Endpoint Protection

 View Only

  • 1.  one particular virus exe not detected by SEP

    Posted Aug 22, 2013 06:08 AM

    Hello,

      In one USB drive, one managed SEP 12.x is not able to detect and quarantine malicious file QJHtQmCmXXcqbsB.exe. However, when I checked the USB drive in another PC (self-managed SEP), it was able to detect and quarantine that particular exe file. All defintions for both SEPs are same (versions also same). Please suggest.  



  • 2.  RE: one particular virus exe not detected by SEP

    Trusted Advisor
    Posted Aug 22, 2013 06:13 AM

    Hello,

    Check this Article:

    What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

    http://www.symantec.com/docs/TECH99222

    Secondly, Could you please zip each of the files and submit the zip files (without password) to the Symantec Security Response Team on : 

    https://submit.symantec.com/websubmit/essential.cgi

    We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

    Check these articles:

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

    Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

    http://www.symantec.com/docs/TECH98929

    Here are some excellent suggestions on how to keep your computers, their users and data safe:

    http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

    Hope that helps!!



  • 3.  RE: one particular virus exe not detected by SEP

    Broadcom Employee
    Posted Aug 22, 2013 06:15 AM

    submit the file to symantec virus upload portal



  • 4.  RE: one particular virus exe not detected by SEP

    Posted Aug 22, 2013 06:16 AM

    Submit here:

    https://submit.symantec.com/websubmit/gold.cgi



  • 5.  RE: one particular virus exe not detected by SEP

    Posted Aug 22, 2013 06:18 AM

    Submit the file to Symantec Secuirty Response team

    Regards

     



  • 6.  RE: one particular virus exe not detected by SEP



  • 7.  RE: one particular virus exe not detected by SEP

    Broadcom Employee
    Posted Aug 22, 2013 07:25 AM

    Hi,

    Thank you for posting in Symantec community.

    Could you please upload the risk log where SEP is able to detect & quarantine the risk.

    Is there any difference between those two machines? OS difference? Applications etc?



  • 8.  RE: one particular virus exe not detected by SEP

    Posted Aug 23, 2013 07:25 AM

    In the SEPM, check if you have a scan exception set for the drive letter of the pen drive in the 'Centralized Exceptions" policy applied to the concerned managed client.

    If it is excluded from scanning, you may remove the exception and then scan the pen drive again.