Jump to content

AdamPilat

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Cli, I added an exception for the file. What is odd is it triggered a quarantine only on windows servers, not on any workstations. It also only triggered on 3 of 9 servers on completely different networks with no inter connectivity. I removed the exception, and tried a right click scan and it found nothing. I will leave the exception off, and see if it quarantines them again. All of the events occurred on 6/12 between 04:07 AM and 05:46 AM. See attached photo. Thanks.
  2. Attached is the file. I looked in the Endpoint Agent Directory, and the Cloud console, and do not see any log files. Not sure where to grab what you are asking for. Thanks. hmpalert.zip
  3. Malwarebytes detected hmpalert.exe as malware listed as trojan.dridex. Service has been running on servers, and desktops for months as part of Sophos Intercept X Advanced. Verified detected file has same version, hash, signature. Saw older tickets where same service triggered false positives in 2016. Support said it was resolved but does not appear to be.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.