A new virus has been found which symantec is unable to detect
Updated: 21 May 2010 | 12 comments
This issue has been solved. See solution.
A new virus has been found which symantec is unable to detect .this virus keep trying to access the floppy drive and prevents the user from shutting down the pc. I have already submited the file to security response team.
discussion Filed Under:
Comments
SEP mr1
I had the same experience as yours before when I'am using SEP mr1. Unable to shutdown the computer.We think that It was the virus the causes the problem but upon submitting the diagnostic tool to symantec security response there was infected files found. Symantec support suggested to upgrade the SEP version. Then successfull migrate has been made and now all computers were able to shutdown properly. What version are you using?thanks
We are using SEP11MR4 I am
We are using SEP11MR4
I am 100% sure that this is anew threat.
full scan in safe mode
Just to make sure I advise also to
1. remove the infected computers on the network
2. Make sure virus definition is updated
3. Run full scan in safe mode
hi all, I agree that the
hi all,
I agree that the systems should be updated and scanned in safe mode, however if the sample submitted by Bijay is going to new variant then we need to wait till rapied definition is released. Assuming that Bijay has followed the best practise in identifying/removing the threats.
Cheers
Pete
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Also try to check inase you
Also try to check inase you can any instances of viruses running in processes, Autorun.inf files as well as any entries in the registry.
Incase you found any such instances, try to submit the samples to https://submit.symantec.com/gold
Rgrds,
SAM
If you submitted file to
If you submitted file to Symantec and it is indeed infected, you should get RapidResponse definitions rather quickly. If you don't want to wait, download Malware Bytes and scan your system, most likely it will clean the infection for you.
till today no response from
till today no response from symantec. don't know what they are doing.other antivirus detecting the virus.
when we accept feedback from symante ?
Hi All,
I have already submited the file to security response team with track number #11374748, Yesterday, 10 jul 2009 02.00 pm.
Usually when we accept feedback from symantec about our request have been processed ?
Tx
At last after 5 days symantec
At last after 5 days symantec detected
filename: iitqq.exe
machine: Machine
result: This file is detected as Trojan Horse. http://www.symantec.com/avcenter/venc/data/trojan....
Virus definition detail:
Sequence Number Greater Than: 96601
Defs Version: 110610bm
Extended Version: 06/10/2009 rev.65
What mean status "Pending Anaysis" ?
I have received new definition updated and can detect virus in my office (W32. Rontrokbro.mm),
but action status "Pending Analysis", what meaning about that ?
Because in SEP Manager Console, can't monitor Computer with status "Pending Anaysis"
Tx
Pending analysis
W32.Rontokbro@mm is a mass-mailing worm that causes system instability.
Pending analysis means needs further checking. A user still needs to take action to complete the remediation of a risk on a computer. Manual intervention is still needed to reboot and scan the PC from safe mode.
Thanks...
Nel Ramos
thanks for bringing this one
thanks for bringing this one up..
great work...
Would you like to reply?
Login or Register to post your comment.