Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Gateway Antivirus Alert problem with Epson printer file

Good evening, I am receiving several alerts from the nsa 2650 firewall that detect a probable threat present on a station. Specifically, the threat refers to the epson printer driver package present in the spool folder of the PC on which an epson printer is installed and shared with other users. The nod32 does not detect any anomalies as well as the scan of the files carried out on virustotal. Below is an example log. I still had to disable port 445 on the pc as it was trying to contact a target pc related to a user connected to the company vpn.
Log: 17:27:22 Sep 02 1460 Security Services Inform Gateway Anti-Virus Status: CloudAV Detection. File forwarding to Sandbox truncated for filename: x64 \ 3 \ E_YUBVME.EXE. 192.168.100.22, 445, X0 192.168.168.101, 59224, X1 tc


Category: Capture Security Center
Reply

Answers

Sign In or Register to comment.