Trojan Horse Detected by SEP 11 under a Closed Network
Recently SEP 11 has detected Trojan horse on 2 files in my client's Windows 2003 Server in a closed network. One of the file is named .opmndat in C:\product\10.1.3.1\OracleAS_1\opmn\logs\states which seems to be a log file created during Oracle Services start up. I tried to open the file with notepad and there is only a numerical string. It is already quarantined. Another is called DWH3.temp in C:\Windows\Temp which is no longer exist after the SEP alert.
Why such files could be detected a Trojan horse and how to prevent these alerts from SEP 11? Grateful if anyone can help. Thank you!