Hi,
Can you let us know as why these threat target file path of McAfee events itself are showing up as threat and FILE_DELETED_UPDATE
Server ID: SV510057
Event Received Time: 6/9/19 6:27:27 AM BST
Event Generated Time: 6/9/19 6:03:45 AM BST
Preferred Event Time: 6/9/19 6:03:45 AM BST
Agent GUID: DC8996EC-918B-11E8-2124-B4B6769E2D39
Detecting Prod ID (deprecated): SOLIDCORE_META
Detecting Product Name: Solidifier
Detecting Product Version: 8.0.1.223
Detecting Product Host Name: TB600xx
DAT Version:
Engine Version:
Threat Source Host Name:
Threat Source MAC Address:
Threat Source User Name:
Threat Source Process Name:
Threat Source URL:
Threat Target MAC Address: 00059a3c7a00
Threat Target User Name: NT AUTHORITY\SYSTEM
Threat Target Port Number:
Threat Target Network Protocol:
Threat Target Process Name: C:\program files\common files\mcafee\systemcore\mcshield.exe
Threat Target File Path: C:\Program Files\Common Files\McAfee\SystemCore\temp_vscan.bof
Event Category: File Monitoring
Event ID: 20775
Threat Severity: Information
Threat Name: FILE_DELETED_UPDATE
Threat Type: None
Action Taken: None
Threat Handled:
Analyzer Detection Method:
Events received from managed systems
Event Description: File Deleted