0 Replies Latest reply on Oct 23, 2011 11:40 PM by alhaawi

    How to avoid false positive for McAfee Host Intrusion Prevention

    alhaawi

      Every day we have the two critical events from host intrusion prevention: port scan and

      Malicious use of the API NetpwPathCanonicalize by C:\WINDOWS\SYSTEM32\SVCHOST.EXE running with the privileges of user NT AUTHORITY\SYSTEM was detected on the system with Agent xxxx. The parameter(s) passed to the API are [value not available].

       

      Any idea how to avoid these false positives?

      I appreciate your help