Endpoint Protection

 View Only

  • 1.  worm that EsetNod32 catches but Symantec Endpoint Protection

    Posted Oct 21, 2012 06:25 AM

    i tried to file a case on Symantec's support site, but no luck, support site always generates an error when i click on the submit button. i treid to call local support contact, no way, number is unknown. so i am trying here as a last chance.

    our clients have SEP 12.1 on windows xp and windows7 machines. we found a worm which runs  an app called "musallat.exe". It copies user files and add an .exe extension. only Eset Online Scanner can detect and removes the infection. SEP 12.1 is not aware of that. how can we remove that worm?

    here is the address for detailed info : http://www.virusradar.com/Win32_AutoRun.VB.AAO/description

     

     

     

    guvenc bolisik



  • 2.  RE: worm that EsetNod32 catches but Symantec Endpoint Protection

    Posted Oct 21, 2012 07:44 AM

    HI,

    I would request you to submit these files to the Symantec Security Team on 

    https://submit.symantec.com/essential

    and 

    http://www.threatexpert.com/submit.aspx

    Note: ThreatExpert is owned by Symantec.

    Also, check these Article below:

    Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

    https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

     

    Is your system infected? Symantec tools to help clear an infection

    https://www-secure.symantec.com/connect/forums/your-system-infected-symantec-tools-help-clear-infection



  • 3.  RE: worm that EsetNod32 catches but Symantec Endpoint Protection

    Posted Oct 21, 2012 08:01 AM

    Kindly submit those files to symantec.'They will release the definitions if its a new variant.



  • 4.  RE: worm that EsetNod32 catches but Symantec Endpoint Protection

    Posted Oct 21, 2012 08:57 AM

    well, i reached the technical support and they wanted me to do the same thing. i am going to send the file and wait for the reply. i hope it wouldn't take so long to put it into definitions.



  • 5.  RE: worm that EsetNod32 catches but Symantec Endpoint Protection

    Trusted Advisor
    Posted Oct 21, 2012 02:36 PM

     

    Hello,

    To catch the file, zip the container Folder and when you open the zipped folder, you may see the Threat file in it.

    Submit the .zip folder to Symantec Security Response Team on 

    https://submit.symantec.com/websubmit/essential.cgi

    We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

    Also, check this Article below:

    Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 

    https://www-secure.symantec.com/connect/articles/using-symantec-support-tool-how-do-we-collect-suspicious-files-and-submit-same-symantec-sec

     

    Secondly, check these Articles to Answer your Questions on -

    What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

    http://www.symantec.com/docs/TECH99222

    Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

    http://www.symantec.com/docs/TECH98929

    Hope that helps!!