Moving this post to the Endpoint Protection forum.
Note that Windows File and Printer Sharing must be enabled in order for Risk Tracer to work.
Please see - How to use Risk Tracer to locate the source of a threat in Symantec Endpoint Protection
http://www.symantec.com/business/support/index?page=content&id=TECH94526&actp=search&viewlocale=en_US&searchid=1290458269625