Endpoint Protection

 View Only
Expand all | Collapse all

Symantec Endpoint Protection v11.0.6000.550

  • 1.  Symantec Endpoint Protection v11.0.6000.550

    Posted Jan 14, 2011 10:51 AM

    I had a really strange SEP occurence this week. My Sylink-Remote_ENG folder I've been using for quite some time now was flagged as a risk and deleted. Has anybody seen this and know why?

    See log below...

    At least one security risk found:

     Risk name: Trojan.ADH

    File path: c:\Stuff\Tools\SYLINKREMOTE_ENG.zip>>Sylink-Remote_ENG\setup.exe

    Event time: 2011-01-09 07:52:16 GMT

    Database insert time: 2011-01-09 07:55:04 GMT

    User: SYSTEM

    Computer: XXXXX

    IP Address: xxx.xxx.xxx.xxx.

    Domain: XXXXXX

    Server: XXXXXXX

    Client Group: My Company\Workstations

    Action taken on risk: Cleaned by deletion



  • 2.  RE: Symantec Endpoint Protection v11.0.6000.550
    Best Answer

    Posted Jan 14, 2011 10:54 AM

    Its false positive..Once the same thing happened with sylinkreplacer aswell..New defs fixed the issue



  • 3.  RE: Symantec Endpoint Protection v11.0.6000.550

    Posted Jan 14, 2011 11:02 AM

    OK Thanks.