Endpoint Protection

Dear all,

We support an infrastructure (SEP Manager 11.0.6 and almost 2000 clients) and i want an answer about the following situation. The following processes have been identified in many of our clients

xz.exe

wcz_hpf2_rosetta.exe

vc.exe

Do you have any information about these processes? I really appreciate it.

submit these files to symantec secuirity reponse team to know if these are malware /infected files.

Kindly submit these files to Symantec for analysis.

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/business/support/index?page=content&id=TECH102419

Alternatively you can also submit to the below site.

http://www.threatexpert.com/submit.aspx

Hope this helps.

Is there a specific procedure that we have to follow about it?

Hello,

I agree with above Comments.

Submit the Files to the Security Response Team.

In your case, you would like to check this Article:

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team.

Hope that helps!!

Hi,

just note that nothing can be known about a file just by its name, it is not a unique thing.

You should submit the files to any of the above provided sites (Symantec Security Response, Threat Expert, Virus Total, etc.), the file will be analyzed and you will also get a the MD5 which is something practically unique. You can the use the MD5 to know more about those files if the feedback from the mentioned sites is not enough.