Our traps solution is detecting malware when it shouldnt happen. This hash have been checked as benign,
Within Security Events we are repeated alerts in Malware Modules due to the protection of processes that refer to executable parents and children that despite having a benign diagnosis by Wildfire continue to appear recurrently, in fact they constitute the most security events reported, despite not being such.
Why is this happening?
From the log file you have displayed it appears as though someone has overrode the verdict locally on the EMS server, which would override any value that Wildfire has reported. Verify that hte EMS server doesn't have an override for the Hash and remove it if present.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!