South Africa Security and Compliance User Group

 View Only
  • 1.  Seeing " Generic Load Point" Actions failed - .lnk file under startup

    Posted Jun 01, 2015 07:38 AM

    Does anyone know what "Generic Load Point" means as I am now picking it up under Risk > Actions failed.

    Sample:

    c:\programdata\microsoft\windows\start menu\programs\startup\bginfo.lnk

    Event type: Virus found

     

    Windows 7 OS

    All actions failed. What does this mean and what do I do? Any assistance is appreciated.

     



  • 2.  RE: Seeing " Generic Load Point" Actions failed - .lnk file under startup
    Best Answer

    Posted Jun 01, 2015 07:41 AM
    I believe it means SEP failed to remove it so you need to manually remediate http://www.symantec.com/docs/TECH102052


  • 3.  RE: Seeing " Generic Load Point" Actions failed - .lnk file under startup

    Posted Jun 01, 2015 07:50 AM

    I had an issue with a "generic load point" and I had to submit the file to Symantec to get it whitelisted. I would try that and once they whitelist and add it to the definitions you should be good.



  • 4.  RE: Seeing " Generic Load Point" Actions failed - .lnk file under startup

    Posted Jun 01, 2015 08:16 AM

    I would equally advise and recommend knowing what this startup item is - its associated file location on the file system, registry, etc. One or many endpoints? Have you collected the MD5 Hash on the file. Is it legitimate or foreign/rogue/malicious?



  • 5.  RE: Seeing " Generic Load Point" Actions failed - .lnk file under startup

    Posted Jun 02, 2015 02:27 AM

    It is only a .lnk file. we have added it to the exception list to be blocked. Until we get a sample of the file, then only can we decide with legit or foreign/rogue/malicious.