1 Reply Latest reply on Jun 14, 2017 11:49 AM by JoeDrwiega

    Package Name incorrectly identified

    Rookie

      I work in a secure environment and I have been looking at Landesk data.

       

      I see many systems that have been identified as having a Payments Gateway Client which was concerning due to our PCI requirements.

      When I looked into this further, I see data similar to:

           

      Payments Gateway Client60034C:\WINDOWS\WINSXS\AMD64_MICROSOFT-HYPER-V-GUEST-INSTALLER_31BF3856AD364E35_6.3.9600.16384_NONE_62636139F5B9FE65\SETUP.EXE
      Payments Gateway Client15771C:\WINDOWS\WINSXS\AMD64_MICROSOFT-WINDOWS-SETUP-COMPONENT_31BF3856AD364E35_6.3.9600.16384_NONE_22EADE5981394F0B\SETUP.EXE
      Payments Gateway Client21650C:\WINDOWS\WINSXS\AMD64_MICROSOFT-WINDOWS-SETUP-COMPONENT_31BF3856AD364E35_6.3.9600.17031_NONE_231DD09D8113997D\SETUP.EXE
      Payments Gateway Client57450C:\WINDOWS\WINSXS\X86_MICROSOFT-HYPER-V-GUEST-INSTALLER_31BF3856AD364E35_6.3.9600.16384_NONE_0644C5B63D5C8D2F\SETUP.EXE
      Payments Gateway Client60034C:\WINDOWS\WINSXS\AMD64_MICROSOFT-HYPER-V-GUEST-INSTALLER_31BF3856AD364E35_6.3.9600.16384_NONE_62636139F5B9FE65\SETUP.EXE
      Payments Gateway Client60572C:\WINDOWS\WINSXS\AMD64_MICROSOFT-HYPER-V-GUEST-INSTALLER_31BF3856AD364E35_6.3.9600.18339_NONE_629E44B7F58D24A5\SETUP.EXE
      Payments Gateway Client60583C:\WINDOWS\WINSXS\AMD64_MICROSOFT-HYPER-V-GUEST-INSTALLER_31BF3856AD364E35_6.3.9600.18398_NONE_625C64E5F5BEB2F4\SETUP.EXE

       

       

      Not sure why the package name points to binary in the Microsoft Hyper V guest installer location.  How are packages determined in Landesk?  Is it via a hash database?