Endpoint Protection

  • Private Community
 View Only

  • 1.  Manually Generated Anomaly

    Posted May 11, 2015 02:33 PM

    Hi, 

    We got an alert today with the following risk name: "Manually Generated Anomaly". I am trying to figure out what this is. The File Path is 

    c:\users\username\appdata\local\assembly\dl3\"random number and letters"\"random number and letters"\"random number and letters"\"random number and letters"\"random numbers".token

    The action taken on the Risk is "Cleaned"

    Can someone help me understanf what the Risk name mean?

    Our version of SEP is 12.1

    Thank you



  • 2.  RE: Manually Generated Anomaly

    Posted May 11, 2015 02:46 PM

    A Symantec employee commented on this here:

    https://www-secure.symantec.com/connect/forums/manually-generated-anomaly#comment-9981201

    and here:

    https://www-secure.symantec.com/connect/forums/what-sepm-risk-manually-generated-anomaly#comment-8548281



  • 3.  RE: Manually Generated Anomaly

    Posted May 11, 2015 02:53 PM

    Hi,

     

    "Manually Generated Anomaly" Is not a proper risk name.

    A SymHelp diagnostic (.sdbz) will contain the raw av.log file. Please create a support ticket for technical analysis. You may be experiencing an issue where the product is broken or issues with defitnitions.



  • 4.  RE: Manually Generated Anomaly

    Posted May 12, 2015 04:55 AM

    Hi HulkSmash,

     

    Which exact version of SEP 12.1 are you using?  I see very few MGA after computers are upgraded to RU5.

     

    Many thanks!

     

    Mick



  • 5.  RE: Manually Generated Anomaly

    Posted May 13, 2015 04:57 PM

    Hi Mick,

    Sorry about the delay in my response. The current version is 12.1.1.5. 



  • 6.  RE: Manually Generated Anomaly

    Posted May 13, 2015 05:02 PM

    Where do I find the SymHelp diagnostic (.sdbz)



  • 7.  RE: Manually Generated Anomaly