Decoy Notifications

SMSystems · November 2022

We have enabled Decoy files on a lot of endpoints and this seems to be generating false positives.

Is there a way to prevent these from being sent or at least categorically identify these as decoy detections and avoid unnecessary notifications?

Notification details as follows:
Name: Trj/RansomDecoy.A
Path: TEMP|\489314D86C55A948A225789DB7A93229_000000004D5F663E.tmp
Hash: 865C0C0B4AB0E063E5CAA3387C1A8741

David_Carro · November 2022

I have just send a PM to you, let me know if you do have any further issues.

David

Cicciopalla · January 2023

Hi, we're having the same issue. How was it resolved?

Kind regards,

Alessandro

David_ · January 2023

Hi, Cicciopalla.

I have just sent you a PM.

David

BillyBrannum153 · January 2023

I have the same issue with Panda,

Carmen_Gomez · January 2023

Hi BillyBrannum153,

I am sending you a PM

Regards,

mchaves · January 2023

I have the same issue

David_ · January 2023

Hi, mchavez
PM sent.
Let us know if there are further issues.

Rosa · January 2023

Hi mchaves

I am sending you a PM

Regards,

Rosa

PSI923511 · January 2023

Hi,

we have the same messages on endpoint protection clients.

Regards,

Mark

Carmen_Gomez · January 2023

Morning,

Anyone experiencing this issue please open a case with support by clicking the support center link at the top of this page.

Thanks for your collaboration.
Regards,

ottl05 · April 2023

We´ve got the same "problem".
So it´s still not resolved.

David_Carro · April 2023

Hi, ottl05,

Please create a support case by clicking on the support center link at the top of this page.

Please include your client ID and contact info so we can study your case in depth.

Kind Regards,

David

KLAW · April 2023

@David_Carro said:
Hi, ottl05,

Please send an email requesting support to:
support@watchguard.com

so we can study your case in depth.

Kind Regards,

David

Hi David,

I'm having the same issue. Should I send you a PM or send a email to support@watchguard.com?

Thanks!

james.carson · April 2023

Hi @KLAW
Sending an email or opening a support case via the support center button at the top of this page will get you in contact with the support team. if you're experiencing this issue, please do which ever method you prefer.

TiroFijo · October 2023

Hi, we're having the same issue. How was it resolved?

David_Carro · October 2023

Hello All,

When we deployed Decoy Files Feature, we had some false detections due to programs interacting with our decoy files. Those where solved by changing the conditions for triggering detections

If at this point in time, you do have detections on the decoy files, we do have to study the cases independently, as it might be related to a completely different issue, and the source probably is completely different.

Please create a support case by clicking on the support center link at the top of this page.

Please note your client ID and contact details, so we can study your case in depth.

Kind Regards,

David

EduardsB · February 2024

Hi, we're having the same issue. How was it resolved? I have Panda end point Kind regards,

james.carson · February 2024

Hi @EduardsB
There's quite a few different factors - I'd suggest creating a support case so that we can look into your issue specifically.

Decoy Notifications

Comments