Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Superscan.exe

Updated: 21 May 2010 | 9 comments
dan.idland@petromarker.com's picture
dan.idland@petromarker.com
0 0 Votes
Login to vote
This issue has been solved. See solution.

Hi.
When I came to work this morning I got a report that superscan.exe was found on a lot of our servers and clients.
This happened after I upgraded the SEP to the latest version and the latest SEPM.
Any idea what superscan.exe is ?
Should I be concerned  ?

discussion Filed Under:
, ,

Comments

Aniket Amdekar's picture
28
Sep
2009
0 Votes 0
Login to vote
Aniket Amdekar

Hi, I would strongly suggest

Hi,

I would strongly suggest you to submit this file to the security response team. This appears to be a malicious file.

http://www.threatexpert.com/files/superscan.exe.html

Best,
Aniket

Vikram Kumar-SAV to SEP's picture
28
Sep
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

SuperScan is a top Port


SuperScan is a top Port Scanner

A Windows-only port scanner, pinger, and resolver
SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois
http://sectools.org/port-scanners.html

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

dan.idland@petromarker.com's picture
28
Sep
2009
0 Votes 0
Login to vote
dan.idland@petromarker.com

Hi. Ok, is it possible that

Hi.
Ok, is it possible that it is installed together with a windows update of some sort ?
And why is it running ?
Symantec believe it is a virus ....

Aniket Amdekar's picture
28
Sep
2009
0 Votes 0
Login to vote
Aniket Amdekar

Hi Vikram, Thanks for

Hi Vikram,

Thanks for providing another angle to this situation.

@ Dan: the submission to the security response will just confirm what vikram said, if the file comes clean!

best,
Aniket

Vikram Kumar-SAV to SEP's picture
28
Sep
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

 The Port Scanner

 The Port Scanner applications can be used for find what ports are it is a good tool but if this goes in hands of wrong people it can help them to find open/vulnerable ports on your network so Symantec might detect them 
However i checked SupoerScan v4 does not get detected but not sure about Version 3.

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

SOLUTION
dan.idland@petromarker.com's picture
28
Sep
2009
0 Votes 0
Login to vote
dan.idland@petromarker.com

Sorry to bother you again

Sorry to bother you again people, but how do I submit the file to the security response team ?

Vikram Kumar-SAV to SEP's picture
28
Sep
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

 https://submit.symantec.com/

 https://submit.symantec.com/basic

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

dan.idland@petromarker.com's picture
28
Sep
2009
0 Votes 0
Login to vote
dan.idland@petromarker.com

Thanx again, everything

Thanx again, everything worked fine until I got to the contact id.
Have tried every possible number I have. None of them are valid.
Any idea where to find this number ?

Vikram Kumar-SAV to SEP's picture
28
Sep
2009
0 Votes 0
Login to vote
Vikram Kumar-SAV to SEP
Symantec Employee
Accredited

 Well for that you might

 Well for that you might contact support..you must know the contact ID as it is very important when it comes to submitting files to Security response you will need that.

VMWARE-- SEP 12.1 vs McAfee vs Trend Micro

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,957