I have noticed that some of my single risk event alert displayed infected file path is unavailable as the example below
Subject: Single Risk Event
Message from:
Server name: xxxx
Server IP: xxxx
At least one security risk found:
Risk name: Downloader
File path: Unavailable
Event time: 2010-05-06 00:27:38 GMT
Database insert time: 2010-05-06 01:17:53 GMT
User: SYSTEM
Computer: xxxx
IP Address: xxxx
Domain: xxxx
Server: xxxx
Client Group: xxxx
Action taken on risk: Details pending
Does anyone know what is going on there?
I checked on the log on the host, it looked like that the alert pick that unavailable value from the log, but can someone from Symantec explain any reason it is unavailable?
280406091B26,51,1,2,EBFID70185331,SYSTEM,Downloader,Unavailable,3,4,18,256,33554436,"",0,,0,101 {FCE31AF5-3680-4B8A-9894-DA50AFC6D939} 0 1 Downloader 2;0;13 0 0 521f928b-be3a-4188-ac12-37d467517a4b 0,0,26637,0,0,0,,,0,,0,0,0,0,,{C8B679C9-96CE-41A8-B55F-5590F4279CF3},
Thanks