Good morning, I sent the connector to update to the latest version (8.2.1.21612) and after waiting a few hours I see that I have 300 devices in the inbox that report the same event, which is "Suspicious smss.exe Parent Process". Could the new version have a bug? and also events like "Suspicious wininit.exe Parent Process" that says:

"End Process \{"amp_fingerprints"=>nil, "creation"=>0, "file_system_attr"=>-1, "modification"=>0, "name"=>"wininit .exe", "original_file_name"=>nil, "original_file_version"=>nil, "original_product_name"=>nil, "original_product_version"=>nil, "original_vendor_name"=>nil, "path"=>"C:\\Windows \\System32", "primary_signature"=>{"root_certificate"=>{"issuer"=>nil, "public_key_hash"=>nil, "serial"=>nil, "sha1"=>nil, "subject"=> nil, "type"=>nil, "valid_from"=>nil, "valid_to"=>nil}, "signing_certificate"=>{"issuer"=>nil, "public_key_hash"=>nil, "serial"=>nil , "sha1"=>nil, "subject"=>nil, "type"=>nil, "valid_from"=>nil, "valid_to"=>nil}}, "secondary_signature"=>{"root_certificate"=>{ "issuer"=>nil, "public_key_hash"=>nil, "serial"=>nil, "sha1"=>nil, "subject"=>nil, "type"=>nil, "valid_from"=>nil, " valid_to"=>nil}, "signing_certificate"=>{"issuer"=>nil, "public_key_hash"=>nil, "serial"=>nil, "sha1"=>nil, "subject"=>nil, "type "=>nil, "valid_from"=>nil, "valid_to"=>nil}}, "sha256"=>nil, "size"=>-1, "subsystem"=>-1}"

Thank you