https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164408#M8484 <P>Anyone else seeing large numbers of failed retrospectives on the following? We have 350 so far.</P><UL><LI>Disposition:<SPAN>&nbsp;</SPAN><SPAN class="">Malicious</SPAN></LI><LI>Filename:<SPAN>&nbsp;</SPAN><SPAN class="">Adobe Genuine Helper.exe</SPAN></LI><LI>Detection SHA-256: abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e</LI></UL><P>Appears to be genuine, no other IOCs noted in the environment.&nbsp;</P><P><A href="https://www.virustotal.com/gui/file/abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e/detection" target="_blank" rel="noopener">https://www.virustotal.com/gui/file/abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e/detection</A></P> Thu, 22 Aug 2024 11:40:18 GMT MidwestCyber 2024-08-22T11:40:18Z https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164408#M8484 <P>Anyone else seeing large numbers of failed retrospectives on the following? We have 350 so far.</P><UL><LI>Disposition:<SPAN>&nbsp;</SPAN><SPAN class="">Malicious</SPAN></LI><LI>Filename:<SPAN>&nbsp;</SPAN><SPAN class="">Adobe Genuine Helper.exe</SPAN></LI><LI>Detection SHA-256: abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e</LI></UL><P>Appears to be genuine, no other IOCs noted in the environment.&nbsp;</P><P><A href="https://www.virustotal.com/gui/file/abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e/detection" target="_blank" rel="noopener">https://www.virustotal.com/gui/file/abcf2c8bab98cedb1bd973a0cefa747e6fe9d835248e4471f7cf9c26446abe6e/detection</A></P> Thu, 22 Aug 2024 11:40:18 GMT https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164408#M8484 MidwestCyber 2024-08-22T11:40:18Z https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164428#M8485 <P>I opened a ticket with TALOS to investigate as a False Positive. Next time you have an issue like this, please open a TAC case so we can track it properly.</P> <P>Thanks,</P> <P>-Matt</P> Thu, 22 Aug 2024 12:22:47 GMT https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164428#M8485 Matthew Franks 2024-08-22T12:22:47Z https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164440#M8486 <P>Thanks Matt, was planning on doing so when I arrived at the office this morning.</P> Thu, 22 Aug 2024 12:35:07 GMT https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164440#M8486 MidwestCyber 2024-08-22T12:35:07Z https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164489#M8487 <P>Looks like TALOS removed the malicious disposition from that file. Thanks for reporting it!</P> <P>-Matt</P> Thu, 22 Aug 2024 13:49:34 GMT https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164489#M8487 Matthew Franks 2024-08-22T13:49:34Z https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164494#M8488 <P>Looks like that is reflecting in our portal. Thanks again!</P> Thu, 22 Aug 2024 13:55:28 GMT https://community.cisco.com/t5/endpoint-security/false-positive-quot-adobe-genuine-helper-exe-quot/m-p/5164494#M8488 MidwestCyber 2024-08-22T13:55:28Z