Symantec Endpoint Protection 11 virus definition file version translation

book

Article ID: 157015

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) Virus and Spyware Protection System Log and Windows Application Log contain "New virus definition file loaded" entries.  The virus definition file version information is obfuscated and needs to be translated to standard date and revision format.

Resolution

Example log entry "New virus definition file loaded. Version: 140828b."

  1. Numerals 1 and 2 are added to 1998 to determine the year of the definition file.  In the example 1998 + 14 = 2012.
  2. Numerals 3 and 4 represent the month of the year.  In the example it is August, the 8th month of the year.
  3. Numerals 5 and 6 represent the day of the month.  In the example it is the 28th day of the month.
  4. Letters past the 6th numeral represent the revision.  B is the 2nd letter in the alphabet, this is revision 2.
  5. 140828b represents the August 28th 2012 revision 2 definition set.