Endpoint Protection

Helo, 

I'm trying to report a false positive. I sent the sample but I answered that "already detected"  

 

This message is an automatically generated reply -- do not reply to this message.

 

This system is designed to analyze and process suspicious file submissions into Symantec Security Response and cannot accept correspondence or inquiries.

 

---------------------------------------------------------------------------

Submission Summary

---------------------------------------------------------------------------

 

We have processed your submission (Tracking #18663559) and your submission is now closed. The following is a report of our findings for the files in your submission:

 

File:  InstalaConnecta.exe

Machine: Machine

Determination: This file is detected as 'Trojan.Malcol, ' with our existing certified LiveUpdate definitions.

 

---------------------------------------------------------------------------

Customer Notes

---------------------------------------------------------------------------

 

File sent InstalaConnecta.exe is legitimate and not infected. However it is detected as Trojan.Malcol. Can explain why or if it is a error fix in future updates.Thanks.

 

---------------------------------------------------------------------------

Developer Notes

---------------------------------------------------------------------------

 

InstalaConnecta.exe is detected by Symantec AV products with the latest definitions.

 

 

---------------------------------------------------------------------------

Remediation

---------------------------------------------------------------------------

 

Existing certified LiveUpdate definitions successfully handle the files in your submission. Please update your definitions by clicking the "LiveUpdate" button in your NAV program. or refer to your product documentation.

 

---------------------------------------------------------------------------

 

This message was generated by Symantec Security Response automation.

 

Should you have any questions about your submission, please contact our regional technical support from the Symantec Web site, and give them the tracking number included in this message.

 

 

Symantec Technical Support

Any solution?

PS: Sorry for my english

Yes, please open a case with TechSupport and they will ping Security Response that this is false positive. Then, if confirmed, it will be removed from definitions.

Check the following 2 articles

Title: 'Best Practice when Symantec Endpoint Protection or Symantec AntiVirus is Detecting a File that is Believed to be Safe'
Web URL: http://www.symantec.com/business/support/index?page=content&id=TECH98360&locale=en_US

Title: 'How do I request/submit an addtion be made to the white-list?'
Web URL: http://www.symantec.com/business/support/index?page=content&id=TECH132220&locale=en_US

Thank you both for the information about the "next steps".

Hi Jogal,

Security Response have confirmed that your submission is indeed a legitimate Connecta 2000 installer and not Trojan.Malcol.  Definitions should be available shortly which correct this detection.

Thanks and best regards,

Mick