Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Ntuser.dat.log1 virus

MzSoloApr 25, 2017 01:16 PM

Hello - I have a virus notification that says there is a Heur.AdvMLB virus located at: C:\Users\mnguyen4a\ntuser.dat.LOG1. ...

ℬrίαηApr 25, 2017 01:24 PM

Seems odd that a log file is detected since it shouldn't be inherently malicious. This is just the user's ...

1. Ntuser.dat.log1 virus

0 Recommend
MzSolo
Posted Apr 25, 2017 01:16 PM
| view attached

Reply Reply Privately
Hello - I have a virus notification that says there is a Heur.AdvMLB virus located at: C:\Users\mnguyen4a\ntuser.dat.LOG1.

But when i go to that location the file is not there (i have hidden files marked to show) I did a search on the file and found that there are 2 files with the same name but located at different locations than indicated on the report. See screenshot A & B of attachment. Cannot delete them cause they say the files are in use.

I tried to do a scan on the PC and got an error in the command status window. the PC has a greendot in the SEPM but the Health state says Online/Alert.

Any idea on how to fix? Should I just reimage the PC?

thakns

Solo

Attachment(s)

Screenshot A.docx 4.03 MB 1 version
2. RE: Ntuser.dat.log1 virus

0 Recommend
ℬrίαη
Posted Apr 25, 2017 01:24 PM

Reply Reply Privately
Seems odd that a log file is detected since it shouldn't be inherently malicious. This is just the user's profile and every profile has one. Try running Norton Poer Eraser on it. I'm wondering if it's more of a false postive. The detection is from the machine learning component.

Copyright 2019. All rights reserved.

Powered by Higher Logic