I want to start out by saying that I am completely a noob at managing an Endpoint Server. I have learned a lot from just working my way through some issues, but I have ran into an issue that I can't seem to remedy on my little bit of knowledge or google.
We run Endpoint Protection Manager Ver 12.1.1.1101.401 RU1 MP1 and manage just over 200 machines with it. I have been able to edit policies to better fit our needs and so forth, again by either figuring out on my own or internet searches. The problem that I am having is that I have a machine that keeps showing up as still infected and I know the file that is showing as a threat is not. The file is from an installation CD for a software that was installed on the machine.
The software is k+can commander. It is a software for programming and resetting ECU's on automobiles. I have tried to create an exception to allow the software as safe, but the policy doesn't seem to help.
Any suggestions?
Thanks