Endpoint Protection

 View Only

  • 1.  virus is infect the system

    Posted Nov 29, 2014 01:46 AM

    Count of virus is huge in one system which has been corrupt the antivirus. How can i remove it?

    Can i reinstall the system or anyother way to fix it?



  • 2.  RE: virus is infect the system

    Posted Nov 29, 2014 01:53 AM
    Run the Norton power erasereraser tool


  • 3.  RE: virus is infect the system
    Best Answer

    Posted Nov 29, 2014 01:57 AM

    You can apply the symhelp tool to remove the virus.

    How to run the Threat Analysis Scan in Symantec Help (SymHelp)

    Article:TECH215519  |  Created: 2014-03-03  |  Updated: 2014-07-10  |  Article URL http://www.symantec.com/docs/TECH215519

    Other one is SERT tool

    http://www.symantec.com/connect/articles/symantec-endpoint-recovery-tool-sert

    You can scan the system with anyone symantec tool to clean the virus. After the completion, install the av again.



  • 4.  RE: virus is infect the system

    Posted Nov 29, 2014 08:06 AM

    Try thes options:

    Please run a full scan with SEP and also run a threat analysis scan using the symhelp tool.

    How to run the Threat Analysis Scan in Symantec Help (SymHelp)

    If neither of these work then run the norton power eraser found here:

    https://security.symantec.com/nbrt/npe.aspx?



  • 5.  RE: virus is infect the system

    Posted Nov 29, 2014 08:17 AM
    Since virus corrupted the AV We would recommend to run SymHelp with Scan rootkits checked http://www.symantec.com/business/support/index?page=content&id=TECH215519 Next Run Norton Power Eraser https://security.symantec.com/nbrt/npe.aspx? Then Install our AV back on your machine and run a full scan with Upto date definitons If you still have the problem please create a case with support team


  • 6.  RE: virus is infect the system
    Best Answer

    Posted Dec 01, 2014 12:04 PM

    Hi Jdsouza,

    Count of virus is huge in one system which has been corrupt the antivirus. How can i remove it?

    Do you mean that the OS has been corrupted or the AV has been corrupted/damaged?

    Is the threat still present on the computer?

    If SEP is not functioning, then try the Power Eraser, as recommended above, or the SERT LiveCD tool.

    For badly compromised computers, sometimes reformatting and rebuilding them offline is the best way to ensure that all traces of the threat have been eliminated.  Only add them back to the network when they are reinstalled, patched, etc.

    The Day After: Necessary Steps after a Virus Outbreak
    https://www-secure.symantec.com/connect/articles/day-after-necessary-steps-after-virus-outbreak

     

    Hope this helps!  Please do update this thread with your progress.

    With thanks and best regards,

    Mick