A process was detected as suspicious by SONAR - Proactive Threat Protection (These detections are also referred to as "Behavior Based"), or Download Insight in Endpoint Protection. The file was submtted to Security Response and the determination was this was a case of a False Positive (FP) detection. A message to that effect and information regarding corrected definitions were sent. The Proactive Threat Protection definitions in the SEP Client Graphical User Interface do not show any updates and may appear to be out of date.
Until new definitions are available, it is possible to overcome SONAR False Positives through policy. See Exclusion Guidelines for Symantec Endpoint Protection for details. Exceptions should be used with caution and only temporarily. Remove the exclusion once new whitelisting definitions are available. |