Help with Exceptions
Created: 07 Dec 2011 | Updated: 07 Dec 2011 | 3 comments
This issue has been solved. See solution.
I need to make a centralized exception for a file that is named as a risk "Suspicious.Cloud.5.A" Quarantine
the problem is that the file is located on a random place on the client
C:\Documents and Settings\Administrator\Local settings\Temp\7zS101.tmp\tcapa-conf_release_1-0-0.exe
next time
C:\Documents and Settings\Administrator\Local settings\Temp\7zS104.tmp\tcapa-conf_release_1-0-0.exe
SEP 12.1.1000 & 12.1.671
Discussion Filed Under:
Comments 3 Comments • Jump to latest comment
open a case with symantec and ask to whitelist the file and the check the link to create exception from log
http://www.symantec.com/business/support/index?page=content&id=HOWTO55214
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
Hello,
Do you think this files are Legitimate??
Symantec is Detecting this Files due to suspicious activity.
Suspicious.Cloud.5 is a detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers.
Incase, if these files are good files, you can submit these files to the Symantec Security Response Team via,
https://submit.symantec.com/false_positive/
OR
https://submit.symantec.com/whitelist/isv/
Also, See Creating exceptions for Symantec Endpoint Protection.
See Creating exceptions from log events in Symantec Endpoint Protection Manager.
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
Thanks
Great info
Would you like to reply?
Login or Register to post your comment.