ENS 10.5.3 ATP repaird file and profile no longer works
We hve been working with ENS 10.5.3 for a couple weeks now. It is limited to 40 systems currently. A few days ago one of the test systems that has Advanced Threat Protection running fond and repaired a file in our corporate profile. It has happened on 1 system. When i review the Event in ePO I see the following line:
Threat Name: Real Protect-EC!62B61AD348FD
When I review the ATP Activity log i do not get much more informatoin. Here is what it shows:
mfeatp(2756.9780) <SYSTEM> Orchestrator.Action.Activity: Real Protect cloud found detection, detection name: Real Protect-EC!62B61AD348FD in source process id: 13808 , source path: c:\program files\gcprofile , source name: profile.exe , source hash: 62B61AD348FDD9201757B994FC76ECB5 , reputation: 1 [Known Malicious] , source user: x , action taken: Clean , content version: 1.0 , engine version: 10.4527
Two lines above the quoted it reads that Utils-OutilsàchangeOwner. but without access to the system or other logs I am at a loss.