WatchGuard Support Center

Article ID :000030325

Endpoint Security Decoy Files create temporary files and folders after backup sessions

Applies To

	Products:	WatchGuard Endpoint Security
	Operating System:	WatchGuard Endpoint Security
	Issue Status:	Resolved

Status and Tracking

Tracking ID:
Status:	Resolved
Resolved In:	WGUA-3430

Description

This issue applies to WatchGuard EPP, EDR, EDR Core, EPDR, and Advanced EPDR. It was resolved in Hotfix WGUA-3430.

Affects protection versions between v8.00.22.0010 to v8.00.22.0025.

Endpoint Security Decoy Files can create temporary files and folders such as C:\Users\TEMP.DOMAIN_NAME.XXX after backup sessions.

Workaround/Solution

A hotfix is available to resolve this issue.

To apply the hotfix on the affected endpoint:

Download and save this hotfix file to the endpoint: https://www.pandasecurity.com/resources/sop/pad/hf-wgua3430-wpdecoy-tempfiles.exe
Double-click the downloaded file.

The hotfix does not require a restart of the endpoint. Under some circumstances, you might be prompted to restart for the hotfix to be fully applied. If you cannot restart the computer immediately, select No when prompted. This postpones the application of the hotfix until the next system restart.

Note: To install the unattended or silent version of the hotfix, click here. The hotfix is applied after the next system restart.

File Details

The hotfix updates this file:

File Name	Location	File Version	Modified Date	Hotfix to be included in future versions?
WPDecoy.dll	C:\Program Files (x86)\Panda Security\WAC\WPDecoy.dll	2.1.0.12	9 June 2024	Yes v8.00.23.X

Verify Hotfix Application

To verify that the hotfix was successful, check the file version in the File Details section, or verify these values in the Windows Registry: