Where to Buy Trend Micro Products

For Home

For Small Business

1-888-762-8736
(M-F 8:00am-5:00pm CST)

For Enterprise

1-877-218-7353
(M-F 8:00am-5:00pm CST)

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

Login

For Home

For Business

For Partners

Threat Encyclopedia

PE_SALITY

ANALYSIS BY

Dianne Lagrimas


PLATFORM:

Windows 2000, Windows XP, Windows Server 2003

OVERALL RISK RATING:
DAMAGE POTENTIAL:
DISTRIBUTION POTENTIAL:
REPORTED INFECTION:

  • Threat Type:File infector

  • Destructiveness:No

  • Encrypted:

  • In the wild: Yes

OVERVIEW

TECHNICAL DETAILS

SOLUTION

Minimum Scan Engine:

9.200

VSAPI OPR PATTERN File:

9.767.00

VSAPI OPR PATTERN Date:

05 Mar 2013

NOTES:

Trend Micro OfficeScan 10 users are also urged to use the following features to protect from PE_SALITY malware:

Enabling the Self-protection Feature

  1. Open the OfficeScan 10 Web console.
  2. In the left panel, click Networked Computers to expand its list of contents.
  3. Click Global Client Settings to open the user interface found in the right panel.
  4. In the right panel, locate Client Self-Protection and tick your preferred options in the list to ensure and enable self-protection against malware that can disable the software.
  5. At the bottom of the right panel, click Save

Enabling the Behavioral Monitoring Module

  1. Still in the OfficeScan 10 web console, in the left panel, click Networked Computers to expand its list of contents.
  2. Click Client Management to open the user interface on the right panel.
  3. In the right panel, click Settings. Choose Behavioral Monitoring Settings from the dropdown list.
  4. In the new window, configure the program's behavioral monitoring settings.
  5. Click Enable Malware Behavior Blocking.
  6. Click Enable Event Monitoring and set your policies and desired actions.
  7. At the bottom of the window, click Apply to All Clients.

Enabling the Device Access Control (DAC) Feature

  1. Still in the OfficeScan 10 Web console, in the left panel, click Networked Computers to expand its list of contents.
  2. Click Client Management to open user interface on the right panel.
  3. In the right panel, click Settings and choose Device Control Settings from the dropdown list. This opens a new window where you can configure the program's behavioral monitoring settings.
  4. Click Enable Device Control then Block Autorun function on USB devices after setting your desired permissions.
  5. At the bottom of the window, click Apply to All Clients.

Enabling Scan Network Drive

  1. Still in the OfficeScan 10 Web console, in the left panel, click Networked Computers to expand its list of contents.
  2. Click Client Management to open user interface on the right panel.
  3. In the right panel, click Settings and select Scan Settings>Real-Time Scan Settings.
  4. Click All scannable files and Scan network drive.

  5. At the bottom of the window, click Save.


Did this description help? Tell us how we did.

Featured Stories

Connect with us on