Endpoint Protection

 View Only

  • 1.  trojan-bnk.win32.keylogger.gen

    Posted Aug 08, 2011 03:23 PM

    Good.

    I can tell if symantec threat detected the following as it does not find it in the database:

    trojan-bnk.win32.keylogger.gen


    Thanks.



  • 2.  RE: trojan-bnk.win32.keylogger.gen
    Best Answer

    Posted Aug 08, 2011 03:34 PM

    This isn't the Symantec naming convention but instead McAfee's. Symantec probably has it named differently. Where did you see this one?

    It would likely start with a trojan.bank or something similar.

    But in any event they probably have defs for it, just a matter of finding the name.

    Sadly, there is no standard naming convention between AV companies and the various viruses out there, although they are close.

    Threat Explorer

    http://www.symantec.com/business/security_response/threatexplorer/index.jsp



  • 3.  RE: trojan-bnk.win32.keylogger.gen

    Posted Aug 08, 2011 07:38 PM

    julrendo,

    Do you have a sample of the threat which is being detected as "trojan-bnk.win32.keylogger.gen"?

    If so, you can contact Symantec support and ask for instructions for submitting suspicious files to our Security Response team. Our team will analyze the file you submit and tell you whether we have a detection for it. If it is a new threat we have not seen before, we will create a signature which can detect the threat.

    Regards,

    James



  • 4.  RE: trojan-bnk.win32.keylogger.gen

    Posted Aug 09, 2011 04:41 AM

    "Thumbs up" for the advice above.

    Also: have you submitted the file to threatexpert.com?  That can provide an automated write-up of what exactly that sample does.

    Thanks and best regards,

    Mick