Endpoint Protection

 View Only

  • 1.  Symantec virus protection products unable to find (still) W32/Fibbit.OL!tr

    Posted Feb 27, 2013 07:34 AM

    I have tested SEP, Symantec Messaging Gateway and Symantec Mail Security for Exchange and none of them find above mentined trojan/virus. Compewtitive products do find it - for example fortigate find the virus on the fly while scanning all the network traffic. Very bad performance from Symantec. The virus was found alreade nearly week ago.



  • 2.  RE: Symantec virus protection products unable to find (still) W32/Fibbit.OL!tr

    Posted Feb 27, 2013 07:38 AM

    The problems is two fold. The virus is changing its code to evade detection and Symantec doesn't have a definition for the new variant.

    If you have a sample, you can help them out by submitting it:

    https://submit.symantec.com/websubmit/gold.cgi

    You can also check out the below:

    Security Response recommendations for Symantec Endpoint Protection 12.1 settings

    Article:TECH173752  |  Created: 2011-11-07  |  Updated: 2011-11-21  |  Article URL http://www.symantec.com/docs/TECH173752

     



  • 3.  RE: Symantec virus protection products unable to find (still) W32/Fibbit.OL!tr

    Posted Feb 27, 2013 08:10 AM

    Submit the suspected file to the Security Response for analysis:

    How to Use the Web Submission Process to Submit Suspicious Files
    http://www.symantec.com/docs/TECH102419



  • 4.  RE: Symantec virus protection products unable to find (still) W32/Fibbit.OL!tr

    Trusted Advisor
    Posted Feb 27, 2013 08:14 AM

    Hello,

    Is Symantec Endpoint Protection installed with full Features?? In other words, Today installing only Virus and Spyware Protection is not enough.

    https://www-secure.symantec.com/connect/articles/why-antivirus-not-enough

    Secondly, to your issue check these Articles:

    Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

    http://www.symantec.com/business/support/index?page=content&id=TECH98929

    What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

    http://www.symantec.com/docs/TECH99222

    Follow the Symantec Security Best practices - http://www.symantec.com/business/theme.jsp?themeid...

    About creating a plan to respond to viruses and security risks

    http://www.symantec.com/docs/HOWTO27199

    Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

    https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

     

     

    Hope that helps!!