Views:

The following table lists the processes that display under the Process column in the Data Loss Prevention logs.

Table 1. Processes by Channel

Channel

Process

Synchronization software (ActiveSync)

Full path and process name of the synchronization software

Example:

C:\Windows\system32\WUDFHost.exe

Data recorder (CD/DVD)

Full path and process name of the data recorder

Example:

C:\Windows\Explorer.exe

Windows clipboard

Not applicable

Email client - Lotus Notes

Full path and process name of Lotus Notes

Example:

C:\Program Files\IBM\Lotus\Notes\nlnotes.exe

Email client - Microsoft Outlook

Full path and process name of Microsoft Outlook

Example:

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

Email client - All clients that use the SMTP protocol

Full path and process name of the email client

Example:

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

Removable storage

Process name of the application that transmitted data to or within the storage device

Example:

explorer.exe

FTP

Full path and process name of the FTP client

Example:

D:\Program Files\FileZilla FTP Client\filezilla.exe

HTTP

"HTTP application"

HTTPS

Full path and process name of the browser or application

Example:

C:\Program Files\Internet Explorer\iexplore.exe

IM application

Full path and process name of the IM application

Example:

C:\Program Files\Skype\Phone\Skype.exe

IM application - MSN

  • Full path and process name of MSN

    Example:

    C:\Program Files\Windows Live\Messenger\ msnmsgr.exe

  • "HTTP application" if data is transmitted from a chat window

Peer-to-peer application

Full path and process name of the peer-to-peer application

Example:

D:\Program Files\BitTorrent\bittorrent.exe

PGP encryption

Full path and process name of the PGP encryption software

Example:

C:\Program Files\PGP Corporation\PGP Desktop\ PGPmnApp.exe

Printer

Full path and process name of the application that initiated a printer operation

Example:

C:\Program Files\Microsoft Office\Office12\ WINWORD.EXE

SMB protocol

Full path and process name of the application from which shared file access (copying or creating a new file) was performed

Example:

C:\Windows\Explorer.exe

Webmail (HTTP mode)

"HTTP application"

Webmail (HTTPS mode)

Full path and process name of the browser or application

Example:

C:\Program Files\Mozilla Firefox\firefox.exe
Parent topic: Viewing Data Loss Prevention Logs