Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by powella

  1. Good morning,

    We have received a ton of anti-exploit alerts over the past 12 hours for Office applications. We have gotten alerts for Word, Excel, Access, etc. All devices are running anti-exploit version

  2. I just signed in to our management server and saw that all the clients had various signature versions and saw that some were even updating from the internet. We have our policy set to update from server or internet as last option. When I looked at the server signatures data, it was a week old. Server service was not stopped and once I clicked for it to update manually, it updated. It is also set to check for updates every 10 minutes. 


    Thoughts as to why it wasn't updating automatically, as it has been doing the past month since installing this?

  3. Hi there,

    We are testing out our new endpoint protection at my company and our first weekly scan was last night. When I came in this morning about 20 out of 75 of our computers had PUM and the Operation says 'no action taken' but when I look in our policy it says 'Show in results list and check for removal.' The only way I can get it to remove it, is if I manually scan each device and when the box comes up to confirm scan, there is a checkbox that says automatically remove threats and if that is checked, they will be quarantined, but that kind of defeats the purpose of the policy and we are going to push this out to 2000 users in the coming weeks, so I want to make sure I get this squared away before then


  4. I am currently testing MB anti-malware and anti-exploit that we recently procured for our division. We also have SEP. I have looked all over and have been unable to find out if anti-exploit is a continuous scan, or if it is more of a waiting game, where when an app opens, it scans, then sits remotely until another app is opened, etc. If it is a continuous scan, we will not be able to use it, as it may conflict with SEPs continuous scan capability. 

  5. We just had a spam attack on our company and had to pull offline the computers that opened the spam. I am installing our recently procured malware bytes, but the database is 162 days old. Where can I retrieve an updated version that I can download from my safe computer and put on the infected ones through a thumb drive? I cannnot find the database file anywhere listed on the website

  6. I am currently testing the management console that we recently procured. I have added our OU, I have scanned the network and, for testing purposes, found my computer. I contacted the department that adds rules to our firewall and they stated that the firewall wouldn't block the three rules that needed to be added. I have also assured that port 443 and 18457 are open via telnet testing. I need to test the client push install, before I actually complete that task. When I simulate the client push install, I get an error that says the Network Name Cannot Be Found. I can ping the server from my endpoint and vice versa. I can telnet to both devices through both ports listed above. The only other information in the log is event 5010 which is an IIS application pool availability error, which doesn't exactly make sense. Also made sure that the server service was running, and it was, I restarted it. Same issue.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.