- Joined
- Dec 9, 2011
- Messages
- 6,543
- Reaction score
- 511
This should tickle a few techies out there.
My employer uses Symantec Endpoint Protection for antivirus (Like Norton, with with a few extras). Recently, I (as the administrator) got the following notification:
In all seriousness, the antivirus detected a change in svchost.exe that wasn't in its signature database yet. I saw the affected computer download new definitions later in the day and the alert went away.
But I can't help giggling when I see Windows declared a security risk. Sometimes, the truth will not be imprisoned.
My employer uses Symantec Endpoint Protection for antivirus (Like Norton, with with a few extras). Recently, I (as the administrator) got the following notification:
At least one security risk found:
Risk name: Microsoft® Windows® Operating System
File path: c:\windows\system32\svchost.exe
Event time: Jun 30, 2014 8:06:42 AM
Database insert time: Jun 30, 2014 8:46:26 AM
Source: Heuristic Scan
Description: ""
User: SYSTEM
Computer: <redacted>
IP Address: <redacted>
Domain: Default
Server: <redacted>
Client Group: <redacted>
Action taken on risk: Left alone
This alarm was generated at Jun 30, 2014 9:30:50 AM (Reporter host Time).
This alarm was generated by <redacted>, with the following filters:
<redacted>
Symantec Endpoint Protection detected a new risk on client computers.
In all seriousness, the antivirus detected a change in svchost.exe that wasn't in its signature database yet. I saw the affected computer download new definitions later in the day and the alert went away.
But I can't help giggling when I see Windows declared a security risk. Sometimes, the truth will not be imprisoned.