I have a user who's computer is generating
Message from:
Server name: srvasymantec
Server IP: 10.x.x.x
At least one security risk found:
Risk name: Packed.Mystic!gen4
File path: c:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\xfer\4d2220ae.tmp
Event time: 2011-06-16 16:39:26 GMT
Database insert time: 2011-06-17 14:39:59 GMT
User: SYSTEM
Computer: sales-1agnt
IP Address: 10.x.x.x
Domain: Default
Server: srvasymantec
Client Group: My Company\Sales
Action taken on risk: Quarantined
I've run multiple scans on his machine, deleted the files in the xfer directory and these still keep getting generated. Is his machine infected and how should I remediate this issue?
-J