So I have an instance in my logs where svchost.exe is trying to terminate naPrdMgr.exe. This event is triggering on a workstation.
I don't what to exempt svchost, as that's a known process that gets injected with malware a lot. Any ideas? I'm running 8.8 and epo 4.5.
The Threat Source Process Name is svchost.exe
The Threat Target File path is naPrdMgr.exe
Retrieving data ...