Video Screencast Help

SAV10 - "Unknown"

Created: 17 Nov 2009 • Updated: 21 May 2010 | 4 comments
MFishman's picture
This issue has been solved. See solution.

I am getting messages from SAV 10.x saying that a virus was found, but it reports the risk discovered by "Unknown" (not prefixed by Heuristic, etc.).
So who did indeed catch this one?

Comments 4 CommentsJump to latest comment

P_K_'s picture

Bloodhound is the name of the Norton AntiVirus heuristic scanning technology for detecting new and unknown viruses.

Title: 'Explanation of Bloodhound alerts'
Document ID: 1998100109260548
> Web URL:

MCT MCSE-2012 Symantec Technical Specialist (SCTS)

MFishman's picture

There's no mention of Bloodhound - just not "not specified <threat type> (File)" "Unknown". Is heuristic implied?

Rafeeq's picture

Sometimes the client detects an unknown virus that cannot be eliminated with the current set of virus definitions. You might have a file that you believe is infected but scans do not detect an infection. The Quarantine safely isolates potentially infected files on your computer. When you quarantine a virus, the virus cannot spread on your computer or to other computers in your network

since it does not know what kind of virus / category it belongs to you get the name as Unknown.

The whole techonology which does is Bloodhound.

Bloodhound technology dramatically increases the protection against new and unknown viruses.

Bloodhound isolates and locates the various logical regions of a file, and then analyzes the program logic for virus-like behavior. Bloodhound detects a very high percentage of unknown viruses. In addition, the client detects unknown viruses by monitoring activity on your computer for the behaviors that viruses typically perform. When a suspicious activity is detected, the client prevents the action from continuing

Hope I answered your question...;) 

MFishman's picture

I believe so. "Unknown" implies the Heuristic engine found the cuplrit.