I'm an IT guy who supports several Symantec Endpoint Protection customers. Lately (the past 3 months) I've been dealing with infections which are fake antivirus, antispyware, or hard drive utilities. When we scan with SEP, no detections are found. But, I can tell you, they're infected! They get pop-up screens continually telling the user that their system is infected and they need to purchase the advertised software.
These infections basically make the system unusable. I've run web searches to get info about them and how to get rid of them. Most of the time, it seems that a free AV software is the one that does the trick. (Malwarebytes Anti-Malware, most often).
Why are we having the customers spend so much on SEP, when a free-ware program seems to do a better job at protecting the stations?
And, when I just searched Symantec's threat database, I don't find anything about these infections. Are you ignoring them purposely, or what?
I haven't found any other way to contact Symantec's support re: these things, so that's why I'm doing it here.
Let me know what Symantec's doing about these types of infections, as they seem to be more and more prevalent.
Todd
F1 - Albuquerque, NM USA