Hi there,
I received the following mail (I've put the html code here so you can see the mail in the browser, just copy and paste the text below in a html file and open that file in a browser):
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<table border="0" cellspacing="0" cellpadding="0" width="615">
<tr>
<td valign="bottom">
<div class="cmes_alert_header"><img src="https://hostedendpoint.spn.com/images/a ... png"></div>
<font size="-1" face="Arial" color="#000000">
<div style="margin-top:15px;margin-bottom:15px">A high-risk incident was detected on your Laptop within the group Laptops on 2/2/2017 8:08:01 AM.</div>
<div style="margin-left:30px">
<div style="margin-bottom:15px"><b>Incident Details</b><br>powershellstudiolauncher.exe (Trojan.Gen.8) detected by Auto-Protect</div>
<div style="margin-bottom:15px"><b>Threat Name</b><br>Trojan.Gen.8</div>
<div style="margin-bottom:15px"><b>Threat Type</b><br>Heuristic Virus</div>
<div style="margin-bottom:15px"><b>File Name</b><br>c:\program files\sapien technologies, inc\document explorer 2017\powershellstudiolauncher.exe</div>
<div style="margin-bottom:15px"><b>Action Required</b><br>Resolved - No Action Required</div>
</div>
</font>
<div class="cmes_alert_footer">
<hr color="#F9BA06">
<table border="0" cellspacing="0" cellpadding="0" width="615">
<tr>
<td valign="Top">
<font size="-2" face="Verdana" color="#000000">Contact method: <b>Default Email Contact Method</b></font><br><font size="-2" face="Arial" color="#BCBCBC">Ref# 400039</font><br></td>
<td align="right" valign="Top">
<font size="-2" face="Arial" color="#000000">Copyright © 2017 Symantec Corporation.
All Rights Reserved.
<br><img src="https://hostedendpoint.spn.com/images/a ... <br></font>
</td>
</tr>
<tr>
<td colspan="2" align="right"></td>
</tr>
</table>
</div>
</td>
</tr>
</table>
<br clear="both">
______________________________________________________________________<br>
This email has been scanned by the Symantec Email Security.cloud service.<br>
For more information please visit http://www.symanteccloud.com<br>
______________________________________________________________________<br>
</body>
</html>
High Risk incident detected
Forum rules
Do not post any licensing information in this forum.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
Do not post any licensing information in this forum.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
- Alexander Riedel
- Posts: 8479
- Last visit: Thu Mar 28, 2024 9:29 am
- Been upvoted: 37 times
Re: High Risk incident detected
Our files are continuously scanned and nothing gets uploaded to our servers without a virus scan. Most likely this is a false positive, these pattern based scans are not infallible. However, there is always a chance a file gets infected on YOUR machine.
So please contact you anti-virus provider. They usually have a way to upload a file to verify if it is indeed infected or a false positive.
So please contact you anti-virus provider. They usually have a way to upload a file to verify if it is indeed infected or a false positive.
Alexander Riedel
SAPIEN Technologies, Inc.
SAPIEN Technologies, Inc.