The following table lists the processes that display under the Process column in the
Data Loss Prevention logs.
Processes by Channel
Channel
|
Process
|
Synchronization software (ActiveSync)
|
Full path and process name of the synchronization
software
Example:
C:\Windows\system32\WUDFHost.exe |
Data recorder (CD/DVD)
|
Full path and process name of the data recorder
Example:
C:\Windows\Explorer.exe |
Windows clipboard
|
Not applicable
|
Email client - Lotus Notes
|
Full path and process name of Lotus Notes
Example:
C:\Program
Files\IBM\Lotus\Notes\nlnotes.exe |
Email client - Microsoft Outlook
|
Full path and process name of Microsoft
Outlook
Example:
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE |
Email client - All clients that use the SMTP
protocol
|
Full path and process name of the email
client
Example:
C:\Program Files\Mozilla Thunderbird\thunderbird.exe |
Removable storage
|
Process name of the application that transmitted
data to or within the storage device
Example:
explorer.exe |
FTP
|
Full path and process name of the FTP client
Example:
D:\Program
Files\FileZilla FTP Client\filezilla.exe |
HTTP
|
"HTTP application"
|
HTTPS
|
Full path and process name of the browser
or application
Example:
C:\Program Files\Internet
Explorer\iexplore.exe |
IM application
|
Full path and process name of the IM application
Example:
C:\Program
Files\Skype\Phone\Skype.exe |
IM application - MSN
|
|
Peer-to-peer application
|
Full path and process name of the peer-to-peer
application
Example:
D:\Program Files\BitTorrent\bittorrent.exe |
PGP encryption
|
Full path and process name of the PGP encryption
software
Example:
C:\Program Files\PGP Corporation\PGP
Desktop\ PGPmnApp.exe |
Printer
|
Full path and process name of the application
that initiated a printer operation
Example:
C:\Program
Files\Microsoft Office\Office12\ WINWORD.EXE |
SMB protocol
|
Full path and process name of the application
from which shared file access (copying or creating a new file) was
performed
Example:
C:\Windows\Explorer.exe |
Webmail (HTTP mode)
|
"HTTP application"
|
Webmail (HTTPS mode)
|
Full path and process name of the browser
or application
Example:
C:\Program Files\Mozilla
Firefox\firefox.exe |