Showing results for 
Search instead for 
Did you mean: 

ENS 10.5.3 ATP repaird file and profile no longer works

We hve been working with ENS 10.5.3 for a couple weeks now. It is limited to 40 systems currently.  A few days ago one of the test systems that has Advanced Threat Protection running fond and repaired a file in our corporate profile.  It has happened on 1 system.  When i review the Event in ePO I see the following line:

Threat Name:  Real Protect-EC!62B61AD348FD

 When I review the ATP Activity log i do not get much more informatoin.  Here is what it shows:

mfeatp(2756.9780) <SYSTEM> Orchestrator.Action.Activity: Real Protect cloud found detection, detection name: Real Protect-EC!62B61AD348FD in source process id: 13808 , source path: c:\program files\gcprofile , source name: profile.exe , source hash: 62B61AD348FDD9201757B994FC76ECB5 , reputation: 1  [Known Malicious] , source user: x , action taken: Clean , content version: 1.0 , engine version: 10.4527

Two lines above the quoted it reads that Utils-OutilsàchangeOwner.  but without access to the system or other logs I am at a loss. 

Any help is much appreciated.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator