topic Win.Dropper.Generic::1201 in Network Security https://community.cisco.com/t5/network-security/win-dropper-generic-1201/m-p/3953976#M42539 <P>Hello all,</P><P>&nbsp;</P><P>Over the past week we have been having this detection on AMP and I can not for the life of me figure out how to remediate it. It feels like this may be a false positive, but I can't confirm, and we get countless notifications per day on this. Does anyone have any info on this, or had seen it before in their own environment.</P><UL><LI><STRONG>Detection:</STRONG>Dropper.Generic::1201</LI><LI><STRONG>File:</STRONG>tmp</LI><LI><STRONG>File path:</STRONG> \\?\C:\Windows\Installer\MSIE21C.tmp</LI><LI><STRONG>Detection SHA-256:</STRONG> 6b01db091507022acfd121cc5d1f6ff0db8103f46a1940a6779dc36cca090854</LI><LI><STRONG>Application SHA-256:</STRONG> 199b3890d28a1f5906f4014e73615a268b3c4414f1f71697bf13e0d464258d54</LI></UL><P>TIA to anyone that can shed some light on how to handle this.</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 06 Nov 2019 13:19:56 GMT Rblundon 2019-11-06T13:19:56Z Win.Dropper.Generic::1201 https://community.cisco.com/t5/network-security/win-dropper-generic-1201/m-p/3953976#M42539 <P>Hello all,</P><P>&nbsp;</P><P>Over the past week we have been having this detection on AMP and I can not for the life of me figure out how to remediate it. It feels like this may be a false positive, but I can't confirm, and we get countless notifications per day on this. Does anyone have any info on this, or had seen it before in their own environment.</P><UL><LI><STRONG>Detection:</STRONG>Dropper.Generic::1201</LI><LI><STRONG>File:</STRONG>tmp</LI><LI><STRONG>File path:</STRONG> \\?\C:\Windows\Installer\MSIE21C.tmp</LI><LI><STRONG>Detection SHA-256:</STRONG> 6b01db091507022acfd121cc5d1f6ff0db8103f46a1940a6779dc36cca090854</LI><LI><STRONG>Application SHA-256:</STRONG> 199b3890d28a1f5906f4014e73615a268b3c4414f1f71697bf13e0d464258d54</LI></UL><P>TIA to anyone that can shed some light on how to handle this.</P><P>&nbsp;</P><P>&nbsp;</P> Wed, 06 Nov 2019 13:19:56 GMT https://community.cisco.com/t5/network-security/win-dropper-generic-1201/m-p/3953976#M42539 Rblundon 2019-11-06T13:19:56Z