Endpoint Protection Small Business Edition

 View Only
  • 1.  virus issue - chinese language corrupted files and folders in pen drive

    Posted May 07, 2013 05:23 AM
      |   view attached

    Hi Can anyone help me as virus issue - chinese language corrupted files and folders in pen drive. please see attached snapshot and provide me resolution as I cant open or see the file contents.



  • 2.  RE: virus issue - chinese language corrupted files and folders in pen drive

    Posted May 07, 2013 05:32 AM


  • 3.  RE: virus issue - chinese language corrupted files and folders in pen drive

    Posted May 07, 2013 06:09 AM

    You zip them up, 9 per zip file, and submit to security response

    http://www.symantec.com/security_response/submitsamples.jsp



  • 4.  RE: virus issue - chinese language corrupted files and folders in pen drive
    Best Answer

    Trusted Advisor
    Posted May 07, 2013 08:38 AM

    Hello,

    In your case, what I believe is your USB drive is clearly infected.

    Are running the SEP 12.1 client with latest definitions and carry all the latest Microsoft updates and security patches on the machine?

    Run a scan in safe mode with networking to remove the virus.

    Could you zip each of the files and folders, submit the zip files (without password) to the Symantec Security Response Team on : 

    https://submit.symantec.com/websubmit/essential.cgi

    Once submitted, please PM me the Tracking number.

    We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

    What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

    http://www.symantec.com/docs/TECH99222

    In your case, it is also advisable to follow few important steps:

    1) Make sure all these machines are Patched with ALL Latest MS security patches and service packs.

    2) Make sure the machines are installed with the Latest Symantec virus definitions.

    3) Disable the Autorun Feature on the machine via GPO. http://support.microsoft.com/kb/967715

    4) Disable System Restore before you do this as the virus also creates entries in the System Restore Points store volumes.

    Also, check this Article:

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    Hope that helps!!



  • 5.  RE: virus issue - chinese language corrupted files and folders in pen drive

    Broadcom Employee
    Posted May 15, 2013 11:20 AM

    Hi,

    I hope you are using all three SEP features AV/AS, PTP & NTP.

    You might have to submit suspicious files to the Symantec for further analysis if issue remained same.

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files in SEP 12.1  and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/u...

    Symantec Help (SymHelp)

    http://www.symantec.com/docs/TECH170752

    You can scan the machine using Symantec power eraser tool also.

    Use Power Eraser to detect threat and remove them

    http://www.symantec.com/theme.jsp?themeid=spe-user...

    Best Practices for Troubleshooting Viruses on a Network

    http://www.symantec.com/docs/TECH122466

    Follow the best practices:

    1) Install all the SEP features i.e. AV/AS, PTP & NTP.

    1) System should be updated with Service packs and windows patches.

    2) Make sure the machines are installed with the latest third party applications.

    3) Disable the Autorun Feature if not using SEP 12.1.

     

     



  • 6.  RE: virus issue - chinese language corrupted files and folders in pen drive

    Broadcom Employee
    Posted May 15, 2013 11:24 AM

    does accessing files SEP detects? if not submit the files to Security respons.e

    Is the client machine updated latest Av definition.