Hi,
We have just purchased anti-exploit for our endpoints (16,000 in total) and use a few different clinical applications. We have rolled out anti-exploit to around 40 test machines so far its picked up one of out clinical application EMISWeb as Ransomware.
Does anyone one here currently use Anti-Exploit (On premise) within an NHS environment and have come across such issues when using clinical systems, I know a few of them actually encrypt documents (by design).
The following process is trying to attack your personal files:
PID: 4296
Application: C:\ProgramData\SDS\Version6\Applications\EmisWeb Client\EWC_6.5.12.0000 (146074)_MKBC_127.0.0.0000\EmisWeb.exe
List of files:
C:\Users\***\AppData\Local\IsolatedStorage\qvrocdp5.qtu\x3rk2shu.hxo\Url.gj4s2kt31t4obdhuqvw23ckbelkc2zoh\AssemFiles\EMISWebDocs4228\c4f7239744784430b3516213fc842093.pdf
C:\Users\***\AppData\Local\IsolatedStorage\qvrocdp5.qtu\x3rk2shu.hxo\Url.gj4s2kt31t4obdhuqvw23ckbelkc2zoh\AssemFiles\EMISWebDocs4228\b974d155f3a84cfcaf30a09e9f5e1cc8.rtf
C:\Users\**\AppData\Local\IsolatedStorage\qvrocdp5.qtu\x3rk2shu.hxo\Url.gj4s2kt31t4obdhuqvw23ckbelkc2zoh\AssemFiles\EMISWebDocs4228\72942661be9e4aad8095616c378e9d54.rtf
HitmanPro.Alert has intercepted and blocked this attack.
You are strongly advised to immediately scan this computer with HitmanPro and remove the detected threats.
This thread was automatically locked due to age.
