Disk anti virus fake Av
Created: 02 Feb 2013 | Updated: 16 Feb 2013 | 7 comments
This issue has been solved. See solution.
Looks like a new fake AV variant.
http://www.bleepingcomputer.com/virus-removal/disk-antivirus-professional-removal
Does Symantec has the detection and cure for this variant ?
Cheers
Prakash
Discussion Filed Under:
Comments 7 Comments • Jump to latest comment
Submit it to security response
Https://submit.symantec.com/websubmit/essential.cgi
Also upload at virustotal.com to see if defs are available.
Check here
https://www-secure.symantec.com/connect/forums/you...
SEP Knowledge Base
Endpoint SWAT
Hi Biran,
Currently i dont have the sample file to submit. In the process of collecting it from the end user machine.
Will Submit it once i have the file. But in parallel, i just want to know below points.
1. Does Symantec aware of this new threat ?
2. If yes, does Symantec has the detection ?
Thanks,
Prakash
You would need to submit to have it verified. If your SEP client did not detect it than it may not have had a signature yet.
FakeAV changes many times per day so it may have went undetected which is why you meds to submit so they can create a signature for it.
SEP Knowledge Base
Endpoint SWAT
As Brian mentioned there's always issue with new undetected/unknown variant... most of the time user need to capture & submit it manually
take note also on different naming convention for each vendor...
run the symhelp tool to know the suspicious file to be submitted.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Samples were collected and Submited. Signature will be available soon.
thats good to know. may be the SR team would have given the RR definition in the closing of the tracking number.
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Would you like to reply?
Login or Register to post your comment.