Jump to content

MachineLearning/Anomalous.100% - FWAB.EXE and FIS_FORMS.EXE


Recommended Posts



Agent Information

Asset Manager:
Endpoint Protection:
Endpoint Protection Protection Update: 1.0.60091
Protection service version:
Component package version: 1.0.1751
Brute Force Protection:
Operating System  
OS Version: Windows
OS Architecture: Amd64
OS Friendly Name: Microsoft Windows Server 2019 Standard


The two programs FWAB.EXE and FIS_FORMS.EXE are used by our local Board of Elections to run forms/ballots for federal write-in absentees and generate forms/ballots for candidate information. To my knowledge this would be the first time that the office that I support is using these two files however they were provided from the Secretary of State office to be used with several of their election software that is used frequently. I have added exclusions into our system and tried restoring them from quarantine but get an immediate warning that they are unable to be restored. These programs are located on a Windows server which the network locations are mapped onto each user's machine so they access these programs.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.