11-13-2014 04:27 PM
Dear Sir/Madam,
I'm happy to use this medium as this forum solved my previous issue. Thanks
I need solution to prevent Shortcut virus for my Computer Lab. We're using Symantec SEP Version 12.1.2015. For your information some of the CPUs are not running any rollback system due to research project purpose.
My company did give me a Symantec power eraser to remove this virus, but I believe that Symantec could do something beyond than this. More prevention rather than cure, beside the power eraser is not work for shortcut virus.
For my temporary solution I use a few software to clean out our tam-drive, like Smad AV & 360 Network security. For permanently clear up the short cut I have to use tool like Unlocker to delete file named “WScript.exe” in c:windows/system32.
Please guide me,
Fazdhli,
IT Technician
UNIVERSITY TUNKU ABDUL RAHMAN
11-13-2014 06:52 PM
Hiya,
SEP has its own forum over here - https://www-secure.symantec.com/connect/security/forums/endpoint-protection-antivirus
11-13-2014 07:17 PM
Kindly update the system with latest defintion and patches
Microsoft Windows Shortcut 'LNK/PIF' Files Automatic File Execution
Vulnerability
Microsoft Security Bulletin MS10-046/ (KB2286198)
http://www.securityfocus.com/bid/41732/solution
Microsoft Windows Server Service RPC Handling Remote Code Execution
Vulnerability
Nortel Response to Microsoft Security Bulletin MS08-067/ (KB958644)
http://www.securityfocus.com/bid/31874/solution
Eliminating viruses and security risks
Article:HOWTO27280 | | | Created: 2010-01-08 | | | Updated: 2010-01-15 | | | Article URL http://www.symantec.com/docs/HOWTO27280 |
See some of thread
https://www-secure.symantec.com/connect/forums/pen-drive-becoming-shortcut
https://www-secure.symantec.com/connect/forums/short-cut-virus
11-13-2014 10:49 PM
I would suggest you that you can run the symhelp utility on the system where you have seen the issue.
Symhelp is one of the troubleshoot software which work with all in one facility.
It can be verify the system for the corruption of symantec and provide the troubleshoot as well as it can scan the system for the virus and clean it.
If in case it can't be clean it as the virus come new in network then it can collect the information from system and then after that you can submit that report to symantec. They can analysis and provide the rapid release defintion against that virus.
For my suggestion you can run it on that sytem
Article:TECH215519 | | | Created: 2014-03-03 | | | Updated: 2014-07-10 | | | Article URL http://www.symantec.com/docs/TECH215519 |