Certain types of malware may hijack the default registry settings for executable files, in order to run the malware whenever an executable is launched. You are looking for an Application and Device Control (ADC) policy for the Symantec Endpoint Protection (SEP) product that will prevent the issue and protect the registry settings.
Download the attached policy file and import into the Symantec Endpoint Protection Manager (SEPM) console using the following steps:
Select the Policies tab
Select Application and Device Control
Select Import and point to the downloaded .dat file
Before using the policy in a production environment, ensure that it is fully tested and has been run in the "Test (log only)" mode prior to being fully enabled.