...

Hear4U | 04 May 2009 | 9 comments

Hi folks,

As you may have noticed, there are a number of Technical Support Staff members on the forums. As I review various threads, I'm seeing many with terrific answers by community members, trusted advisors, and the technical support staff that are monitoring these boards.

If your question is answered, please remember to click on the "mark as solution" under the reply that solves your issue. If you review a reply that has merit, and helps to solve the original question, please use the voting feature - this will help other community members see a particular thread has received votes - which often helps users.. The filtering on "solved" threads will also greatly increase the usefulness of this feature within the forums.

All in all, this functionality will help make the community a more "solutions" oriented site and bring the best content "up to the top."

Thank you,

Eric

How you can Protect your Network

Symantec World | 23 Apr 2009 | 0 comments

Hi All,

You want your network secure so have to folow the following points.

• File system protection
Consider how your network resources should be protected. All file servers should have an antivirus solution that actively scans the file system in real time so that, as files are modified or added, the antivirus application can quarantine or repair the affected files before they spread to client systems or other servers. The server should also be protected at the file system level in other ways. For example, all Windows servers should use NTFS, since FAT offers essentially no security. You should also eliminate unnecessary shares, require share permissions for all shares, and use hidden shares where possible to further protect the server from worms that propagate through unprotected shares.

• Don't open an attached file if you do not know what it is, who sent it to you, or you were not expecting it (even if it is from somebody that you know.)...

Stealth rootkit infects thousands of websites

erikw | 20 Apr 2009 | 2 comments

Thousands of websites have been rigged to deliver a powerful piece of malicious software that many security products may be unprepared to handle.
An earlier version of Mebroot, which is what Symantec named it, first appeared around December 2007 and used a well-known technique to stay hidden. It infects a computer's Master Boot Record (MBR). It's the first code a computer looks for when booting the operating system after the BIOS runs.
Read more on:

http://www.computerworlduk.com/management/security...

The Difference Between a Virus, Worm and Trojan Horse

anjansarkar83 | 01 May 2009 | 1 comment

The most common blunder people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not the same. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you to better protect your computer from their often damaging effects.

A computer virus attaches itself to a program or file so it can spread from one computer to another, leaving infections as it travels. Much like human viruses, computer viruses can range in severity: Some viruses cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it cannot infect your computer unless you run or open the malicious program. It is important to note...

Ethical Hacking

sebastiaan | 17 Apr 2009 | 15 comments

A few weeks ago, a couple of my co-workers visited a workshop about a new course: ethical hacking. In short, it teaches system administrators how to try and hack your own system, to check it's vulnerabilities and find out whether your security needs working on. The course is also available for pretty much everyone else, but that on a side note.

When i heard about it, the only thing that sprung to my mind was "WTF??". Are we really going to TEACH people to hack, how to do it and what to do with it? Why not just build a program for it then? That would make things a lot easier: Microsoft Hacking 2007 or something, ofcourse licensed, but that would not be a problem, since - well it is a hacking tool, right?

As i remember in the good ol' days, hacking was staring at black screens, learning, adapting to what you found and working with that information. It was almost completely auto-didacted by people that wanted to know. That made hackers good system admins,...

Share Your Migration Story and Win

LeslieMiller | 03 Apr 2009 | 5 comments

Have you migrated from another product to one of Symantec’s security products? We want to hear about it—and we’re sure others in the community would like to hear your story as well. So, we’re holding a contest—one where everyone wins. Just for entering you’ll receive 1,000 Reward points. (That’s twice as much as a normal submission.) And if you have the best story (as determined by a panel of Symantec experts) you will receive the grand prize of 25,000 Connect points. (You could redeem those points for a Hawaiian cruise, or more than $1500 in Amazon gift cards.) Symantec will also award runners up with additional bonus points.

Want to find out more? Check it out here.

Security Community Blog

Links

About Security Community Blog

Filter by:

Blog Tags