Showing results for 
Search instead for 
Did you mean: 
Level 13


We are seeing this detection on a handful of servers all of a sudden, see screenshot. This is via VSE 8.8 patch 2.

\Device\HarddiskVolumeShadowCopy32\WINDOWS\system32\xCmdSvc.exe - is being detected as a trojan and being deleted.

xCmdSvc.exe is a legitimate file used within DDM NTCMD for HP Discovery.

Is there a specific reason this is being flagged or because of possibly an old xCmdSvc.exe or something?

0 Kudos