Endpoint Protection

 View Only

  • 1.  Trojan.ADH

    Posted Dec 02, 2010 12:30 PM

    I’m running SEP 11  in windows XP. I insert a DVD into my DVD drive (D:). When I output the dvd…after two minutes the auto-protect scan detected a risk.

     

    Risk: Trojan.ADH 

    Action: clean by deletion 

    File name: something.exe

    Risk type: file  

    Original location: D:\ Folder1\

    Status: deleted

    Current location: deleted

    Primary action: clean security risk

    Second action: quarantine

    Logged by: auto-protection scan

    Action description: The file was deleted successfully

     

    The "scheduled scan" doesn't find any risk. I turn off my system restore and I update the definitions. I run a full system scan and I don't getting alerts like that again. The risk exists in the quarantine like "backup file".

    The risk is cleaned? My computer is safe?

    Thanks!



  • 2.  RE: Trojan.ADH

    Posted Dec 02, 2010 03:37 PM

    SEP successfully deleted the infected file found on your DVD.

    A backup of the infected file is safely stored in the quarantine folder.You may delete it.

    A scheduled scan by default scans only local hard disks.

    Your PC is safe.

    No further action required.

    Regards...



  • 3.  RE: Trojan.ADH

    Posted Dec 02, 2010 05:23 PM

    Thanks you a lot!  I insert a Cd into another DVD- drive (E:). This cd unfortunately has the same .exe. The auto-protect detected the same risk. But this time the only action is log only. Unsuccessful – clean security risk failed. Quarantine failed.

     

    When the risk detected, I get two alerts in my system.

    1. Warning! Event id 50 source InCDfs. Part of the event: e:\something. Exe. “The description for event id 50 in source InCDfs cannot be found. The local computer may not have the necessary registry information or message DLL files to displays message from a remote computer

    2. Information! Source: application popup. “Application popup: windows-delayed write failed: windows was unable to save all the data for the file E:\something.exe. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Please try to save this file elsewhere.

     

    I do again the same steps…I run a full system scan in normal mode doesn’t find risk. My computer is still safe?



  • 4.  RE: Trojan.ADH

    Posted Dec 02, 2010 05:36 PM

    SEP is denying access to the virus as this time it cannot delete the file or move it from your dvd to quarantine.You should consider transferring your data in another clean DVD

    windows is interpreting it as a hardware failure as it cannot access the file.

    Your PC remains protected though