Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 9 subscribers
  • Views 1999 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cryptoguard keeps detecting the same Priority (ERP) process as malicious

Moshe Grinberg

Hi

We are facing a problem with Cryptoguard that keeps marking a Priority (ERP) files encryption process as Crypto. The first time it happened, I've clicked on 'Mark as Resolved' and that should stop it from recognizing that as Crypto. But, this is not what happened actually. Cryptoguard did that again. I've also excluded the whole Priority installation folder but that also didn't help. I need your assistance, please.

Here are some pictures




Thanks



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Jasmin
    Hi Jasmin This happens every time that employees working on Priority running some Priority process through a terminal. Yes, it's false positive but it keeps recognizing that although we've marked that as resolved which should prevent this from happening again but it's not what actually happening..
  • 0 in reply to Moshe Grinberg

    Hi  

    I'd like to know what happens when he is directly accessing the server without the terminal server and work on that Priority software. Is it detects ransomware attack the same time as well?

    Also, marked as resolved doesn't exclude the process permanently but it just unblocks the process immediately. Please refer this article as well for your reference.

Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?