Endpoint Protection Small Business Edition

Hi Symantec,

Today, We noticed lot of alerts for the syamntec signature "Trojan.Gen.SMH". We checked the detected file and is not malicious. Please let me know was there any rapid release for the above signature.

Regards,
Sam

Have you submitted the file to Symantec as a false postive?

https://submit.symantec.com/false_positive/

Have you put in an exclusion in the mean time? Symantec may not yet know about this or are you 100% sure it's a false positive?

Hello,

Trojan.Gen.SMH is a generic detection for many individual but varied Trojans for which specific definitions have not been created. A generic detection is used because it protects against many Trojans that share similar characteristics. 

There might be some change in application behaviour that could be the reason SEP started detection against it. 

Report is to Symantec as a false positive. 

https://submit.symantec.com/false_positive/

If you are sure it's not creating any trouble then place detection path under centralized exception policy of the SEPM.

This can be a reference guide: https://support.symantec.com/en_US/article.TECH92553.html

If no change happend after submission to false positive,Ask your vendor to contact Symantec to get it whitelisted again. Our software whitelisting program offers software authors and vendors the opportunity to periodically submit software for inclusion in the Symantec whitelist of known good software in order to reduce the possibility of false positives.

https://submit.symantec.com/whitelist/