Hi there

I uploaded file to https://submit.symantec.com/websubmit/retail.cgi

Virustotal site defines this file like that. How long Symantec will produce a new definition for SEP 12.1 after a uploading of suspected infected file to Symantec?

I've usally seen it as a couple hours at most.

Hi akarelin,

Good news!  That .zip file you submitted contains a malicious file called "transact_store.exe" (MD5 AAC8AEC914CA65C3DB358EDDC85F4BE5).  This is already detected as Backdoor.Trojan in RR Sequence 157780 or above- that appears in the GUI as "10/1/2014 rev. 7".  Those are available now on ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/rapidrelease/

This article will help to deploy this protection throughout the organization:

How to update definitions for Symantec Endpoint Protection Manager (SEPM) using a .jdb file
Article URL http://www.symantec.com/docs/TECH102607

Or the RR defs can be applied to a single client:

How to apply rapid release definitions to a Symantec Endpoint Protection (SEP) client.
Article URL http://www.symantec.com/docs/TECH104979

The next set of definitions available from LiveUpdate will also include this protection.

Please update this thread with info on if this has solved the issue for you!

With best regards,

Mick

If you have a support contract for SEP, you may not want to use the "retail" submission site.

Check your support contract for your level of entitlement.

http://www.symantec.com/docs/TECH203027

MJD

Thank you all! 

Hi akarelin,

All that is needed now is to run LiveUpdate (latest version is "10/1/2014 rev. 16") and the perform a scan.  It will detect and remediate the malicious .exe.

For the benefit of others on the forum, please do mark this thread as "solved" if your question has been answered.  (It is still marked "needs solution.")

Many thanks once again,

Mick

LiveUpdate already downloaded the last rev. And we checked that file. 

Excellent news! &: )