Legitimate files used by programs are being quarantined or installation files are being quarantined before the software can be installed with Symantec Endpoint Protection Small Business Edition cloud (SEP SBE) installed.
Symantec offers Rapid Release definitions, which are a day ahead of the qualified definitions agents normally download via LiveUpdate. These definitions should be installed on a system to see if a future update will resolve the suspected False Positive (FP) issue.
Rapid Release Virus Definitions
If False Positive detections continue than the file should be restored from quarantine, collected, and submitted to Symantec for review.
Note: If several files need to be submitted they should be submitted in a non-password protected zipped archive with no more than nine files.
|For additional information and recommendations on suspected False Positives, please see Best Practice when Symantec Endpoint Protection is Detecting a File that is Believed to be Safe.|