Suspicious Activity - R.exe file

JohnBell

Hi,

I'm getting the following message intermittently:

"We have identified the server at....downloading a suspicious executable file.  Trojans commonly propagate using single-character .exe files that are downloaded to an unusual and/or hidden location.

File Pathe : D\Program Files\Alteryx\R-3.4.4\bin\x64\R.exe"

It appears to be a "false positive", but I'm interested if anybody else has experienced this behavior.  (we are using Alteryx version 2018.2).

Thanks,

John

R exe error1.docx

danilang

hi @JohnBell 

We've never experienced issue with R.exe here, but your's could be corrupted. From the error message, though, it sound like your security program/stack is applying a rule and flagging the exe as a possible issue.   After a complete check, your security program/stack should have some way of white listing or validating that this is an allowable executable.  That is an interesting heuristic that your AV stack is using, though.

Dan