Endpoint Protection

Hi

I have found a lot of virus log from systems where file name "putty.exe" shown..

Putty is n/w regarding tool and without this n/w work not be complete.

So kindly guide how can I stop the virus without removing putty application??

Maybe can you paste the log here?

It could be false positive or real W32.SillyFDC....

you can put under exception till the time it is sorted out

Submit the file to Symantec to make sure it is a false +. Then you can exclude the file till Symantec gives you a definition that takes care of this.

How to Use the Web Submission Process to Submit Suspicious Files

http://www.symantec.com/business/support/index?page=content&id=TECH102419

If this is a real threat, symantec will give you a definition to fix this.

If you are sure it is not an infection, submit the file & create exclusion for the time being.

Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11

http://www.symantec.com/business/support/index?page=content&id=TECH104326

Hello,

To correct this issue, follow the below steps:

1. In the Symantec Endpoint Protection Manager select Policies
2. Select View Policies
3. Double-click AntiVirus and AntiSpyware.
4. Double-click the AntiVirus and AntiSpyware policy on the right hand side. This opens a new window.
5. Click Proactive Threat Scan
6. Select Detecting Commercial Applications
7. Set your preferred actions and lock.

Reference:  http://www.symantec.com/docs/TECH102726

http://www.symantec.com/docs/TECH141977

Hoep that helps!!

Thumb up Pete- Update the daily usage authorised application running file in exception afte scanning..

Hi Mithun- It' mean that if i can set as ignore then file not be scanned??

If you will change it as ignore then no action will then no action will be taken while detect commercial apllication. Also no log will be generate.

Still curious what is the detection name, if it's commercial apps then i would agree with above...