Recently,I found an unknow virus attack our company's computers.At present,a lot of computers were infacted.

Details are as follow:

1.Yesterday,I found a lot of files  infected with virus,cause the Adobe Reader&SVN can't used nomally.

2.SEP can't intercept the virus.(Virus library has alreday upgrade to  latest version )

3.We used another anti-virus software succefully anti the virus.

So we doubt SEP can't anti the virus. Please propose some solutions and recommendations!  Thank you!

The following is the another anti-virus log:

==============================
Started time: 2013-9-10 17:18:07
Elapsed time: 06:18:29
Version of virus signature database: 2012-12-4 16:56:50
Scan mode: deep scan
Scan type: full scan
Status: completed
Number of scanned objects: 1100348
Number of detected threats: 111
Number of cleaned threats: 109

Trusted objects:

Trusted extensions:

Detected threats:
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc75.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\PinyinUp.bak BDS/Banito.C Deleted
C:\Program Files\Symantec\Workspace Virtualization\SVSCmd.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc146.exe BDS/Banito.C Deleted
C:\Program Files\TortoiseSVN\bin\TSVNCache.bak BDS/Banito.C Deleted
C:\Program Files\ACD Systems\ACDSee\9.0\ACDSeeQV.exe BDS/Banito.C Deleted
C:\Program Files\SAP\FrontEnd\SAPgui\SAPgui.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\crashrpt.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc122.exe BDS/Banito.C Deleted
C:\Program Files\Altiris\Altiris Agent\Agents\Inventory Agent\AeXAuditPls.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc149.exe BDS/Banito.C Deleted
C:\Program Files\Kingsoft\PowerWord 2006\XDICT.exe  Deleted
D:\Config.Msi\5d6a6c.rbf BDS/Banito.C Renamed
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc140.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\config.exe BDS/Banito.C Deleted
C:\Program Files\SogouExtension\sogouflash\1.0.0.132\SogouFlash.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\offlb.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc79.exe BDS/Banito.C Deleted
D:\Program Files\Dassault Systemes\B19\intel_a\code\bin\CNEXT.exe BDS/Banito.C Renamed
C:\Program Files\SAP\SapSetup\setup\SapStart.bak BDS/Banito.C Deleted
C:\Program Files\Windows Media Player\wmplayer.exe  Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc73.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc83.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc84.exe BDS/Banito.C Deleted
C:\Program Files\Microsoft Firewall Client 2004\FwcMgmt.bak BDS/Banito.C Deleted
C:\Program Files\ACD Systems\ACDSee\9.0\ACDSeeQV.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc141.exe BDS/Banito.C Deleted
C:\Program Files\Microsoft Firewall Client 2004\FwcMgmt.exe BDS/Banito.C Deleted
D:\Program Files\TortoiseSVN\bin\TSVNCache.bak BDS/Banito.C Deleted
C:\keygen.rar Win32.3a1.bt Deleted
C:\Program Files\Java\jre1.6.0_07\bin\java.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc128.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc151.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe BDS/Banito.C Deleted
D:\Program Files\UGS\NX 6.0\UGII\ugraf.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.bak BDS/Banito.C Deleted
C:\Program Files\Common Files\Autodesk Shared\AcHelp.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc114.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc123.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\SogouCloud.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\PinyinUp.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc81.exe BDS/Banito.C Deleted
C:\Program Files\AutoCAD 2008\acad.exe BDS/Banito.C Deleted
C:\Program Files\Mindjet\MindManager 7\MindManager.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc101.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\OffDiag.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc126.exe BDS/Banito.C Deleted
C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc89.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc145.exe BDS/Banito.C Deleted
D:\Config.Msi\121838.rbf BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc111.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc150.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc115.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc142.exe BDS/Banito.C Deleted
D:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-213296\Dd2\Notes\notes.exe BDS/Banito.C Deleted
D:\Program Files\ABAQUS\6.7-1\exec\Perl.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc113.exe BDS/Banito.C Deleted
C:\Program Files\TortoiseSVN\bin\TortoiseProc.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc125.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc112.exe BDS/Banito.C Deleted
C:\Program Files\SogouExtension\ExtensionManager.exe BDS/Banito.C Deleted
C:\Program Files\Kingsoft\PowerWord 2006\XDICT.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc80.exe BDS/Banito.C Deleted
D:\RECYCLER\S-1-5-21-1917818757-519826986-3276041757-1009\Dd2.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc66.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc121.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc88.exe BDS/Banito.C Deleted
D:\Program Files\TortoiseSVN\bin\TortoiseProc.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc152.exe BDS/Banito.C Deleted
C:\Program Files\SogouExtension\skinbox\1.0.0.107\SkinBox.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc102.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\OFFICE12\offlb.exe BDS/Banito.C Deleted
C:\Program Files\AutoCAD 2008\admigrator.bak BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\SohuNews.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc143.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc103.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\Components\SogouComMgr.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc133.exe BDS/Banito.C Deleted
C:\Documents and Settings\All Users\Documents\lenovo\RemoteAssistant\RTCStarter.exe  Deleted
D:\Program Files\AutoCAD 2008\acad.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc82.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc147.exe BDS/Banito.C Deleted
C:\Program Files\SAP\FrontEnd\SAPgui\saplogon.exe BDS/Banito.C Deleted
C:\Documents and Settings\All Users\Documents\lenovo\RemoteAssistant\SysInfoMonitor.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\DW\DW20.exe BDS/Banito.C Deleted
C:\Program Files\Symantec\Workspace Virtualization\SVSCmd.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc124.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Autodesk Shared\AcHelp.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc153.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Microsoft Shared\DW\DW20.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc92.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc77.exe BDS/Banito.C Deleted
D:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dd5.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc148.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc127.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc70.bak BDS/Banito.C Deleted
D:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-213296\Dd2\Notes\nlnotes.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc144.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc107.exe BDS/Banito.C Deleted
D:\Program Files\ABAQUS\License\lmtools.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc110.exe BDS/Banito.C Deleted
C:\Program Files\SogouInput\6.2.0.7817\quickinput.exe BDS/Banito.C Deleted
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe  Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc100.exe BDS/Banito.C Deleted
C:\Documents and Settings\All Users\Documents\lenovo\RemoteAssistant\SysInfoMonitor.bak BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc99.exe BDS/Banito.C Deleted
C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcLauncher.exe BDS/Banito.C Deleted
D:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dd6.exe BDS/Banito.C Deleted
C:\RECYCLER\S-1-5-21-2040253698-3682577049-2344840753-237402\Dc78.exe BDS/Banito.C Deleted

Do you have a sample to submit to security response?

See here:

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

can you submit the file to Symantec Security response for analysis?

Hello,

Please check below thread for your best answer.

https://www-secure.symantec.com/connect/forums/desktopexe

Hello,

In your case, all the files have been deleted -

Next time, please zip each of the files and submit the zip files (without password) to the Symantec Security Response Team on : 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

Check these articles:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

http://www.symantec.com/docs/TECH98929

Here are some excellent suggestions on how to keep your computers, their users and data safe:

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Hope that helps!!

Hi,

Did you scan with Symantec power eraser?

Symantec Power Eraser is the latest Symantec Recovery tool. The tool is aimed at the detection and clean-up of "zero-day" threats as well as other threats which may have infected the user’s system. Zero-day threats are those that take advantage of a newly discovered hole in a program or operating system before the developers have made a fix available – or before they are even aware that a hole exists.

Before submitting it to the Symantec go through the following steps 

1) Install all the SEP features i.e. AV/AS, PTP & NTP.

1) System should be updated with Service packs and windows patches.

2) Make sure the machines are installed with the latest third party applications.

3) Disable the Autorun Feature if not using SEP 12.1.

4) Scan the full system in safe mode.

5) Use Symantec power eraser to scan the system.

http://www.symantec.com/theme.jsp?themeid=spe-user...

Best practices for responding to active threats on a network

http://www.symantec.com/docs/TECH122466 

If these steps couldn't help then I would also suggest to submit suspicious files to the Symnatec.

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/docs/TECH102419  

Hi chudyjay,

Which version of SEP is in use, and which components are selected?  Many of today's sophisticated threats require more than an older release of SEP with only AV.  I recommend upgrading to SEP 12.1 and using AV with IPS, ADC, and the reputation-based Insight components.  Together those provide quite a good defense.

Here are some additional recommendations:

Symantec Endpoint Protection – Best Practices:
http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0  

Hi chudyjay,

When time allows, can you post an update on this thread?  Are you still experiencing this infection or have you resolved it (and how)?

Thanks again,

Mick

You need to submit all these files to Symantec Security Response in order to detect by SEP

https://submit.symantec.com/websubmit/essential.cgi

Once you submit the files they will reply you back and if they still says files are clean then open the case with Symantec.