Endpoint Protection

I get those every few minutes all day long. They stop only if I disconnect my internet. I've attached a few screenshots.

Please help!

Attachment(s)

symantec1.doc   137 KB 1 version

symantec2.doc   137 KB 1 version

symantec3.doc   138 KB 1 version

First thing I would do is make sure your defs are fully updated and run a full scan in safemode.

How long has this been going on?

Has anything changed on the machine that you know of?

Are you running any P2P software?

What version of SEP are you on?

I did run a full scan and nothing came up. It started around 10 a.m. And I'm using v.11. 

Except for the message, nothing else seems different.

What version of 11? The latest is RU6 MP2 (11.0.6200.754)

It's also possible you have a new variant of malware on the machine that SEP is not catching. You can try a second opinion malware scanner such as Hitman Pro or Malwarebytes and run a full scan. I would try Hitman Pro as it is much faster at running a full scan (2-3 minutes)

Hello,

Brian is right. Please update your Sep client version. Always use latest version. And please create a weeky scans.

Best Regards.

Fatih

11.0.5002.333

I'll try Hitman Pro as you say and see what's gonna happen. Thanks :)

Download and run the Power Eraser and Load Point Analysis Tool (included with the SEP Support Tool).

The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.

The Load point Analysis Tool generates a detailed report of the programs loaded on your system, and is helpful in listing common loadpoints where threats can live.

http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US

How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402

My other questions are where did you receive the software from and who installed it?

What I've seen is when SEP is handed out for home/personal use, the install is done and the settings are never adjusted. Default SEP install settings do not cut it and they will need to be tweaked to block various threats.

Let's wait and see what Hitman comes back with though before we take a look at your current settings.

What simply could be happening is you are on a website that is compromised and trying to exploit your system to download more malware.

However, if it stops when you disconnect the Internet, then you likely have something on your machine trying to send info out to the IP specified in the message. perhaps some sort of toolbar or adware.

Hi again,

So I ran Hitman Pro and deleted numerous tracking cookies and a trojan horse. And it worked! No more messages popping out! Thank youu!