Our traps solution is detecting malware when it shouldnt happen. This hash have been checked as benign,
Within Security Events we are repeated alerts in Malware Modules due to the protection of processes that refer to executable parents and children that despite having a benign diagnosis by Wildfire continue to appear recurrently, in fact they constitute the most security events reported, despite not being such.
Why is this happening?
From the log file you have displayed it appears as though someone has overrode the verdict locally on the EMS server, which would override any value that Wildfire has reported. Verify that hte EMS server doesn't have an override for the Hash and remove it if present.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!