worm that EsetNod32 catches but Symantec Endpoint Protection
Created: 21 Oct 2012 | 4 comments
i tried to file a case on Symantec's support site, but no luck, support site always generates an error when i click on the submit button. i treid to call local support contact, no way, number is unknown. so i am trying here as a last chance.
our clients have SEP 12.1 on windows xp and windows7 machines. we found a worm which runs an app called "musallat.exe". It copies user files and add an .exe extension. only Eset Online Scanner can detect and removes the infection. SEP 12.1 is not aware of that. how can we remove that worm?
here is the address for detailed info : http://www.virusradar.com/Win32_AutoRun.VB.AAO/description
guvenc bolisik
Discussion Filed Under:
Comments 4 Comments • Jump to latest comment
HI,
I would request you to submit these files to the Symantec Security Team on
https://submit.symantec.com/essential
and
http://www.threatexpert.com/submit.aspx
Note: ThreatExpert is owned by Symantec.
Also, check these Article below:
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
Is your system infected? Symantec tools to help clear an infection
https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection
Thanks In Advance
Ashish Sharma
SEPM Knowledgebase Documents
Kindly submit those files to symantec.'They will release the definitions if its a new variant.
Mohan Babu
moglie20@gmail.com
+91 9884382160
Your satisfaction is very important to us.If you find above information helpful or it has resolved your issue...please mark it accordingly :)
well, i reached the technical support and they wanted me to do the same thing. i am going to send the file and wait for the reply. i hope it wouldn't take so long to put it into definitions.
Hello,
To catch the file, zip the container Folder and when you open the zipped folder, you may see the Threat file in it.
Submit the .zip folder to Symantec Security Response Team on
https://submit.symantec.com/websubmit/essential.cgi
We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.
Also, check this Article below:
Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.
https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec
Secondly, check these Articles to Answer your Questions on -
What to do when you suspect that a Symantec AntiVirus product is not detecting viruses
http://www.symantec.com/docs/TECH99222
Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not
http://www.symantec.com/docs/TECH98929
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Would you like to reply?
Login or Register to post your comment.