• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

About every two hours for several days NIS is quaratined same attempts, but more info in history doesnt show source for me to add to block. How can I 1)delete the items from Quarantine? 2)prevent furthr attempts without knowing the source ? Since computers idle during many of these attacks, theres no way to match the origin with any activity or website.
File Attachment: 

Replies

Kudos0

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

Im running 22.5.5.15. I ran a complete scan 4 hours ago. I followed with a complete run of Power Eraser Still seeing attacks by repeat attacks by SAPE.Heur.be19 about every hour or so, whether computer is idle OR in use. It takes NIS from a couple of minutes to 4 or 5 minutes to quaratine this alert. It says "no additional action is necessary" . this is very concerning. Please offer any suggestions? Ive attached the txt file which shows the frequency is getting worse.

File Attachment: 
Kudos0

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

Firstly, please do NOT try any 'quick fixes' or to solve this yourself.

It sounds like it's time to sign up for assistance from one of the free malware removal sites.  Please pick one and stay with them until your system is clean.

https://community.norton.com/forums/malware-removal-forum-recommendations

A little bit of knowledge is... well a little bit of knowledge.
Kudos1 Stats

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

You might want to look at this thread.  Could be a real issue, however.

https://community.norton.com/en/comment/6821011#comment-6821011

Kudos0

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

THank you John for the suggestion. Interesting, I do also run wireless HP hardware on my home network. The test today will be to observe if this threat continues on my office network and on both computers. If it helps you at all, Ive run L.U., complete scans, and P.E. Norton's FB admins suggest Irun the PE from safemode only. The really GREAT NEWS is that NIS is catching and quarantined each threat. The bad news is, if you peeked at my text file, you'll see each attack is from a different source, none of them able to be Identified by NIS (Origin not available) each has a .dll extension, which is a concern for assuring my machines are clean. Thanks again, It has slowed.
Kudos0

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

Thanks Krusty13. it is interesting to see so many different suggestions from the Norton veterans. As"guru", i trust you have a wealth of knowledge beyond my own. On the FB Norton page,it was recommended I repeat the Norton P.E. in safe mode. I dont see that hurt, so now we'll see. Good news is 1) NIS did catch and quarantine these. 2) it never hurts to grab our attention and run complete scans. If this continues throughout today and at my work network, I will follow your advice for Malware removal. Since no one answered how to delete from Quarantine folder, I presume everyone at Symantec is confident thats not necessary. Thanks
Kudos0

Re: how to delete/prevent highRisk Attacks While computers idle from SAPE.heur.b19?

From what we saw in my thread, HP creates randomly named DLLs in temp, and then deletes them at run end. 

In my case norton  seemed to indicate it was a problem on their end.  If it were MY computer I would assume this too is a false positive,  Especially since a few of us are getting the same error.  However this is YOUR computer so I do not want to make any judgement calls.

Hopefully HP will offer some response soon.

This thread is closed from further comment. Please visit the forum to start a new thread.