Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1028
Views
0
Helpful
2
Replies

Windows System32 Directory File Creation

sameer.devlekar
Level 1
Level 1

‎04-22-2010 10:27 PM - edited ‎03-10-2019 04:58 AM

Hi Folks,

I get sevral alerts from my IDS system says, "Windows System32 Directory File Creation" as an event.

Could you please help me out understand the exact meaning for this alerts.

Thanks in advance,

Sameer

Labels:
0 Helpful
2 Replies 2

johan.kellerman
Level 1
Level 1

‎04-23-2010 12:40 AM

Hi

This is pretty straith forward. A file has been created in the ..%windowsroot%\system32 directory.

If you turn on verbose logging for this signature you can see what file has been created.

Br

Johan Kellerman

0 Helpful

sameer.devlekar
Level 1
Level 1
In response to johan.kellerman

‎04-25-2010 11:42 PM

Hi Johan,

I tried using that but, the report doesn't seem to shows any useful info. Please let me know if we have any other possible way to investigate this cause.

Thanks,

Sameer

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top