Video Screencast Help

Help with Exceptions

Created: 07 Dec 2011 • Updated: 07 Dec 2011 | 3 comments
This issue has been solved. See solution.

I need to make a centralized exception for a file that is named as a risk "Suspicious.Cloud.5.A"   Quarantine

the problem is that the file is located on a random place on the client

C:\Documents and Settings\Administrator\Local settings\Temp\7zS101.tmp\tcapa-conf_release_1-0-0.exe

next time

C:\Documents and Settings\Administrator\Local settings\Temp\7zS104.tmp\tcapa-conf_release_1-0-0.exe

 

SEP 12.1.1000   & 12.1.671

Comments 3 CommentsJump to latest comment

pete_4u2002's picture

 open a case with symantec and ask to whitelist the file and the check the link to create exception from log

http://www.symantec.com/business/support/index?page=content&id=HOWTO55214

Mithun Sanghavi's picture

Hello,

Do you think this files are Legitimate??

Symantec is Detecting this Files due to suspicious activity.

Suspicious.Cloud.5 is a detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers. 

Incase, if these files are good files, you can submit these files to the Symantec Security Response Team via, 

https://submit.symantec.com/false_positive/

OR

https://submit.symantec.com/whitelist/isv/

Also, See Creating exceptions for Symantec Endpoint Protection.

See Creating exceptions from log events in Symantec Endpoint Protection Manager.

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION