0 Replies Latest reply on Nov 11, 2014 8:56 AM by fitchsoccer342

    Artemis!35F1E4835D5B

    fitchsoccer342

      We are seeing this detection on a handful of servers all of a sudden, see screenshot. This is via VSE 8.8 patch 2.


      \Device\HarddiskVolumeShadowCopy32\WINDOWS\system32\xCmdSvc.exe - is being detected as a trojan and being deleted.

       

      xCmdSvc.exe is a legitimate file used within DDM NTCMD for HP Discovery.

       

      Is there a specific reason this is being flagged or because of possibly an old xCmdSvc.exe or something?