McAfee false positive for ThinApped reviews
Hello
In our Organization, we have the customer view (4.01) using ThinApp (4.0.4 - 204871) and deployed to some users of test (on XP) for a pilot program. Some users reported that our company software antivirus (McAfee VirusScan Enterprise 8.7i) wswc.exe as a generic Trojan virus. The wswc.exe and the folder Thinstall tell me me that it is the Client of the view. Here is a part of the McAfee log file:
2010-10-14 01:12:08 engine version = 5400.1158
2010-10-14 01:12:08 DAT AntiVirus version = 6135.0
2010-10-14 01:12:08 number of EXTRA detection signatures. DAT = None
10/14/2010-01:12:08 names of EXTRA detection signatures. DAT = None
2010-10-14 15:54:32 deleted NT AUTHORITY\SYSTEM C:\WINDOWS\system32\CCM\CcmExec.exe C:\Documents and Settings\ (user name removed) \Local Settings\Application Data\Thinstall\Cache\Stubs\5a21d3a6a2ac166efd290dc64a9bea5988496d\wswc.exe generic.DX!12536d125737! ugk (Trojan)
We told our users that ThinApp does not trace on the system package is connected. I guess that now that this is incorrect. Anyone in the community would be to explain what McAfee is actually detecting here and some suggestions about how we can avoid our users to see what kind of "false positive" virus messages?
I just want to say that I've only worked with ThinApp for a few months so I'm still learning the application and I appreciate any input given to my question.
Thank you
Bob
> > we told our users that ThinApp does not trace
the system whether the package is connected. I guess now that
This is incorrect. Anyone in the community would be so good regarding
explain what McAfee is in fact detection here
Only place that ThinApp change in the system is the location of the Sandbox, which you can simply get rid by deleting the folder. An exception is if the isolation of a certain folder mode is merged (check attribute.ini in any folder to the package).
When you capture
an application and build a bin ThinApp project resulting
folder contains all the installation files with the file of container as read only data.
Now
When you copy this into deploment machine and run, ThinApp can
need to write files in some cases (for example if the application tries to)
create a log file). Now ThinApp does not create files in
OS system files (windows, program files, etc.) and creates all the sandbox
and written. You can locate the default sandbox in %AppData%.
So when you say no trace, it should mean that demand will not registers, write the system folders. Of course, if an application creates files, thinApp has to create them because otherwise the application does not work, but instead of creating these files anywhere in the system, ThinApp restrict to a location unique sandbox.
I hope you do feel better now.
Aditya
Tags: VMware
Similar Questions
-
False positive for test seek funnel with Dell PC Checkup?
I run PC Checkup of Dell occasionally and the other day I ran and got a failure for a WD 2 TB my Passport (external USB) drive. Specifically, according to Dell PC Checkup, he failed to test search funnel.
I had no problem with the drive at all, so I ran chkdsk from Windows 7: is it that: none of the problems not reported. I also ran WD "s diagnostics owners and he spent all three steps of this (SMART, fast and complete drive test) as well.
I've seen references to the false positive PC Checkup of this kind of statement.
The car is under warranty and there is no problem with data loss, but I am just not sure of what or tests to trust.
I don't want to go through the hassle of RMA if that disk is actually OK.
Any thoughts?
DG
Hi dg;
I have zero confidence in PC Checkup. The Dell diagnostics are ok, but the manufacturer of the car tools are the best. I diagnosed problems with SeaTools that neither Dell nor picked up Acronis diagnostics.
-
Earth attack false positive for in-house guests
Hi all...
I have two hosts on networks of "inside". One is a jabber server and the other a client attempts to connect to this server.
IP address of the jabber server is 192.168.100.19, and the customer has a DHCP address assigned 192.168.150.19. Other customers on the 150.X have no trouble getting on the jabber server.
When I try to connect to the server, I see an xlate open in the live journal, but I also have the following message: "Deny IP due to the land of
attack in . Obviously confused firewall about the source IP address and port applications. If I manually assign a different IP address to the client, it can connect. I guess I could remove the xlate table to address this problem, but it happened to someone else, and can anyone suggest what could cause this?
A bug in version 8.2 (3) perhaps?
Thank you!
Dan
We should jump into conclusions about bugs yet.
The firewall is to translate the client to the ip address of servers 192.168.100.19?
The response from the server is marked as GROUND attack?
You must first determine which package is marked as ground attack and if it is normal. For example, if the client has been translated to the ip address of servers, then the answer could in fact be reported as GROUND attack, because the LAN checks before the NAT device.
I hope it helps.
PK
-
Hello
We have ID 4210 box with version 3.1 and using virtual machines to monitor and manage the area ID. We use the perl script for sending email notification whenever the event is triggered. The problem is that we receive a lot of false positives for signatures like 4001, 4003, 5366 etc how can you eliminate false positives detection.
Thanks and greetings
Salim
Hello
You could use response to threats of Cisco - who will get a stream directly from the Cisco IDS 3.X and 4.X sensors and could help is to reduce false positives.
In a word WHAT CTR will occur a series of controls against the targets of the attack as it is the right operating system system, and in the case of windows systems, it will check the levels of Patch etc. It uses digital fingerprints NMAP and agents currently I think it's free and requires a box of windows 2000 with fast processor to work.
The issue you'll have with this is that it increases only events using SNMP - so you should have to rely on your business to generate emails.
It should significantly reduce your events.
If you use CSPM, you can also set configuration notifications occur on the 1st occurrence of an event, the nth occurrence and a timer reset to reduce the number of recurring events.
In the version IDS 4.X, you can perform a range of tuning including fireone, summary events etc. to futher reduce the generated events.
-
is this a real threat or false positive?
After scanning my local disk with norton 360, malwarebytes, MRT and Prevx 3.0,.
ONLY Prevx 3.0 identified "funshioninstall2.0.0.29beta.exe" as a "medium risk Malware."
should I worry that it is a true malware? or is this a false positive?
EDIT:
OK, so here is my log scan Prevx 3.0
Crawl log Prevx - Version v3.0.5.50
Generated journal: 2010-05-02 09:59, Type: 0.1
Windows Vista Home Premium Service Pack 2 (Build 6002) 32 bit | 1033
HostName: Laura-laptop
Some non malicious files are not included in this journal.
The heuristic settings: age: 1, Pop: 1, er: 2 (Dir: 1)
Last Scan: Game 2010-02-04 18:28:24 standard time from the Malay Peninsula. Number of reviews: 18. Last Scan duration: 11 seconds.
[B] c:\users\hp\documents\funshioninstall2.0.0.29beta.exe [PX5: D95BFA4F8032110946EE3EBC37159F00C796261D] Malware Group: medium risk Malware
[U] c:\users\hp\appdata\local\temp\idc2.tmp\esetsmartinstaller.exe [PX5: 55DCEDE9B89E059BC60B28F558D3F200E91255CE]
[G] c:\users\hp\appdata\local\temp\mpengine.dll [PX5: A5A4683D50CAB446FF534A1C8C998100147F70B9]
[G] c:\program 8.0\reader\plug_ins\acroform.api Adobe [PX5: 85713B076347D1CB5818848EA68AD10081B35FB6]
[G] c:\program 8.0\reader\plug_ins\annots.api Adobe [PX5: 977D2D4D632A22EBF0133E90489E7100C29D41B2]
[G] c:\program 8.0\reader\plug_ins\checkers.api Adobe [PX5: 1DA23B766366CBB9CC380C00D9DA8D0083001567]
[G] c:\program 8.0\reader\plug_ins\digsig.api Adobe [PX5: 96451BDD63ED7BD28AF811CC6180C80012291CE0]
[G] c:\program 8.0\reader\plug_ins\dva.api Adobe [PX5: CF8C8685639350CCE8A501C78E0EEC00D8972603]
[G] c:\program 8.0\reader\plug_ins\ebook.api Adobe [PX5: 08F5A46A630E7B98C88400FBD94321003DA193EC]
[G] c:\program 8.0\reader\plug_ins\escript.api Adobe [PX5: 6D277404631FB929A0EF1538CC31D200B97F36B5]
[G] c:\program 8.0\reader\plug_ins\ewh32.api Adobe [PX5: 01643ADA63E0ED85EC450168F37740000277C605]
[G] c:\program 8.0\reader\plug_ins\hls.api Adobe [PX5: 64E5397E6392E3FAC8CB00E1284D7F000640BCFA]
[G] c:\program 8.0\reader\plug_ins\ia32.api Adobe [PX5: F5CD2359633A03BB4A6D01D5015DC300F91E3ACA]
[G] c:\program 8.0\reader\plug_ins\imageviewer.api Adobe [PX5: FB81CE176346B3F122F307D430166C00565464B8]
[G] c:\program 8.0\reader\plug_ins\makeaccessible.api Adobe [PX5: 1212EDBD6371F2050C911F82431E0800409F620D]
[G] c:\program 8.0\reader\plug_ins\multimedia.api Adobe [PX5: C156BCDA637B83048E0B148B8BC49E00F9CCACFE]
[G] c:\program 8.0\reader\plug_ins\pddom.api Adobe [PX5: 1E18E20C6301EF26101C068B6D4CBD00B9DDBFFA]
[G] c:\program 8.0\reader\plug_ins\ppklite.api Adobe [PX5: 79BCD6E163A5EF9E264A5898FAC10C0013EF159E]
[G] c:\program 8.0\reader\plug_ins\readoutloud.api Adobe [PX5: 2EBDB16E63B7C630A02D01E7429B0B00E64C86A6]
[G] c:\program 8.0\reader\plug_ins\reflow.api Adobe [PX5: 6099E98463701FFF8A8D0589DF58AB00657EAB78]
[G] c:\program 8.0\reader\plug_ins\saveasrtf.api Adobe [PX5: 4A437003634ED92F967B045F61F0720051BC0C37]
[G] c:\program 8.0\reader\plug_ins\search.api Adobe [PX5: 9D0419C76310DA8C622405F7446BCE006A4883BA]
[G] c:\program 8.0\reader\plug_ins\search5.api Adobe [PX5: 17E305A9635073714E2F01AFF4C21C00BF9458B9]
[G] c:\program 8.0\reader\plug_ins\sendmail.api Adobe [PX5: 128AC56663F2B51EE6720183AAC2C000E5AAACDD]
[G] c:\program 8.0\reader\plug_ins\spelling.api Adobe [PX5: 774DC83B63D1960C18AA042B9D3B8300D3026D21]
[G] c:\program 8.0\reader\plug_ins\updater.api Adobe [PX5: F38F4C3D63D92E08860702D457276F0044688EFB]
[G] c:\program 8.0\reader\plug_ins\weblink.api Adobe [PX5: E78768DE63755C28CEEE022492A69C00CBF38439]
[G] c:\program 8.0\reader\cryptocme2.dll Adobe [PX5: F76819DC00C5883310E8067EA24A5200817BD6B4]
[G] c:\program 8.0\reader\ccme_base.dll Adobe [PX5: D752984600DFDFC340B707252C1A1900BA338606]
[G] c:\program 8.0\reader\adobelinguistic.dll Adobe [PX5: C7D63C6200D92F4F206507D3786F8A0087E1E5E9]
[G] c:\program 8.0\reader\adobeupdater.dll Adobe [PX5: D8D9E35378D1FFEEB1A507C20217D2007E14A855]
[G] c:\windows\system32\vdmdbg.dll [PX5: C3E08FF1009FFB0144CB00609249C00003CA5EB4]
[G] c:\program 8.0\reader\bibutils.dll Adobe [PX5: 96DE17E200C25AC252AE02C33C6D0700D2FB1CBF]
[G] c:\program ESET ESET online scanner\onlinescanner.ocx [PX5: E90A101F4896CB413603336803AA3E00039AEFD0]End of the Prevx Scan newspaper - http://www.prevx.com
(I don't know if the addition of the crawl log would make a difference, but here it is anyway...)
.. .so if anyone can read it, including at - it malware in the newspaper?
(PS. Sorry for the link, I didn't know he was malware..)
MORE EDITING:
OK, so http://www.spywaredetector.net/spyware_encyclopedia/Downloader.agent.yg.htm said that funshion has a virus 'Downloader '... (but I still have to confirm with the support of Prevx and other stuff that I sent the crawl log Prevx support, so it can be checked again)
But let me ask you a few questions please...
(1) can I just delete it manually? or just uninstall it off my computer? or I have to use tools?
(2) If tools are needed, what is recommended? or simply use the one which is available here? [ http://www.spywaredetector.net/spyware_encyclopedia/Downloader.agent.yg.htm ]
(3) in your opinion, the downloader viruses are something to be very concerned of?
(4) I checked with norton's database. [ http://www.symantec.com/security_response/writeup.jsp?docid=2002-101518-4323-99 ] in the report, it is said it affects not the panoramas, but norton 360 had failed to detect the funshion first thing... Still, I'd be concerned?
Hello
Here's another report about it - since the site is in Chinese or something, I'd be very worried.
http://www.spywaredetector.NET/spyware_encyclopedia/Downloader.agent.YG.htm
=====================================================
Try the trial of Hitman Pro that uses methods similar to Prevx and will remove
Malware - free 30 day trial. You can uninstall it when the trial is up.Hitman Pro is a medium one scanner it only runs when you wish and has no resident function.
Hitman Pro - 30 days free trial version
http://www.SurfRight.nl/en/hitmanproI hope this helps.
Rob - bicycle - Mark Twain said it is good. -
Suspected false positive Virus detection
Recently I install Avira Antivirus and run a few scans in my Compaq Presario and a virus known as APPL/ACLSet is still found in the following location:
Hewlett-Packard HP TCS\SetACL.exe C:\Program
[DETECTION] Contains the recognition of the application APPL/ACLSet model
Since it is in the HP program file I suspect it is a file that is used by HP for some purposes as update or others. So I just ignore it.
October 3, 2009, I run a scan again and this time there are more new detections in addition to the former as below:
Hewlett-Packard HP TCS\SetACL.exe C:\Program
[DETECTION] Contains the recognition of the application APPL/ACLSet model
C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe
[DETECTION] Is the horse of Trojan TR/tr/dropper.Gen
BEGIN scan in "D:\". »
D:\hp\Drv\APP01300\src\KbdStub.exe
[DETECTION] Is the horse of Trojan TR/tr/dropper.Gen
End of the scan: Saturday, October 3, 2009 10:26
Time: 01:00:06 am
While they inspected with Avira website, it is that TR | TR/dropper.Gen is a new virus detected only on October 1, 2009 and it seems to be the superior and most recent threat.
Even once since it was associated with the HP program I just ignore it for now.
Can someone give me a confirmation of 100% if these detection was just false positive or are they really malicious virus/malware? If I just ignore them or get rid of them? If I get rid of them and they turn out to be legitimate programs from HP, this will affect my PC in anyway?
Thank you much in advance.
Message edited by Adscense on 02/10/2009 20:58Message edited by Adscense on 02/10/2009 20:59Hello hpfannr1, I checked with the HP Total care email support and they confirmed that they are in fact viruses. The Council was to delete.
-
I know that means I'd be absolutely convinced that this is not a virus, but what happens if you delete by mistake the false positive, thinking that it is not a false positive? It will have a negative impact on the computer?
(I have my suspicions, that the last time norton said I had a virus 'Protector' who put him and panic that I deleted the point suffered. I went looking for virus "Protector", but he is not in a database. currently I use the computer of my mom [.. .as my cell phone has been confiscated...] so I can't really check on it now and know if there are problems that is why I ask) This question)
and does anyone know if there is even such a THING as a "protector" virus?
and how 1 knows if a virus detected by analysis is a false positive or something that was not only on the basis of data yet?
Hello
Deleting a file can have a negative influence, that is to the advantage of quarantine especially for the system measures
files. For the file system, it even being removed from the quarantine area may have a dramatic effect on the system
What is the function of the file.Most system files can be replaced by SFC/scannow assuming the system starts and CFS can be executed.
Google is your friend.
Rob - bicycle - Mark Twain said it is good. -
E6420 - Bios A07 - false positive diagnosis - Lcd Cable
Hello world!
I found a weird bug with update bios A07 on the E6420 (i5 - 2520 m). The utility disgnostics report "error Lcd 2000-0415. When I return to A06, the problem disappear.
Anyone can repeat this mistake? I had opened a case to replace my lcd cable and I will contact Dell to cancel the replacement of the cable. But if no one can repeat the problem may be that the cable is really damaged and better A07 bios detects it.
I have no problem using the computer.
Thank you.
There is a long and a short version of this... As I understand it, Dell has implemented a change to the hardware level allowing the cable test for the work they have released newer versions of systems and enabled in the BIOS. For systems with the old cables, it always generates a false positive. It is not an error in the BIOS, it's just this test is not supported by the hardware you have.
-
Hi all
Is this a false positive? I just did a clean install of Win 7 64-bit Ultimate on my Dimension 8400 on a new hard drive installed MSE, windows update, download and installed msn version 9 the fly butter, downloaded a driver for my wireless card, downloaded the new version of malwarebytes and it ran, it came with it.
Malwarebytes' Anti-Malware 1.45
www.Malwarebytes.orgDatabase version: 3937
Windows 6.1.7600
Internet Explorer 8.0.7600.1638531/03/2010 07:15:05
MBAM-log-2010-03-31 (15/07/05) .txtScan type: quick scan
Objects scanned: 100023
Time elapsed: 2 minute (s), 27 second (s)Memory processes infected: 0
Memory Modules infected: 0
Registry keys infected: 0
Registry values infected: 0
The infected registry data: 1
Folders infected: 0
Infected files: 0Process memory infected:
(No malicious items detected)Memory infected:
(No malicious items detected)Infected registry keys:
(No malicious items detected)The registry is infected:
(No malicious items detected)Infected registry data items:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties)-> Bad: (1) Good: (0) not-> no action taken.Infected files:
(No malicious items detected)Infected files:
(No malicious items detected)So I ran on my XPS 430 and my 1501 with win 7 64 bit and Vista Ultimate 64 bit, it came with the same thing on my computer! SO I think it's a false positive. I didn't {{remove this to any of my computers still}}
What do you think?
Thank you
Discussion: http://forums.malwarebytes.org/index.php?showtopic=7653
-
IPS 5.0 change action causes false positives
Hello
I've updated a 4215 and 4 port running 4.1 to 5.0. The unit is not "inline", always using a single sniff int when I add the (reset) action on a GIS (5126) or that relate to IIS and apply the change to the sensor starts go crazy picking off all kinds of web traffic as a hit and then resets the stream. Problem is that these are false positives... If I can go back to IDM and turn off the action of "reset" and use only the default value (alarm), the alarms keep coming. If I restart the sensor alarms stop.
What I don't understand is this signature has been activated before and its default action is 'alarm '... I never received any alarm.
As soon as I change the action for the alarm and reset becomes crazy? A sensor reboot solves the problem.
Someone at - it given the similar problems?
Thanks in advance
MK
MK
I think that you encounter a known, fixed bug in update 5.0 (2) has just been released. It looks like:
CSCeh36719 False positives after upgrading to 5.0 IPS
It affects signatures in HTTP after engine they were listening. Try to install the service pack 5.0 (2) located here:
http://www.Cisco.com/cgi-bin/tablebuild.pl/ips5
SC
-
How to report a false positive in the Web reputation Score
I raised this issue already in the sub-heading 'Firewall', but apparently I was off-topic there... so I would try here again:
An Ironport using the websites Web reputation Score is currently the list with a score from under-7,0 www.juliabase.org . It is a false positive because of the heavy traffic that the site currently generates because, well, it's just popular right now (the first public announcement was yesterday). It is certainly no malware on it.
How can we get rid of this list of bad reputation?
SenderBase.org it is at zero, this is where you can request modifications.
Right now my WSA returns-4.9... So it's probably just a matter of time before it happens. Ephemeral sites are generally bad, so it doesn't surprise me that they want you to stick around for a bit until they call you own.
-
Possible false positive with hamid 3353 problem
Here is a packet captured by the ID that triggered hamid 3353 - SMB request overflow
evAlert: eventId gravity = 1075708170032493259 = high
Author:
hostId: cisco-ID - v4.1
appName: sensorApp
appInstanceId: 1134
time: 2005-07-18 14:53:30 2005/07/18 14:53:30 UTC
interfaceGroup: 0
VLAN: 0
signature: hamid = 3353 sigName = SMB request overflow subSigId = 0 = S180 Malformed SMB Request version
context:
fromVictim:
000000 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00...
000010 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00...
000020 01 00 00 00 00 00 00 00 00 00 00 68 FF 53 4 D 42... h.SMB
000030 25 00 00 00 00 98 07 00 00 00 00 00 00 00 00 C8%...
000040 00 00 00 00 00 50 78 07 01 90 81 0 TO 00 00 30 0C... Px........ 0
000050 00 00 00 00 00 38 00 00 00 30 00 38 00 00 00 00... 8... 0.8...
000060 00 31 00 2 05 00 02 03 10 00 00 00 30 00 00 00.1... 0...
000070 0 A 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00...
000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00...
000090 00 00 00 00 00 00 00 68 FF 53 4 D 42 25 00 00 00... h.SMB%...
0000A 0 00 98 07 C8 00 00 00 00 00 00 00 00 00 00 00 00...
0000B 0 00 50 78 07 01 90 C1 0a 00 00 30 00 00 00 00 .px 0c... 0....
C 0000 0 00 00 00 00 38 30 00 38 00 00 00 00 00 31 00 2. 8... 0.8... 1,
0000D 0 05 00 02 03 10 00 00 00 30 00 00 00 0 B 00 00 00... 0.......
0000E0 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00...
0000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00...
fromAttacker:
000000 00 00 00 00 00 54 00 2 00 54 00 02 00 26 00 0F... T.. T...&..
000010 70 3D 00 00 5 00 50 00 49 00 50 00 45 00 5 00 p =.... P.I.P.E.------.
000020 00 00 00 00 05 00 00 03 10 00 00 00 2 00 00 00......
000030 0 A 00 00 00 14 00 00 00 00 00 01 00 00 00 00 00...
000040 BB E2 20 19 4 C 0D 4 B 17 DF 44 00 52 40 B9 B7 9TH... L.K.... D-R @.
000050 00 00 00 80 FF 53 4 42 25 00 00 00 00 18 07 C8... % SMB...
000060 00 00 00 00 00 00 00 00 00 00 00 00 00 50 78 07... PX.
000070 01 90 C1 0C 10 00 00 2 00 00 00 54 05 00 00 00...... T....
000080 00 00 00 00 00 00 00 00 00 54 00 2 00 54 00 02... T... T...
000090 00 26 00 0F 70 00 00 5 00 50 00 49 00 50 00 3D. &... p =... \.P.I.P.
0000A0 45 00 5 00 00 00 00 00 05 00 00 03 10 00 00 00 E. \...
0000B0 2 00 00 00 0 B 00 00 00 14 00 00 00 00 00 01 00,...
C 0000 0 00 00 00 00 15 FD E7 DD E4 8A 40 7 39... E9 7 D ED} ... @..| 9
C3 0 30 15 BC D 0000 00 00 00 80 FF 53 4 25 42 00 00 00 0...SMB%...
0000E0 00 18 07 C8 00 00 00 00 00 00 00 00 00 00 00 00...
0000F0 00 F0 50 06 01 90 00 10 00 00 2 00 00 00 80 0D. P.........,....
participants:
Attackers:
attacking: proxy = false
addr: location = IN 10.24.238.193
Port: 1071
victim:
addr: location = IN 10.24.4.42
Port: 139
alertDetails: Traffic Source: int0;
As you can see, looks like a pretty normal SMB packet. This sensor is on an internal network, so Windows file and printer sharing is the norm.
I think there is a false positive problem that was introduced with the signature s tuning via the S180 update. As a result, I have two questions:
(1) am I right, or is the signature works as it should?
(2) does anyone else have this problem?
All your comments will be greatly appreciated,
Alex Arndt
We have identified the problem; an updated version of this signature will be in an update of the upcoming signature.
-
False positive hit... or not? -Solved
Hello
I work with Sourcefire customers and ran into this file being blocked by the system.
AAFlash_setup.exe
https://www.VirusTotal.com/en/file/8e13f9c500757b2822c8c36a5ee32b820ff27...
I can't seem to find any reason anywhere to explain why the file which is blocked others the Sourcefire don't like this.
So it does not contain malware, or is this a false positive?
And where can I find this information because my almighty google did not help me.
Photo with the hit is attached
Brian
Then it must be a false positive.
-
Resources in preparation for the review of control of B2B?
Nobody knows all the right resources to help prepare for the review of control of B2B? I finished the course a few months ago, but have not circumvented for the exam and I'm trying to freshen up on the material.
Hi Andy,.
The study recommended resources will include your guides to the student, classroom exercises, and lecture notes that may have taken. Good luck to the review of 2016! PS This review should be available before the end of January.
-
Does SOUL used in combination with the hierarchy of position for purchase requisitions
Hello
We use the hierarchy of position for purchase requisitions.
Can we use management engine approval in combination with the hierarchy of existing post for purchase requisitions for workflow routing more flexible?
Kind regards
Natalia
Hi Natalia,
Using hierarchy Position in the SOUL is supported only in R12, please refer to the following document:
Using SOUL, creating approval routing at a certain Position in the hierarchy of Position HR [ID 1501433.1]
Hope this helps,
Please, if this response has answered/solved your question/query, please mark it as correct or useful to facilitate the correct answers to the members of the community.
Maybe you are looking for
-
I get a popup on my page stating have a virus on my computer. Anyone else get that? There a number to call.
-
HP Pavilion p7 - 1447c: replacement of HP Pavilion p7 - 1447c USB Port before
My front USB ports have collapsed. First of all a =, then the other. Blue 'key' fell first and without these pins are bent too far to align correctly. I would like replacement unit part number I think install should be simple enough.
-
Impossible to uninstall Facebook app
I want to uninstall my Facebook app, but it does not appear in my list of apps. If I'm stuck with it?
-
I uninstalled programs, but they still say that x amount of MB is too much space on my C drive. I just clicked on 'remove' when I want more to the program. Is there something else I had to do. Thanking you Gormaur
-
I've got two WUMC710. I connect to them on a TP - Link Archer C7 rev 1. My first WUMC710 I've upgraded to 1.0.2 and put it at the end of my home where my XBOX One. It shows between 20-30% on the connection. When you try to stream wireless AC (80 m