It appears Symantec didn't have a signature for it. Did you submit to Security Response? You can here:

https://submit.symantec.com/websubmit/gold.cgi

Check these:

Security Best Practices for Protecting a Business Environment from Common Threats

Security Best Practice Recommendations

I would highly recommend moving to SEP 12.1 as it offers better protection than 11.x You can check the comparison list here:

Differences between SEP 11 Enterprise Edition and SEP 12.1 Enterprise Edition

https://www-secure.symantec.com/connect/articles/f...

Thanks for the quick response.

But.  We have the latest dat files and we are talking about taking everyone in the organization to 12?  In time we will but is that going to be the solution when we get to 12 with the latest dat files.  "you need to go to 13"???

What goiod is getting the latest dat files if every decent virus we get we have to be at the next level?  This one was just a real nuisense.  We lost no data, but A LOT of time.

Is the only thing I did wrong was not be at 12?  If the dat files won't protect me why doesn't the auto update let me know my engine is useless?

Thanks

Hello,

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

http://www.symantec.com/business/support/index?page=content&id=TECH9892

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Check this Thread with similar Issue: https://www-secure.symantec.com/connect/forums/folder-getting-created-folderexe

Are you running the SEP 11.x client with latest definitions and carry all the latest Microsoft updates and security patches on the machine?

The symptoms sounds like W32.SillyFDC to me.

1. Run a scan in safe mode with networking to remove the virus. (Make sure SEP is updated with the Latest definitions)
2. Disable System Restore before you do this as the virus alse creates entries in the System Restore Points store volumes.
3. Disable Autoplay for ALL DRIVES Via a GPO (If you're on a domain), and
4. Disable SImple File Sharing if it's enabled to prevent the infection from propogating itself by binding to files.
5. Secondly, Submit these files to the Symantec Security Response and they will get detected. https://submit.symantec.com/essential

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Hope that helps!!

Hi,

Agreed with above comments..Please do the above steps your problem will be solve. 

1) May your system was not having latest virus definition.

2) System should have latest version of antivirus installed.

3) Do a safe mode scanning on the system (If system have sep 11) and system have 12.1 then do a normal scan.

Hi,

Check this thread

https://www-secure.symantec.com/connect/forums/pornexe-sexyexe-passwordexe-filefolder-name-exe

Check this blog

https://www-secure.symantec.com/connect/blogs/w32changeup-keeps-giving

Please refer to what Brian has written, it's basically the reality of IT Security nowdays..

With due respect nobody depends only on AV to protect their environment ... we'll need at least few layer of defense due to the current nature of threats.....  maybe you can use 2-3 open source security solutions to reduce the cost

Hi

Please send the suspicious file to Symantec Security Response for analysing

Regards