Endpoint Protection

Sorry hit the wrong button with out any comments.

Does anyone a have a process or any advice for removing this problem at all

SecurityRisk.ProxyDNS

Regards

PaulC

is the machine installde with SEP? Has it got detected?

SecurityRisk.ProxyDns - Removal

https://www.symantec.com/security_response/writeup.jsp?docid=2008-011723-0842-99&tabid=3

We are using 12.1.6 and SecurityRisk.ProxyDNS is noly showing two machines. Is there a manual step by step process I can run through to make sure it is removed from  these machines.

Thanks

PaulC

Run the SEP full scan in safe mode to remove it if it is not getting deleted in normal mode 

did you say Symantec SEP is not detecting? if not submit the suspicious file to portal https://submit.symantec.com/websubmit/essential.cgi or the entitlement you have

if it's detecting, check the action taken by SEP and post the picture of detection. You need not to do manual unless SEP is detecting and taking action.

RUn a full scan on these two systems. Do not set any unknown files /folders to be excluded from scanning.

If a SEP full scan is not detecting it than try running Norton Power Eraser. Outside of that, you'll need to look to another tool to do it.

Symantec does have removal steps here:

https://www.symantec.com/security_response/writeup.jsp?docid=2008-011723-0842-99&tabid=3