Hi,
I am needing some advice regarding false detection of a file.
The file is temporarily created by an Inventory tool (Peregrine Desktop Inventory) which runs once a month on all workstations. The first time this was detected was this month 01/09/2010, however the application has been in use for years, so I am sure it relates to definition file updates.
The file which is detected as a risk and deleted is
fpnthw.sys. This can be located on workstations under C:\Documents and Settings\Username\Local Settings\Temp\
I have attempted to add an exclusion on SAV 10.1.6.6000, however there appears to be only two options. Either add the extension (.sys) or the folder path (C:\Documents and Settings\Username\Local Settings\Temp\) to the exceptions. Unfortunately a specific file cannot be added on its own, and wildcards may not be used. This creates a larger problem which leaves room for other possible threats.
Would it be possible to get Symantec to exclude this file from the definitions if we provide them with a copy?
I believe this also affects a different version of the Anti-Virus and SEP.
Regards
Barry