Video Screencast Help

Adware.mywebsearch virus not deleting by Symantec

Created: 02 Nov 2011 • Updated: 29 Nov 2011 | 4 comments
This issue has been solved. See solution.

Hi Friends,

 

We are using SEP 11.0.6  . We suspeted some files in client machines and uploaded to virus total site. Most of the sites are detecting as virus but symantec is not detecting .

Here I attched screenshot of Virustotal site.

Virus names:

  •  w32/Mywebsearch
  • adware/Funweb.ar
  • win32/Mywebsearch
  • webtoolbar/win32.mywebsearch.gen
  • w32/suspicious_gen2.QRBWT

 

What is best solution?

Any Microsoft Security patches are required?

What are the changes required in SEPM?

 

Thanks in Advance.

 

Regards

Santhosh

Comments 4 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

If you believe you have discovered a new, undetected variant, please do submit the suspicious files to Security Response Check this:

 

Title: 'How to Use the Web Submission Process'

Document ID: TECH102419

as described above and contact Technical Support.

 

Until new definitions are available, the steps in the following article will help:

Best practices for troubleshooting viruses on a network

Article: TECH122466 | Created: 2010-01-15 | Updated: 2011-08-02 |

Article URL http://www.symantec.com/docs/TECH122466

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it. This could provide enough information to allow you to create firewall rules preventing the threat from downloading additional threats or contacting a third party. 

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

Santhosh k's picture

symantec  def released on 28th oct 2011 rev 036 for adware.mywebsearch. But It is not deleting or detecting

http://www.symantec.com/business/security_response...

 

I think, tghe behaviour of virus is changing.

Mithun Sanghavi's picture

Hello,

It could be a new variant. 

Could you please work on this Article for Web Submission Process. Document IDTECH102419

OR

Run a SEP Support Tool and submit the suspicious files to the Symantec Security Response Team.

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
Santhosh k's picture

Hi Mithun,

 

Finally my problem is resolved. Almost i sent 5 samples to symantec and i got signatures. And after running full scan , the virus is deleting.

 

Regards

Santhosh