As far as I can tell, when SEP quarantines a file, the file is altered so that you no longer have access to the original binary. Our SEP clients are setup within SEPM policy such that they are not able to disable SEP so I am unable to get the original file for the submission - as soon as I attempt a restore, SEP detects as a virus again and puts it back into quarantine.
When submitting a false positive report to the following site: https://submit.symantec.com/false_positive/ it asks to include the file in question. Can I include the SEP manipulated file and not the original?
Any other suggestions where I would not have to go to our SEPM administrator in order to change the policy?
Thanks,
Jarvey