Ayuda de vídeo de Screencast

Help with Exceptions

Created: 07 DEC 2011 • Updated: 07 DEC 2011 | 3 comments
Se ha solucionado este problema. Vea la solución.

I need to make a centralized exception for a file that is named as a risk "Suspicious.Cloud.5.A"   Quarantine

the problem is that the file is located on a random place on the client

C:\Documents and Settings\Administrator\Local settings\Temp\7zS101.tmp\tcapa-conf_release_1-0-0.exe

next time

C:\Documents and Settings\Administrator\Local settings\Temp\7zS104.tmp\tcapa-conf_release_1-0-0.exe

SEP 12.1.1000   & 12.1.671

Comentarios ComentariosIr al último comentario

el cuadro de los pete_4u2002

 open a case with symantec and ask to whitelist the file and the check the link to create exception from log

http://www.symantec.com/business/support/index?page=content&id=HOWTO55214

el cuadro de los Mithun Sanghavi

Hello,

Do you think this files are Legitimate??

Symantec is Detecting this Files due to suspicious activity.

Suspicious.Cloud.5 is a detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers. 

Incase, if these files are good files, you can submit these files to the Symantec Security Response Team via, 

https://submit.symantec.com/false_positive/

OR

https://submit.symantec.com/whitelist/isv/

Also, See Creating exceptions for Symantec Endpoint Protection.

See Creating exceptions from log events in Symantec Endpoint Protection Manager.

Hope that helps!!

Mithun Sanghavi
Associate Security Architect

MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUCIÓN