Jump to content

abytedifferent

Members
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About abytedifferent

  • Rank
    Newbie
  1. Greetings, I have just started to using Immunet as a secondary scanner in my k-12 organization. When installed, Sophos AV triggeres most productivity executable as a SysCall Exploit. (Office and Acrobat reader mostly) I have also trimmed down Immunet to have everything "OFF' however the only way to prevent this from issue from occurring is to disable the exploit mitigation portion of Sophos. We were really attracted to the Immunet product as it worked with existing AVs. Is there a known incompatibility between Immunet and Sophos (with intercept-X)? Sophos Logs: ____________________________ Mitigation SysCall Platform 10.0.15063/x64 v604 06_3d PID 2232 Application C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE Description Microsoft Word 14 Reason NTDLL32 Bypass Callee Type ProtectVirtualMemory 0x02D3000C c21400 RET 0x14 Process Trace 1 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [2232] "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\***\***\***\***.doc" 2 C:\Windows\explorer.exe [9024] 3 C:\Windows\System32\userinit.exe [7692] 4 C:\Windows\System32\winlogon.exe [1032] winlogon.exe ____________________________ thanks!
×
×
  • Create New...