cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Dwee
Level 11
Report Inappropriate Content
Message 1 of 2
‎11-28-2022 07:21 PM

Segurazo

Hi,

maybe this is similiar to my old posts, i just frustrated that mcafee have option to detect PUP, but still in my system (many system checked on ePO) have this threat events from segurazo (variant a,b,c,d you named it), it only detected but not cleaned or delete it, even thou some times i found some system successfully delete or cleaned it it will come back again,

my questions : how to permanently kill this PUP (Segurazo), how to check the root cause why this PUP always/can comes back ?

this is the event id that always showed up : 1284 : file infected. Undetermined clean error, delete failed

0 Kudos
Reply
1 Reply
Pravas
Employee
Employee
Report Inappropriate Content
Message 2 of 2
‎11-28-2022 07:45 PM

Re: Segurazo

Hi @Dwee ,

ENS detects a threat when its accessed (read/write) in disk. It may not be able to block it from source.

Therefore its important to investigate how (Segurazo) gets installed.

Perhaps clean-up doesn't work because it may have been locked by some other process.  Try rebooting and verify if the file gets removed.

I believe file access should be denied even if the sample is not cleaned.

Thanks

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2022 Musarubra US LLC