NotMyFaultTolerant

The file was gone but I found the JSON log file and it contained the SHA256. A matching file is up on VirusTotal and it does appear to be an update for the program I suspected. I've posted the details as you suggested. Thanks!!

This morning I was notified of a generic ransomware detection ("Malware.Ransom.Agent.Generic"). The file appears to have been deleted from my system but I found the JSON file with the log for the detection on my system and it contained the SHA256 hash. The hash is 82fed84f0d5249f1320b72876df646113f7b963870fdd054ae4477b07bb54d78 and a matching file has already been uploaded to VirusTotal. This appears to simply be part of an update to the Tresorit cloud storage application that I use. This is what I suspected since Tresorit stopped running around this time which I'd expect to see if it tried to update and was interrupted in the middle of the process.

I got a popup warning this morning that "Malware.Ransom.Agent.Generic" had been blocked and quarantined. I suspect this was a false positive and may have been an automatic update for my cloud file sync software. I'd like to confirm by examining the file but when I open Malwarebytes and look in the Quarantine there's nothing listed. I see the history entry on the notifications but it contains very little information. The popup said it was quarantined but it seems that it was simply deleted. Is this the usual expected behavior? Thanks!!