cancel
Showing results for 
Search instead for 
Did you mean: 

Assistance Required

Hi,

How to Detect drive name/ USB vendor name on a system using EPO when virus is detected i observe E, D, F, H etc but difficult to know what was that drive and user lie that he/she just connected mobile device for charging not the USB drive.

Kindly provide the update.

3 Replies
QHAFIZ
Level 9
Report Inappropriate Content
Message 2 of 4

Re: Assistance Required

The detection is being done at Point Product (in this case VSE) level. Whetever (drive, path, filename or vendor etc) are being captured by VSE and the same are being  forwarded to ePO database which you see in the reports at ePO dashboard.

ePO cannot do much on this.

You need to check with VSE guys :-)

HTH

Re: Assistance Required

Hi there,

Not much that VSE can do to get the info you are looking for. I would suggest to install HDLP (Host Data Lost Prevention) and it will provide you all the devices that are being plugged with names and serials.

I hope this helps you.

Cheers,

Re: Assistance Required

Hello,

follow this article to get some more informations about in finding out which USB-Devices were plugged in on computers:

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Extracting-USB-Artifa...

Only chance you have is to compare the ePO data with those, you can extract out of the registry of the specific system. DLP is a good suggestion though but gets really fast to big and of course it is not free of purchase