Endpoint Protection

 View Only

  • 1.  New risk found: Downloader.Dromedan.

    Posted Aug 22, 2014 08:48 AM

    Hi,

    I'm receiving a New Risk Found Notification on a daily basis, and I can't seem to find what's infected. The message refers to a detection found 04\08\2014, and is coming from a Mac. I did several full scans, including any USB backup disks the user has connected, but nothing is found. Quarantine folder is empty, and for testing purposes has been recreated. The file the report refers to isn't present anyway.

    I'm puzzled as to why this detection is reported each day, and I would like to silence this particular notification assuming it's a false detection. Any advice?

     

    Thanks.

     

     

    xxx

    Downloader.Dromedan
    Security risk

    1

    04/08/2014 13:30:52

    Default
    xxx
    My Company

    Left alone
    Auto-Protect

    \Volumes\\Data Records\Message Sources\0T\0B\0M\7K\x27_7631.olk14MsgS


  • 2.  RE: New risk found: Downloader.Dromedan.

    Posted Aug 22, 2014 08:51 AM

    Seems like the notification is "stuck"

    What's the exact SEPM and client version?



  • 3.  RE: New risk found: Downloader.Dromedan.

    Posted Aug 22, 2014 08:57 AM

    delete the notification and create a new one...



  • 4.  RE: New risk found: Downloader.Dromedan.

    Posted Aug 22, 2014 09:01 AM

    SEPM: 12.1.4013.4013

    Client: Symantec Endpoint Protection for Mac:12.1.4013.4013

     



  • 5.  RE: New risk found: Downloader.Dromedan.
    Best Answer

    Posted Aug 22, 2014 09:14 AM

    Have you tried deleting and re-creating the notification?



  • 6.  RE: New risk found: Downloader.Dromedan.

    Posted Aug 22, 2014 10:06 AM

    I have recreated the notification and reinstalled the SEP Mac client, will report back whether this has solved the issue. Thanks.



  • 7.  RE: New risk found: Downloader.Dromedan.

    Posted Aug 25, 2014 06:13 AM

    I haven't recieved any further false notification reports, recreating the report was the solution.. Thanks all :)