Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEP auto deleting file after extraction

Created: 21 Jan 2014 | 11 comments

I have a .rar file and I need to extract an .exe inside it. Everytime I try to do this, the file is deleted by SEP and it tells me that the file is a virus. I have been using this file for years in another PC and never had any problem. How do I do SEP stop deleting the file? I tried to add the folders as exception and stopped SEP, but it keeps deleting the file.

Operating Systems:

Comments 11 CommentsJump to latest comment

.Brian's picture

You need to add the file that is being detected as the virus. Have you tried this?

What's it being detected as?

You should easily be able to create a folder, put the file in there and exclude it from the scans. If this is not working than something else is wrong.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

.Brian's picture

Follow the steps in this article:

How to add a Security Risk Exception on an unmanaged Symantec Endpoint Protection Client

Article:TECH105721  |  Created: 2008-01-26  |  Updated: 2009-01-21  |  Article URL http://www.symantec.com/docs/TECH105721

Issue

How to create centralized exception on an unmanaged client

How to create exceptions on an unmanaged client to prevent scans from quarantining/deleting specific files or applications
 
Solution

To create a Security Risk Exception:

  1. Open the Client Interface
  2. In the sidebar click Change Settings.
  3. Beside "Centralized Exceptions", click Configure Settings.
  4. Click 'Add' and choose Security Risk Exception and then choose 'File' for a single file, or 'Folder' to exclude an entire directory.
  5. Browse to the file or directory you choose and click Add.
  6. Click OK.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

ruda's picture

Only the option "Web Domain" is enabled. The options "File" and "Folder" are disabled. That means that only the administrator can do that?

.Brian's picture

Yea, looks like since this is a managed client, you will need to notify the SEPM admin of this issue

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Sumit G's picture

This file may have virus contents so symantec have deleted thatfile. You can add folder with path ine exception.

http://www.symantec.com/business/support/index?pag...

Regards

Sumit G.

Rafeeq's picture

You need to check with your admin he will create exception for it

technical_specialist's picture

You can add the exception from client

Open the client shield from toolbar.

Click on change setting

Click on Configure Setting at Exception Tab

Select Add -> Security Risk Exception ->  Folder (Choose that folder path)

If these option can't be enable it's mean that symantec admin block it

snapshot.jpg

pete_4u2002's picture

you need to set under exceptions and get it whitelisted.

whats the threat name it shows up?

James007's picture

Does this is your company application ?

if yes you can subit your application for symantec support for White-List.

Software developer would like to add his/her software to the Symantec White-List.

Article:TECH132220  |  Created: 2010-01-04  |  Updated: 2013-10-18  |  Article URL http://www.symantec.com/docs/TECH132220
GeoGeo's picture

You could also try submitting the file to symantec for analysis so it can be added to their whitelist database, and reduce the number of false posatives. 

https://submit.symantec.com/whitelist/ 

Please review ideas and vote there could be something useful :)

https://www-secure.symantec.com/connect/security/ideas