Jump to content

BrentB9193

Members
  • Content Count

    44
  • Joined

  • Last visited

Posts posted by BrentB9193


  1. In our case, there actually was not an issue.  The console only shows a number of systems in the list per page, even though you have to scroll down to see all of the page.  We didn't see that there was a turn page button at the top right of the screen.  We assumed that because we had to scroll we were seeing all results.

     

    So in our case it was a user error on our part.


  2. In the console under the "Client Push Install" tab I have been relying on the "Scan IP range" option to scan my network and detect all systems so that I could roll out MB.  Once all client installs had been pushed I naively assumed all systems were protected without verifying from a different source.  Well come to find out the scan IP range option missed about six systems, and yesterday one of the six picked up a conficker variant and I had to restore about 1 TB of data that got encrypted.  It was a long night.

     

    I'm at fault for not verifying my system count from a second source, but I just wanted to warn those out there who may be doing the same that you should not rely on this option to find all systems.  The systems in question did not have the Windows firewall turned on, had power and were connected to the network, and had correct DNS entries.  So I'm not sure why they did not get detected.


  3. The following are false positives being detected by MB.  They are components installed by a program called Relius Administration.  I have already verified with the vendor that the components are indeed coming from their installation and are not malicious:

     

    HKEY_CLASSES_ROOT\CLSID\{369C99A1-C281-11D5-B6E7-0000E8580E01}
    HKEY_CLASSES_ROOT\TypeLib\{EFDA1B80-C0C0-11D5-B6E7-0000E8580E01}
    HKEY_CLASSES_ROOT\Interface\{369C99A0-C281-11D5-B6E7-0000E8580E01}
    HKEY_CLASSES_ROOT\ArclabEmailToolbox.Mailer.1
    HKEY_CLASSES_ROOT\ArclabEmailToolbox.Mailer
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\WINDOWS\SYSWOW64

              \ARCLABEMAILTOOLBOX.DLL
    C:\Windows\SysWOW64\ArclabEmailToolbox.dll

     

     


  4. We've configured out 30 day trial console and pushed out 10 clients for testing purposes.  We just ran through our first round of nightly scans on those clients and are going through the results.  I currently have the action for PUP's on our console set to "show in results but take no action."  There are some of these PUP's that I would like to take action on, but I don't see any way of doing so from the console.  I contacted support and they said all I could do was change the policy. 

     

    Is there really no way to make object by object decisions via the console?


  5. I am about to set up an evaluation install of the Management Console along with 10 managed nodes.  I had assumed that I could get the management console and the SQL express instance all set up for the evaluation and once we decided to purchase the product I could do so and just input the product keys into the eval installation to activate it.  I was a little surprised however to hear from sales that this was not possible.  They are telling me I will have to do a complete uninstall/reinstall of the console/SQL/nodes in order to get the active product working, which seems crazy to me.  Going through the install guides it looks like you are given the choice of adding a key or leaving it blank, so it seems like it could go either way.

     

    Can someone confirm that after I purchase the product I can't just input the key to activate the console and that I have to completely set everything back up from scratch again?

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.