Endpoint Protection

 View Only

  • 1.  UPS Attachment Virus Fix Anyone

    Posted Jun 20, 2011 08:41 PM

    I have searched the main Symantec support site for a fix for the UPS Attachment Virus to not avail.  I find Symantec Antivirus Corporate Edition to be next to worthless, as it regularly does not detect incoming email viruses and it does not fix viruses that make their way into the system.  I then go to the Symantec site and find no help there.  Par for the Symantec course.  Okay, I have blown off steam.  Does anyone have a fix or steps to a fix for the virus that is introduced by the UPS "Delivery Failure" email notice attachment?  One of our users fell for it.  Thanks for any help.



  • 2.  RE: UPS Attachment Virus Fix Anyone

    Posted Jun 20, 2011 09:15 PM

    You can do :

    0/ Ensure that your AV defs are always [not regularly] updated.

    1/ Submit the samples to our threat analyst via http://www.symantec.com/business/security_response/submitsamples.jsp or open a case with Symantec support and let our guys help you.

    2/ Forward the offending email to our Brightmail team
    [should you have Brightmail anti spam in your network :http://www.symantec.com/business/support/index?page=content&id=TECH83081 ]

    3/ Migrate to our SEP 12.1 product when you have a chance as it leverage reputation based technology to prevent the not knowing users from opening something not proven to be safe.

     



  • 3.  RE: UPS Attachment Virus Fix Anyone

    Posted Jun 21, 2011 10:30 AM

    There is a good chance you have a variant of Trojan.Bredolab.

    http://www.symantec.com/security_response/writeup.jsp?docid=2009-052907-2436-99

    As BNH stated, submit the files to Symantec, so that new definitions can be written.

    You never stated what version of SAV you are running. If it is SAV 9 or earlier, then you are not getting new definitions to stay protected.

    Symantec Antivirus 8.0 reached its End of Support Life as of November 30, 2005 and Symantec Antivirus 8.1 reached its End of Support Life as of January 31, 2007, as defined in the Symantec Enterprise Technical Support Policy. Therefore virus definition updates are no longer supported for this product.

    Symantec Antivirus 9.x will reach its End of Standard Support as of March 31, 2009. Virus definition updates for version 9.x will be discontinued on April 1, 2009. Please contact your account manager or reseller for information about our current shipping versions.