Endpoint Protection

I have a .rar file and I need to extract an .exe inside it. Everytime I try to do this, the file is deleted by SEP and it tells me that the file is a virus. I have been using this file for years in another PC and never had any problem. How do I do SEP stop deleting the file? I tried to add the folders as exception and stopped SEP, but it keeps deleting the file.

You need to add the file that is being detected as the virus. Have you tried this?

What's it being detected as?

You should easily be able to create a folder, put the file in there and exclude it from the scans. If this is not working than something else is wrong.

No, how do I do this?

Follow the steps in this article:

How to add a Security Risk Exception on an unmanaged Symantec Endpoint Protection Client

Article:TECH105721

|

Created: 2008-01-26

|

Updated: 2009-01-21

|

Article URL http://www.symantec.com/docs/TECH105721

 

To create a Security Risk Exception:

1. Open the Client Interface
2. In the sidebar click Change Settings.
3. Beside "Centralized Exceptions", click Configure Settings.
4. Click 'Add' and choose Security Risk Exception and then choose 'File' for a single file, or 'Folder' to exclude an entire directory.
5. Browse to the file or directory you choose and click Add.
6. Click OK.

Only the option "Web Domain" is enabled. The options "File" and "Folder" are disabled. That means that only the administrator can do that?

This file may have virus contents so symantec have deleted thatfile. You can add folder with path ine exception. http://www.symantec.com/business/support/index?page=content&id=TECH183201

Yea, looks like since this is a managed client, you will need to notify the SEPM admin of this issue

You need to check with your admin he will create exception for it

You can add the exception from client

Open the client shield from toolbar.

Click on change setting

Click on Configure Setting at Exception Tab

Select Add -> Security Risk Exception ->  Folder (Choose that folder path)

 

If these option can't be enable it's mean that symantec admin block it

 

 

you need to set under exceptions and get it whitelisted.

whats the threat name it shows up?

 

Does this is your company application ?

if yes you can subit your application for symantec support for White-List.

Software developer would like to add his/her software to the Symantec White-List.

 

 

 

Article:TECH132220

|

Created: 2010-01-04

|

Updated: 2013-10-18

|

Article URL http://www.symantec.com/docs/TECH132220

 

You could also try submitting the file to symantec for analysis so it can be added to their whitelist database, and reduce the number of false posatives. 

https://submit.symantec.com/whitelist/