Nigelg, because you submitted the files from the retail "queue" (that is, you didn't include a contact ID), your submissions are very, very low on the priority list.
As it is, we're are currently being bombarded by numerous submissions. We're working on getting them all handled as quickly as possible, but as your submission is a retail submission, it may be quite awhile before we're able to reverse engineer it.
Please contact support. Once your support contract has been verified you can work with one of our engineers who can, in turn, work to get your submissions switched up in priority to match your entitlement level and thus get processed faster.
We try to be as proactive as we can about detecting new threats that we don't have definitions for, but there's only so much that can be done. We really need you to contact support so we can get the samples investigated and definitions written for them if they turn out to be viral.
As for our competitors detecting it while we don't, it could be, as I indicated earlier, simply that they had samples and definitions written before we did. It is also possible, however, that we do not detect the file as infected because it isn't. Let me give you an example.
Let's say that VirusX infects your computer. This virus changes your desktop to a picture of an airplane, then scans your network and spreads to any open share.
In this case, unless the picture itself contains virus code, Symantec will not detect it as viral? Why? Because it is not infected, and doesn't contain code that can be used to propogate the virus. We will scan it, of course, but since it is not infected, we don't remove it. Some of our compeditors do...they'd indicate that the file is infected (since it may have come as part of the virus) and remove it. However, we don't.
While I don't believe that's the case with your submissions, that's something to be aware of.
Additionally, while sites like virustotal may be useful to help identify suspicious files, again, the other scanners may be detecting a file that we decided isn't actually infected. Finally, we have no control over what sites like virustotal use to scan with...looking at their information, they're using our consumer scanner, but there is no way for us (Symantec) to ensure that they're using a current definition set, the current version of the program, current scanning engines, etc...and the same can be said of the other scanners.
Please contact support so we can get these files submitted to the proper queue and ensure that an engineer looks at these files.