We are seeing this detection on a handful of servers all of a sudden, see screenshot. This is via VSE 8.8 patch 2.
\Device\HarddiskVolumeShadowCopy32\WINDOWS\system32\xCmdSvc.exe - is being detected as a trojan and being deleted.
xCmdSvc.exe is a legitimate file used within DDM NTCMD for HP Discovery.
Is there a specific reason this is being flagged or because of possibly an old xCmdSvc.exe or something?