I need a solution
The issue described below is on all Windows XP SP3 machines and Symantec Endpoint Protection 12.1 RU1.
We have an in house developed application that was recently changed/upgraded and deployed to about 500 machines. What is weird is about 75% of the machines detected the application as a (Unknown) Trojan Worm by SONAR, and the other 25% were fine with the application. I verfied that all 500 have the same policies definitions etc.
Is this normal for SONAR to do something like this?