Jump to content

Tag That Photo false positive


raygan
 Share

Recommended Posts

Here is a snippet from the log file but that is all he was able to find...  since he has whitelisted the app now it appears to be working for him.

 

04/16/21    " 09:00:17.074"    56718    1a34    0534    INFO    CleanControllerImpl    mb::cleanctlrimpl::utility::FileSignatureVerifier::IsSignatureValidPerWinVerifyTrustImpl    "filesignatureverifier.cpp"    350    "WinVerifyTrust failed for  file='C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe', result=0x800b0100, last error='Geen handtekening aanwezig in het onderwerp.  (0x800b0100)'"
04/16/21    " 09:00:17.074"    56718    1a34    0534    INFO    CleanControllerImpl    mb::cleanctlrimpl::whitelist::HubbleCache::GetValueFromCache    "hubblecache.cpp"    244    "Found hash 'shuriken|8B045D2AD22044D70088244D055FEB77EF65F84D83B40EFB65F78932AB337ACB' in Hubble cache, white list status = 'WhiteListed'"
04/16/21    " 09:00:17.074"    56718    1a34    0534    INFO    CleanControllerImpl    mb::cleanctlrimpl::whitelist::HubbleWhiteLister::GetWhiteListStatus    "hubblewhitelister.cpp"    245    "Found hash of file 'C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe' in Hubble's cache, value = WhiteListed"
04/16/21    " 09:00:17.074"    56718    1a34    0534    INFO    CleanControllerImpl    mb::cleanctlrimpl::whitelist::WhiteListManager::LogWhiteListStatus    "whitelistmanager.cpp"    296    "White list status: File 'C:\Program Files (x86)\PFU\ScanSnap\Home\SshCloudMonitor.exe' 8520B2DFF47EEBD330ED99407E46CD36 (shuriken) => Hubble:WhiteListed"
04/16/21    " 09:00:17.074"    56718    1a34    0534    INFO    CleanControllerImpl    mb::cleanctlrimpl::whitelist::WhiteListManager::GetWhiteListStatus::<lambda_4fd8974f0ce770d1d6022064dca8c9fc>::operator ()    "whitelistmanager.cpp"    237    "Completed single object white listing"
04/16/21    " 09:00:37.164"    76796    1a34    1f9c    INFO    AEControllerImpl    mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification    "aecontrollerimplhelper.cpp"    2591    "App Injected (TAGTHATPHOTO)"
04/16/21    " 09:00:37.291"    76921    1a34    1f9c    INFO    AEControllerImpl    mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification    "aecontrollerimplhelper.cpp"    2591    "App Injected (TAGTHATPHOTO)"

04/16/21    " 09:01:03.850"    103484    1a34    1f9c    INFO    AEControllerImpl    mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification    "aecontrollerimplhelper.cpp"    2591    "App Injected (cmd)"
04/16/21    " 09:01:04.050"    103687    1a34    5824    INFO    AEControllerImpl    mb::aecontrollerimpl::AEControllerImplHelper::DoAppInjectedNotification    "aecontrollerimplhelper.cpp"    2591    "App Injected (cmd)"
04/16/21    " 09:01:30.373"    130015    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisImpl::CheckForIrisContent    "irisimpl.cpp"    582    "Checking for Iris content files"
04/16/21    " 09:01:30.378"    130015    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisScheduler::run    "irisimpl.cpp"    998    "Checking for message updates from Iris"
04/16/21    " 09:01:30.378"    130015    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisImpl::IrisCheck    "irisimpl.cpp"    124    "Entering IrisCheck. Checking with Iris for messages."
04/16/21    " 09:01:30.379"    130015    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisImpl::SendIrisRequest    "irisimpl.cpp"    155    "Entering SendIrisRequest with URL (https://iris.mwbsys.com/api/v2/messages/mbam-c/668dac80acd436636bfb1f9d37704b65a4205af8?array_compatibility_mode=true)."
04/16/21    " 09:01:30.381"    130015    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisImpl::SendIrisRequest    "irisimpl.cpp"    187    "Sending Request to Iris Server."
04/16/21    " 09:01:31.040"    130671    1a34    20c4    INFO    IrisImpl    mb::updatecontrollerimpl::IrisImpl::SendIrisRequest    "irisimpl.cpp"    209    "Response from Iris: {""message_collections"":[{""id"":2080,""slug"":""expt149"",""description"":""EXPT149 - Short Term CP AV"",""collection_target_id"":40,""conditions"":[{""rank"":""0"",""ref_id"":""0c4a3ade"",""messages"":[2146],""matching_conditions"":[{""matching_operator"":""geq"",""matching_condition"":""0"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""3333"",""conditional_parameter"":""default_cohort_group_id""},{""matching_operator"":""leq"",""matching_condition"":""24"",""conditional_parameter"":""hours_since_clean_installation""},{""matching_operator"":""eq"",""matching_condition"":""en"",""conditional_parameter"":""settings_language""},{""matching_operator"":""eq"",""matching_condition"":""true"",""conditional_parameter"":""avcomp_avast""},{""matching_operator"":""eq"",""matching_condition"":""Trial"",""conditio

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.