CruxEight Posted March 19, 2021 Report Share Posted March 19, 2021 I am trying to find a way to load an executable that has be deemed as a trojan (win.dropper.generic::95.sbx.tg). The file is not an issue as it is part of a monitoring server with fresh appliance. Here are the issues. Attempted to exclude the file name, parts of the threat name etc. see screen shot: Tried to find a way to use threat name, but the application will not allow the actual detection name as shown: In the text field for threat name. Tried string escapes for the colon, but the input field won't allow them or the colon. Tried to load the executable on the a DFS share local directory that is replicated to the \\domain name\some location, but the AV will not allow UNC exclusions, so the instant that the file is placed in the local directory it is replicated to the \\domain name\some location and the AV quarantines the file in both locations. Can you please explain how I can whitelist this file? Link to comment Share on other sites More sharing options...
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now