Endpoint Protection

  • 1.  Incomplete Detection Path

    Posted 15 days ago
    I appologize if this has been asked before. I was having a difficult time searching for and finding the answer to my questions.

    We recently had a detection which i believe is a false positive. The detection path is not a full path so I am not sure how to figure out where the file may have initially resided. I think it may have been in a compressed folder but i am not sure.

    Detection results.

    At least one security risk found:

    Risk name: Heur.AdvML.C
    File path: >>launcher.exe
    Event time: May 20, 2020, 1:58:52 AM
    Database insert time: May 20, 2020, 2:00:18 AM
    Source: Scheduled Scan
    Description:
    User: SYSTEM
    Computer:
    IP Address:
    Domain: Default
    Server:
    Client Group:
    Action taken on risk: Quarantined
    This alarm was generated at May 20, 2020, 2:04:08 AM (Reporter host Time).
    This alarm was generated by, with the following filters:
    Domain: *
    Group: *
    Server: *
    Computer: *
    Risk name: *