Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-08-2018 12:50 AM
Hi,
Our traps solution is detecting malware when it shouldnt happen. This hash have been checked as benign,
Within Security Events we are repeated alerts in Malware Modules due to the protection of processes that refer to executable parents and children that despite having a benign diagnosis by Wildfire continue to appear recurrently, in fact they constitute the most security events reported, despite not being such.
Why is this happening?
10-08-2018 08:00 PM
From the log file you have displayed it appears as though someone has overrode the verdict locally on the EMS server, which would override any value that Wildfire has reported. Verify that hte EMS server doesn't have an override for the Hash and remove it if present.
10-10-2018 12:30 AM - edited 10-10-2018 01:10 AM
You were right, i deleted the override for this hash and now veredict is WF.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
