Video Screencast Help

If I have an older installation of SEP once I upgrade it starts to find tons of infected files

Created: 08 Nov 2013 • Updated: 08 Nov 2013 | 11 comments
This issue has been solved. See solution.

I will see a PC once in a while with SEP11 which is up to date and defs are current, but once I remove it and upgrade to the most current version it will start to find infected files. Why does this happen and why didn't the old version catch them? The file are resident and should have been detected and corrected even with an older version.

Operating Systems:

Comments 11 CommentsJump to latest comment

ᗺrian's picture

Could've been from Download Insight or SONAR (new features in 12.1)

What type of scan caught it?

Or perhaps the defs were not truly up to date and off by a revision or two wink

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

ᗺrian's picture

Check the Risk log on the SEPM. You can highlight the entry and open it up for a wealth of info. It should show something in there. Check the category type too...or if you want just post a screenshot of it

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Rafeeq's picture

Versions have no effect in detection. It might be detected by a new feature which comes with new version

SAV 10.X will find virus what SEP 12.1 finds ( Comparing on AV  not NTP or PTP as these are components)

was the detection found by Sonar? Autoprotect?

ᗺrian's picture

And you ensured virus defs were the same?

If you check the risk log, what is the virus name? What was the risk detection method?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

The Conquistador's picture

I should have asked this question before I had the PC re imaged, but as far as I can remember it was all up to date

ᗺrian's picture

Assuming it was, than my belief is it would be from one of the new features such as insight or SONAR. I would need to see a log though to determine that.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
ᗺrian's picture

No worries. Next time cool

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

Symantec Endpoint Protection 12.1 offers the latest detection technology, including Symantec Insight and real-time monitoring of nearly 1,400 behaviors through SONAR™. Today's complex threat landscape is no match for the five layers of protection provided through network, file, reputation, behavior and repair technologies.
 
Check this Article: 

Five Reasons to Upgrade to Symantec Endpoint Protection 12.1.2

https://www-secure.symantec.com/connect/downloads/five-reasons-upgrade-symantec-endpoint-protection-1212

Hope that helps!!

 

Mithun Sanghavi
Associate Security Architect

MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.