Our virus scanner partially recognizes some Adobe file as an encryption Trojan.
Can someone tell me what the files are for? The files are under the following path:
Sorry for necroing an older thread, but I would like to know that as well..... in our case the file server on which the roaming profiles are stored notifies us about an encryption event.
Since it is a heuristic hit and it is classified as a "generic cryptor" I suspect Adobe encrypts some sensitive data in those files. When the roaming profile is written to the file server on client shutdown, it triggers the encryption event warning.
So I THINK it is a false positive, but I would like to know for sure.
If anybody has some insight into those files and could shed some light on this it would be highly appreciated.
Hi - did you manage to get to the bottom of this? I think it's a false positive like you say but I can't get a decent answer out of our antivirus support!
No, nothing new came to light.
We had a handful of similar events that triggered the encryption warning, but it always checked out with the current theory:
Some program had to store sensitive data of some sorts and it did so with an encrypted file somewhere under APPDATA/ROAMING.
Then, at logout, the roaming profile was copied to the server which triggered the encryption warning.
But so far, no new information about ES_session_store