Endpoint Protection

 View Only

  • 1.  What are the rootkit detection and removal capabilities of SEP?

    Posted May 26, 2009 10:16 AM

    Greetings,

    I'd like to know what levels of comfort I should have (or not) with SEP detecting and removing of the tot rootkits that are out and about today. These are some serious issues that I have been seeing more integrated with blended threats to keep reloading them after the AV/AM solutions remove them.

    Can anyone from Symantec shed some insight on the rootkit detection and removal capabilities of SEP as it stands today?

    Thank you and have a great day,

    ~Brett A. Scudder~



  • 2.  RE: What are the rootkit detection and removal capabilities of SEP?
    Best Answer

    Posted May 26, 2009 02:01 PM
    Nowadays rootkits are on the rise so is symantec on detecting them.SEP does detect most of the rootkits that are there in the wild.Detection capabilities of any antivirus depends on its Honey Pots (Sensors) across the globe and Symantec has the highest number of Sensors across the globe.
    But since there are so many in the wild that it is not possible to detect all them untill and unless symantec has a sample.So if you are facing any kind of Rootkits issue ..Open a case with Symantec or submit your Virus Sample to https://submit.symantec.com/gold 
    To double check if there is really a rootkit on your computer you can scan using Microsoft's Rootkit Revealer.


  • 3.  RE: What are the rootkit detection and removal capabilities of SEP?

    Posted Aug 24, 2009 03:22 AM
    for you and many who want to know wgat rootkits are and what is rootkit detection and removal capabilities of sep.

    https://www-secure.symantec.com/connect/articles/rootkit-intruder-living-your-kernel