Symantec Anti-Virus is detecting EndPointSecurity agent as virus

Versions / Builds Affected

All versions

Status

Resolved

Problem Summary

Symantec AV is detecting custommessage.exe or endpoinstsecurity.msi as Trojan.Cryptolocker.Z

How to Identify

After scanning a client machine that has the EndPointSecurity agent a virus is detected: Computer User IP Address Risk Risk Type Risk Count Date Time Domain Server Group Action Source File / Entry bw7azcgn SYSTEM IP - Trojan.Cryptolocker.Z Malware 1 08/19/2015 23:48:45 Default \Workstations Quarantined Manual Scan C:\Windows\Installer\1c1508ac.msi bw7azcgn SYSTEM Trojan.Cryptolocker.Z Malware 1 08/19/2015 23:48:45 Default \Workstations Quarantined Manual Scan C:\Windows\Installer\1c1508ac.msi>>______>>custommessages.exe16

Workaround / Fix Details

The False Positive is confirmed. New definitions should already have this definition updated.

Required Actions

Advise client to to update Symantec definitions