Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

worm that EsetNod32 catches but Symantec Endpoint Protection

Created: 21 Oct 2012 | 4 comments

i tried to file a case on Symantec's support site, but no luck, support site always generates an error when i click on the submit button. i treid to call local support contact, no way, number is unknown. so i am trying here as a last chance.

our clients have SEP 12.1 on windows xp and windows7 machines. we found a worm which runs  an app called "musallat.exe". It copies user files and add an .exe extension. only Eset Online Scanner can detect and removes the infection. SEP 12.1 is not aware of that. how can we remove that worm?

here is the address for detailed info : http://www.virusradar.com/Win32_AutoRun.VB.AAO/description

 

 

 

guvenc bolisik

Comments 4 CommentsJump to latest comment

Ashish-Sharma's picture

HI,

I would request you to submit these files to the Symantec Security Team on 

https://submit.symantec.com/essential

and 

http://www.threatexpert.com/submit.aspx

Note: ThreatExpert is owned by Symantec.

Also, check these Article below:

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

 

Is your system infected? Symantec tools to help clear an infection

https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection

Thanks In Advance

Ashish Sharma

 

 

Mohan Babu's picture

Kindly submit those files to symantec.'They will release the definitions if its a new variant.

Mohan Babu

moglie20@gmail.com

+91 9884382160

Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)

Guvenc Bolisik's picture

well, i reached the technical support and they wanted me to do the same thing. i am going to send the file and wait for the reply. i hope it wouldn't take so long to put it into definitions.

Mithun Sanghavi's picture

 

Hello,

To catch the file, zip the container Folder and when you open the zipped folder, you may see the Threat file in it.

Submit the .zip folder to Symantec Security Response Team on 

https://submit.symantec.com/websubmit/essential.cgi

We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

Also, check this Article below:

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

 

Secondly, check these Articles to Answer your Questions on -

What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

http://www.symantec.com/docs/TECH99222

Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

http://www.symantec.com/docs/TECH98929

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.