Endpoint Protection

 View Only

  • 1.  Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 01:56 PM

    Running ISCS image of XP on Thinkpad W500.
    Symantec AntiVirus failed to detect s5sf.exe.
    This program was added as a registry auto start to load Program on Boot up.
    Which in turn caused PGP to report a problem with hard drive, consequently I was unable to log back onto Thinkpad.
    Symantec AntiVirus full scan fails to detect this program.
    Google search confirms that s5sf.exe is a bug.
    http://www.prevx.com/filenames/X1542120952827832-X1/S5SF.EXE.html
    What can be done detect this program from infecting. I should not be required to purchase Prezx to eliminate this bug. This is precisely what I had to do.



  • 2.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:07 PM

    upload it here

     

    Upload a suspected infected file (Gold)

     

    https://submit.symantec.com/websubmit/gold.cgi



  • 3.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:12 PM

    I am afraid I didn't keep a copy of this program, I was just glad that Prevx was able to detect and remove it and I could log back to my desktop :-(



  • 4.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:14 PM

    Every AV is different and is not going to catch every single thing out there. You'll find ones that get caught while others don't catch it and vice versa.



  • 5.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:14 PM

     I performed a search, and it turns out none of the top 43 AV companys show this file name as a known threat.

     

    As Rafeeq stated, please submit it ASAP, so that we can get signatures in place to detect this threat



  • 6.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:29 PM

    Thomas, I am suprised that none of the top AV companies have acknowledged this threat. My expectation of giants like Symantec was much higher. I don't have a copy of the threat. But I am hoping that well established pillars of the IT industry, like Symantec, can leaverage their resources to locate and tag this threat.



  • 7.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:39 PM

    Please submit; lets make Symantec stronger 

     

    Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not

     

    http://www.symantec.com/business/support/index?page=content&id=TECH98929



  • 8.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 12, 2011 02:52 PM

    I am sure it is because this is a new variant or a new threat all together. Once we get a sample, then Symantec can offer protection.



  • 9.  RE: Symantec AntiVirus failed to detect s5sf.exe

    Posted Jul 15, 2011 02:20 AM

    Best thing is Symantec has technology to stop threats and block infections. Please have then in practice.

    Stringen the security with the NTP policies.

    There are several threats that come in everyday unlike any other s/w symantec has numerous white papers which help you know where these threats get copied and what needs to be blocked and what to do to nullify the effect of any virus.

    If Symantec does not have information about the threat please submit.

    http://www.symantec.com/docs/TECH133764