Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

one particular virus exe not detected by SEP

Created: 22 Aug 2013 | 7 comments

Hello,

  In one USB drive, one managed SEP 12.x is not able to detect and quarantine malicious file QJHtQmCmXXcqbsB.exe. However, when I checked the USB drive in another PC (self-managed SEP), it was able to detect and quarantine that particular exe file. All defintions for both SEPs are same (versions also same). Please suggest.  

Operating Systems:

Comments 7 CommentsJump to latest comment

Mithun Sanghavi's picture

Hello,

Check this Article:

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Secondly, Could you please zip each of the files and submit the zip files (without password) to the Symantec Security Response Team on : 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

Check these articles:

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

http://www.symantec.com/docs/TECH98929

Here are some excellent suggestions on how to keep your computers, their users and data safe:

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

.Brian's picture

Submit here:

https://submit.symantec.com/websubmit/gold.cgi

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SameerU's picture

Submit the file to Symantec Secuirty Response team

Regards

 

Chetan Savade's picture

Hi,

Thank you for posting in Symantec community.

Could you please upload the risk log where SEP is able to detect & quarantine the risk.

Is there any difference between those two machines? OS difference? Applications etc?

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Seyad's picture

In the SEPM, check if you have a scan exception set for the drive letter of the pen drive in the 'Centralized Exceptions" policy applied to the concerned managed client.

If it is excluded from scanning, you may remove the exception and then scan the pen drive again.