Endpoint Protection

 View Only

  • 1.  Win32.FraudTool.AntivirusSoft

    Posted Mar 03, 2010 05:15 PM
    Win32.FraudTool.AntivirusSoft

    Found this on a system today.  Symantec Endpoint Protection Version 11.0.4000.2295 did NOT find the malware, even after a full system scan with the latest signatures.  Had to resort to Ad-Aware (something I haven't had to use in at least five years) in order to get it removed.

    What gives?  Why was this not picked-up by SEP?  I'm open to discussion on this and would love to be able to answer my CEO's questions as to why the product we purchased to protect our systems allowed this piece of malware to run rampant.

    Yes, I'm a little P.O.ed so sorry if I sound like it.  I just spent four hours of project time working on something that SEP should've caught in a heartbeat (IMO).


  • 2.  RE: Win32.FraudTool.AntivirusSoft

    Posted Mar 04, 2010 01:31 AM
    Hi,

    If the full system scan did not help to remove the threat from your machine, you can always contact the technical support.

    We will help you submit the suspecious files to the security response team, so that the Virus Definitions for this threat can be created.

    Aniket


  • 3.  RE: Win32.FraudTool.AntivirusSoft

    Posted Mar 04, 2010 03:24 AM
     

    PRINT THIS PAGE PRINT THIS PAGE

    Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/d52ab8d97f66472988256a22002726f3?OpenDocument

    Just thought you might like to read a little more on the subject. The fact of the matter is that NO anti-virus software is 100% effective. The best thing you can usually do is submit the file as Aniket suggested above. There will be a new rapid release definition out very quickly (probably faster than it took you to clean it) that will have your specific definition built into it.

    Hope this helps
    Grant