High Risk incident detected

Use this forum to ask about non-product related topics (login issues, product registrations, web site questions, etc.) No technical support questions, please.
Forum rules
Do not post any licensing information in this forum.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.
User avatar
willem
Posts: 1
Joined: Sun Mar 03, 2013 12:45 pm

High Risk incident detected

Post by willem » Thu Feb 02, 2017 12:22 am

Hi there,
I received the following mail (I've put the html code here so you can see the mail in the browser, just copy and paste the text below in a html file and open that file in a browser):

<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<table border="0" cellspacing="0" cellpadding="0" width="615">
<tr>
<td valign="bottom">
<div class="cmes_alert_header"><img src="https://hostedendpoint.spn.com/images/a ... png"></div>
<font size="-1" face="Arial" color="#000000">
<div style="margin-top:15px;margin-bottom:15px">A high-risk incident was detected on your Laptop within the group Laptops on 2/2/2017 8:08:01 AM.</div>
<div style="margin-left:30px">
<div style="margin-bottom:15px"><b>Incident Details</b><br>powershellstudiolauncher.exe (Trojan.Gen.8) detected by Auto-Protect</div>
<div style="margin-bottom:15px"><b>Threat Name</b><br>Trojan.Gen.8</div>
<div style="margin-bottom:15px"><b>Threat Type</b><br>Heuristic Virus</div>
<div style="margin-bottom:15px"><b>File Name</b><br>c:\program files\sapien technologies, inc\document explorer 2017\powershellstudiolauncher.exe</div>
<div style="margin-bottom:15px"><b>Action Required</b><br>Resolved - No Action Required</div>
</div>
</font>
<div class="cmes_alert_footer">
<hr color="#F9BA06">
<table border="0" cellspacing="0" cellpadding="0" width="615">
<tr>
<td valign="Top">
<font size="-2" face="Verdana" color="#000000">Contact method:&nbsp;<b>Default Email Contact Method</b></font><br><font size="-2" face="Arial" color="#BCBCBC">Ref# 400039</font><br></td>
<td align="right" valign="Top">
<font size="-2" face="Arial" color="#000000">Copyright&nbsp;©&nbsp;2017&nbsp;Symantec Corporation.
All Rights Reserved.
<br><img src="https://hostedendpoint.spn.com/images/a ... <br></font>
</td>
</tr>
<tr>
<td colspan="2" align="right"></td>
</tr>
</table>
</div>
</td>
</tr>
</table>
<br clear="both">
______________________________________________________________________<br>
This email has been scanned by the Symantec Email Security.cloud service.<br>
For more information please visit http://www.symanteccloud.com<br>
______________________________________________________________________<br>
</body>
</html>

User avatar
Alexander Riedel
Posts: 6710
Joined: Tue May 29, 2007 4:43 pm

Re: High Risk incident detected

Post by Alexander Riedel » Thu Feb 02, 2017 8:38 am

Our files are continuously scanned and nothing gets uploaded to our servers without a virus scan. Most likely this is a false positive, these pattern based scans are not infallible. However, there is always a chance a file gets infected on YOUR machine.
So please contact you anti-virus provider. They usually have a way to upload a file to verify if it is indeed infected or a false positive.
Alexander Riedel
SAPIEN Technologies, Inc.