This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

False positive - Exclaimer Signature Manager

We have an open ticket for this (reference 7379239), but haven't had much response so far.

Environment:

Windows 2012 R2 AD

Clients: Windows 7 (some Pro, some Enterprise, mix of 32-bit and 64-bit)

 

Software: Signature Manager generates Outlook signatures based on policies and information in AD. These are stored on a file share on an application server as compressed archives.

Clients run a small executable from the logon script. This connects to the share, downloads the current archive and unpacks it to the user's Signatures folder in their profile.

This worked fine until 27 June, from which point InterceptX started identifying the executable as ransomware.

 

The last response we had from support was on 29 June when it was agreed to transfer the ticket to UK support.

 

I've looked in sophserv.sophos.com, but the ticket isn't visible there.

 

Any suggestions?



This thread was automatically locked due to age.
Parents
  • Same problem here.... Exsync.exe is seen as an exploit on some workstations....


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply
  • Same problem here.... Exsync.exe is seen as an exploit on some workstations....


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children