# How to Generate Your First Detection ## Table of Contents - [Introduction](#introduction) - [Pre-Requisites](#pre-requisites) - [Generating First Detection](#generating-first-detection) ## Introduction This is a functionality test to evaluate the effectiveness of the behavior detection engine. It demonstrates a safe way of generating an alert. It also allows users to assess Endpoint Central's Next-Gen Antivirus capabilities and provides an overview of how detection operates without impacting actual files on your system. ## Pre-Requisites ### Step 1: Enable User Device Notification Before proceeding further, make sure the Endpoint Central agent is installed and that the NGAV add-on is enabled. To check that the NGAV software is working successfully, follow the steps below: Navigate to **Settings → Notification Settings → Click Modify → Ensure User Device Alert Notification is enabled.** ![User Notification](https://www.manageengine.com/products/desktop-central/help/images/user-notification-edr.png) ### Step 2: Verify NGAV Service Status - Open the Command Prompt by pressing **Win + R**, typing `cmd`, and pressing **Enter**. - Run the command: ```bash sc query mearwservice ``` ![Malware Simulator](https://www.manageengine.com/products/desktop-central/help/images/malware-simulator-4.png) The state is listed as **running**, indicating that the NGAV software is operational. ## Generating First Detection Kindly follow the steps below to run the `.exe` process and generate the first malware detection: - Open the Command Prompt by pressing **Win + R**, typing `cmd`, and pressing **Enter**. - Run the command: ```bash choice.exe /m me_edr_sample_detection ``` - Type **Y** to initiate the process when prompted with the command **me_edr_sample_detection [Y,N]?** ![Malware Simulator](https://www.manageengine.com/products/desktop-central/help/images/malware-simulator-ui-noti-2.png) The notification of the process will be shown, and this process will be flagged as a malicious incident. It will be listed in the console under the **Incidents** tab. In the **Incidents** tab, a new alert appears detected by the Behavior Detection engine. ![Malware Simulator Alert](https://www.manageengine.com/products/desktop-central/help/images/malware-simulator-1.png) Click on the incident to expand the detection for additional details. The **Summary** tab gives an overview of the suspicious process. ![Alert Information](https://www.manageengine.com/products/desktop-central/help/images/malware-simulator-2.png) The **Alerts** tab encompasses the complete forensic data, including the process tree of the particular incident. Under the **Devices** tab, you can view the endpoints affected by the incident. ![Alert Information](https://www.manageengine.com/products/desktop-central/help/images/malware-simulator-5.png)