Hi
I upgraded our Symantec Endpoint Protetion installation to 12,1 RU6 MP5 yesterday - Afterwards i pushed out the client upgrade to our 3500 clients.
This morning i have 30-40 pc's claming that they are infected by Suspicious.Cloud.7.L. Every single on is the same file:
C:\Program Files (x86)\Microsoft Office\Office15\PROOF\MSHY7DA.LEX
SHA-256
F7DCA9D7648C5EC78F5864D0D8FBDD8AD3ABBC4A9C5D112B86B12AE94A8A4EDC
Suspicious.Cloud.7.L
|
07/05/2016 09:28:07 |
07/05/2016 08:10:49 |
C:\Program Files (x86)\Microsoft Office\Office15\PROOF\MSHY7DA.LEX |
SHA-256
F7DCA9D7648C5EC78F5864D0D8FBDD8AD3ABBC4A9C5D112B86B12AE94A8A4EDC |
SYSTEM |
07/04/2016 r19 |
Auto-Protect |
Left alone |
It thinks it's infected but leaves it alone?
How do i actually find out if this is a bad / good file - The number keeps growing since the file is on every single pc?