3 Replies Latest reply: Feb 1, 2013 8:48 PM by mcafeenewb RSS

    Postalreceipt.exe Only Found During OAS or ODS


      Hi all,


      I have a user that unwisely downloaded the postalreceipt.zip file and unzipped it.  SCCM shows the file existed on the system 22 Jan.  It wasn't until a scan was run 7 days later that VSE found and deleted the Trojan.


      I have noticed this wtih several recent detections - SCCM shows the files as of one date but VSE doesn't detect the files until a scan is run. 


      Shouldn't VSE hit on these files as they are downloaded to the machine, not just during a scan?