Endpoint Protection

 View Only

  • 1.  TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Posted Apr 22, 2013 06:24 AM

    Hi Team,

    Please suggest on it

    We have SEP 12.1 but its not able to detect this virus

     

     



  • 2.  RE: TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Broadcom Employee
    Posted Apr 22, 2013 06:26 AM

    submit the file to security response.

    https://submit.symantec.com/websubmit/essential.cgi

    how did you got to know the file is threat?



  • 3.  RE: TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Posted Apr 22, 2013 06:27 AM

    What are you using to detect it? As suggested, you need to submit it to security response. You can use SymHelp to do this

    Using Symantec Help (SymHelp) Tool, how to Collect the Suspicious Files and Submit the same to Symantec Security Response Team

    http://www.symantec.com/docs/TECH203027



  • 4.  RE: TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Posted Apr 22, 2013 06:28 AM

    Hello,

    If SEP not detect You can submit to file for submission.

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante



  • 5.  RE: TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Posted Apr 22, 2013 12:22 PM

    Is any other AV software is detecting it if any on one of your computer ?

    Get the file location and submit it to Security response team as mentioned above



  • 6.  RE: TrojanDownloader:Win32/Stegvob.D not detecting to ysmantec

    Trusted Advisor
    Posted Apr 22, 2013 12:23 PM

    Hello,

    TrojanDownloader:Win32/Stegvob.D is being detected by Microsoft.

    https://www.virustotal.com/en/file/f1f6d360d672e909385ba877cb54c737a1ace13e66ababb53f5f101d76ec315b/analysis/

    Whereas Symantec is detecting it as "WS.Reputation.1"

    However, this file could be a new Variant.

    Could you zip each of the files detected and submit the zip files (without password) to the Symantec Security Response Team on :

    https://submit.symantec.com/websubmit/essential.cgi

    We also offer a self-service site to analyze files, at http://www.threatexpert.com, which can give you more information on the files you submit to it.

    What to do when you suspect that a Symantec AntiVirus product is not detecting viruses

    http://www.symantec.com/docs/TECH99222

    Also, check this Article:

    Using Symantec Help (SymHelp) Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

    https://www-secure.symantec.com/connect/articles/using-symantec-help-symhelp-tool-how-do-we-collect-suspicious-files-and-submit-same-symante

    Hope that helps!!