Symantec Endpoint Protection Produces False Positive

New Boundary Support
Prism Suite

The information in this article applies to:

  • Prism Deploy
  • Prism Suite
This article is to assist users of Prism products that have experienced false positives with anti-virus solutions such as Symantec Endpoint Protection (SEP). Occasionally, Heuristic Scanning from Symantec Endpoint Protection will identify Prism Packages (.pwc), Prism Rollback (.pwr), or Self-Installing Files (.exe) (executable wrapped Prism Package) as Suspicious.emit.

New Boundary Technologies has performed rigorous malware scanning and testing against all of our product files and package files and have not found any anomalies. Symantec’s identification is therefore a false positive.

New Boundary Technologies is working with Symantec to find a resolution to this issue, until then we recommend that you follow this article.

Recommendations to minimize false positives with Symantec Endpoint Protection and other similar anti-virus applications

New Boundary Technologies recommends that you create an Exception Policy or add to an existing Exception Policy within Symantec Endpoint Protection for Prism Suite, Prism Deploy or Prism Deploy Packager executable and service files, as well as folder structures related to Prism Suite or Prism Deploy.

Folder structures that should have exceptions created for them are:
C:\program files\New Boundary
C:\program files\common files\New Boundary
C:\ProgramData\Prism Deploy

C:\Program Files (x86)\New Boundary
C:\Program Files (x86)\Common Files\New Boundary
C:\ProgramData\Prism Deploy

The following application and service files for Prism products (along with their paths) should have exceptions made for them:
C:\Program Files\New Boundary\Client\PTClient.exe (32-bit)
C:\Program Files\Common Files\New Boundary\PrismXL\PrismXL.sys (32-bit)

C:\Program Files (x86)\New Boundary\Client\PTClient.exe (64-bit)
C:\Program Files (x86)\Common Files\New Boundary\PrismXL\PrismXL.sys (64-bit)

Optional: The following proprietary file types created by Prism products can also be exempted in Symantec:​
.PWC (software deployment package file)
.PWR (software deployment rollback file)
.PWI (package “snapshot” definition file)
.PWF (package “snapshot” file)
.PWSUBS (Prism client subscription file)
.PTS (Prism script file

After creating or modifying your Exception Policy (Symantec Endpoint Protection) to include Prism-related information, ensure that the policy is then applied to all workstations or servers where Prism (product) files may exist.​

Also In This Category

On a scale of 1-5, please rate the helpfulness of this article

Not Helpful
Very Helpful
Optionally provide your comments to help us improve this article...

Thank you for your feedback!

Add Your Comments
Email Address:
RadEditor - HTML WYSIWYG Editor. MS Word-like content editing experience thanks to a rich set of formatting tools, dropdowns, dialogs, system modules and built-in spell-check.
RadEditor's components - toolbar, content area, modes and modules
Toolbar's wrapper  
Content area wrapper
RadEditor's bottom area: Design, Html and Preview modes, Statistics module and resize handle.
It contains RadEditor's Modes/views (HTML, Design and Preview), Statistics and Resizer
Editor Mode buttonsStatistics moduleEditor resizer
RadEditor's Modules - special tools used to provide extra information such as Tag Inspector, Real Time HTML Viewer, Tag Properties and other.
Verification Code:
Last Modified: 8 Years Ago
Last Modified By: New Boundary Support
Type: INFO
Article not rated yet.
Article has been viewed 5.9K times.
Customer Support Software By InstantKB 2015-2
Execution: 0.000. 10 queries. Compression Disabled.