Endpoint Protection

 View Only

  • 1.  SEP Risk Log showing D:/??????? file path.

    Posted Mar 21, 2015 05:13 AM

    Hello everyone!

    A machine of mine is logging detections of a Trojan.Gen.2 virus, but the file path is non-existent. For example, i'll quote a single risk log. 

    ??_??????.EXE || Trojan.Gen.2 || Log only || Virus || D:\?????????\  || Computer A || User A || Log only || D:\?????????\  || Clean security risk || Quarantine    Auto-Protect scan  || The file was left unchanged. || 29/10

    The scans that picked this up were both auto-protect and manual scans. The action taken was Log Only. I'm wondering why is the file path set to D:\?????- ? Also, what are the repercussions if the action taken was "Log Only" and the file was left unchanged? Curious case, thanks!



  • 2.  RE: SEP Risk Log showing D:/??????? file path.

    Posted Mar 21, 2015 06:47 AM
    Have you plugin any storage device (USB Device) ?


  • 3.  RE: SEP Risk Log showing D:/??????? file path.

    Posted Mar 21, 2015 08:15 AM
    Was from a removable device. Log only could mean a few things. You may need to check out that machine manually as the infection could be active.


  • 4.  RE: SEP Risk Log showing D:/??????? file path.

    Posted Mar 21, 2015 09:17 PM

    Thanks, I don't have direct access to the machine at the moment, but will bump this thread if I manage to narrow the source down. Cheers.



  • 5.  RE: SEP Risk Log showing D:/??????? file path.

    Posted Mar 21, 2015 11:08 PM
    Sounds good, thanks