An Antivirus vendor detects XYZ virus. You want to know if Symantec detects it.

Article:TECH54072  |  Created: 2007-01-13  |  Updated: 2014-01-06  |  Article URL http://www.symantec.com/docs/TECH54072
Article Type
Technical Solution

Product(s)

Issue



An Antivirus vendor detects XYZ virus. You want to know if Symantec's Antivirus products detect it.


Solution



Symantec can not assure with 100% certainty that a virus is detected by the Symantec Antivirus products (Symantec Endpoint Protection and others), even if it is acknowledged as a common alias in the "Also known as" field in a virus writeup.  It is a common practice in the Antivirus industry to put different strains of the same virus under the same name. So, even if Symantec recognizes that w32.virusname.variant is also known as XYZ by another vendor, we may not detect all the variants that other vendor detects.

 

If you want to check if a virus detected by a competitor is mentioned in the Symantec writeups:

  1. Go to the Symantec home page
  2. In the search text box type the name of the virus provided by another vendor
  3. In the drop down menu select "Viruses and Risks"
  4. Click on Search
  5. If the virus is mentioned in any of the Symantec public writeups, you will see it in the results page

This does not guarantee that the particular variant that the other vendor detects is detected by Symantec, as some vendors put different strains of a virus under the same name.

 

The only way to have 100% certainty whether or not Symantec detects a file with traditional Antivirus signatures is to submit the file to Security Response.  For an explanation of the submission process, please see the document How to Use the Web Submission Process

Note that SEP's heuristic, IPS, and reputation-based Insight (in SEP 12.1) components may successfully block threats for which traditional AV signatures have not yet been written.  Using a full suite of protection technologies is highly recommended in today's threat landscape.  See How to add or remove features to existing Symantec Endpoint Protection (SEP) client installations for instructions on how to add these components.  


Supplemental Materials

Value6966


Legacy ID



292086


Article URL http://www.symantec.com/docs/TECH54072


Terms of use for this information are found in Legal Notices