Video Screencast Help

Symantec virus protection products unable to find (still) W32/Fibbit.OL!tr

Created: 27 Feb 2013 | 3 comments
AriK's picture

I have tested SEP, Symantec Messaging Gateway and Symantec Mail Security for Exchange and none of them find above mentined trojan/virus. Compewtitive products do find it - for example fortigate find the virus on the fly while scanning all the network traffic. Very bad performance from Symantec. The virus was found alreade nearly week ago.

Operating Systems:

Comments 3 CommentsJump to latest comment

.Brian's picture

The problems is two fold. The virus is changing its code to evade detection and Symantec doesn't have a definition for the new variant.

If you have a sample, you can help them out by submitting it:

https://submit.symantec.com/websubmit/gold.cgi

You can also check out the below:

Security Response recommendations for Symantec Endpoint Protection 12.1 settings

Article:TECH173752  |  Created: 2011-11-07  |  Updated: 2011-11-21  |  Article URL http://www.symantec.com/docs/TECH173752

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

Submit the suspected file to the Security Response for analysis:

How to Use the Web Submission Process to Submit Suspicious Files
http://www.symantec.com/docs/TECH102419

Mithun Sanghavi's picture

Hello,

Is Symantec Endpoint Protection installed with full Features?? In other words, Today installing only Virus and Spyware Protection is not enough.

https://www-secure.symantec.com/connect/articles/why-antivirus-not-enough

Secondly, to your issue check these Articles:

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

http://www.symantec.com/business/support/index?page=content&id=TECH98929

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Follow the Symantec Security Best practices - http://www.symantec.com/business/theme.jsp?themeid...

About creating a plan to respond to viruses and security risks

http://www.symantec.com/docs/HOWTO27199

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

 

 

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.