Everything posted by HCHTech
I don't see any that look out of place (see paste of the section below), plus any conflicts would have had to have been introduced today, as this is a sudden onset problem and no changes were made to the server. ======== Registered WFP Filters ================================== FWPM_LAYER_ALE_AUTH_CONNECT_V4 WFP Built-in IKE Exemption Filter Default exemption filter for IKE traffic. WFP Built-in IKE Exemption Filter Default exemption filter for IKE traffic. FWPM_LAYER_ALE_AUTH_CONNECT_V6 WFP B
Bugcheck is 0x00000133 DPC_Watchdog Violation Analysis of the minidump shows faulting module is mwac.sys. Dump details posted below. This appears to be similar to this post from March of 2018 in the consumer forums. Problem stopped when I uninstalled MBEP, started again when I did a reinstall using a fresh download from the Nebula console. This particular machine has been running MBEP w/o issue for 2 years now, and no configurations were changed. It is a Hyper-V Host. Solution from the linked post was to disable web protection (makes sense - mwac.sys is the web protection
Just from a management prospective, you should be able to click on the "Infected" counter and be taken immediately to the item(s) that incremented the counter. If the items are already remediated, then you should split this counter into "unremediated infections" and "remediated infections". As the manager of this product for a client, all we want do know is "Do we need to do something". As it is, this counter usually results in a wild goose chase to find the thing(s) that incremented it and almost always results in the conclusion that whatever it was is already taken care of and we don'