Jump to content

rh3662

Members
  • Posts

    9
  • Joined

  • Last visited

Everything posted by rh3662

  1. OK. Thanks for confirming. It's been installed for a while now so an update on your end must have started detecting it. The extension is blocked anyway so it isn't running. Didn't know it was installed but must have been put there when the Desktop Central agent was installed on our systems.
  2. The following has been quarantined on several of my systems this morning. This is the Browser Security Plus extension for Chrome from Manage Engine...which we use and has been installed on our systems. Is this a correct classification? Name Type Category Status Path PUP.Optional.PrivacyRisk File PUP Quarantined C:\USERS\xxxxx\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences PUP.Optional.PrivacyRisk Reg, Value PUP Quarantined HKU\xxxxx\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|mhkgegcmcapcgmnnloigolapjkajgfmd PUP.Optional.PrivacyRisk Folder PUP Quarantined C:\USERS\xxxxx\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\mhkgegcmcapcgmnnloigolapjkajgfmd I'm using Nebula cloud. Thanks
  3. This file came with the installation of our ShoreTel(Mitel) voicemail system and has been on this server for years with no apparent problems. Possibly a false positive? Brought down my voice mail system when it was quarantined. openssl.zip
  4. https://www.virustotal.com/gui/file/c5a196fdd06a3da3e4a4ae1e58509502da2cd9220167b648a32c5e38ca643c6d/detection Ran it through here and 5 sites detected something. We'll just delete the file. My developer said he hasn't used it in a while. Thanks for looking into this.
  5. DIGICERTUTIL.EXE in the C:\PROGRAM FILES (X86)\DIGICERTUTIL\ folder is reported as Malware.AI.4214365187 by Nebula Cloud. The file is part of the Digicert tools downloaded from https://www.digicert.com/tools/ I can send you the EXE file if needed. Name Type Category Status Path Malware.AI.4214365187 File Malware Quarantined C:\PROGRAM FILES (X86)\DIGICERTUTIL\DIGICERTUTIL.EXE
  6. Thanks. I'll monitor to see if it's detected again. I had already added an exception, but apparently didn't add it correctly.
  7. The ANSYS.EXE file is being detected as Malware.Ransom.Agent.Generic. Software has been installed for years and just recently, after moving to the Nebula Cloud, has been detected as Malware. https://www.ansys.com/ Not sure how to generate a log file from the Nebula Cloud interface as instructed so I've attached a screenshot of the detection. ANSYS.zip
  8. www.nucleartownhall.com keeps coming up as containing a possible Trojan. Can this be re-evaluated? Thanks Richard
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.