Endpoint Protection

 View Only

  • 1.  False positive report

    Posted Feb 14, 2011 05:30 AM

    Hello,

    We are the developers of a program for monitoring computer activity. Some time ago SEP began to detect one of the application files as trojan.GEN and block it. But it's not a trojan, it's a legal applicaton. How can we submit this false positive malware detection?

    Thank you.

    Regards



  • 2.  RE: False positive report

    Broadcom Employee
    Posted Feb 14, 2011 05:34 AM

    visit this link..

    https://submit.symantec.com/false_positive/



  • 3.  RE: False positive report

    Broadcom Employee
    Posted Feb 14, 2011 05:41 AM

    also you can include as centralized exception till there is a fix.



  • 4.  RE: False positive report

    Broadcom Employee
    Posted Feb 14, 2011 06:06 AM

    Hi,

    Can you share your application name and files which has began to detect as a trogan.GEN ?

    What is SEPM & SEP client version you are using ?



  • 5.  RE: False positive report

    Posted Feb 15, 2011 03:10 AM

    Hi,

    Application name is LanAgent. Our web site http://www.lanagent.com (http://www.lanagent.ru/)
    We upload this file at www.lanagent.com/system.zip    Thank you.

    Regards



  • 6.  RE: False positive report
    Best Answer

    Broadcom Employee
    Posted Feb 15, 2011 06:41 AM

    Hi,

    You will have to submit the file  at  https://submit.symantec.com/false_positive/ or create a case with Support for False positive.
     
    Please go through following links.
     
    http://www.symantec.com/business/support/index?page=content&id=TECH98360
     
    http://www.symantec.com/security_response/writeup.jsp?docid=2010-022501-5526-99