alicias

ended up just making a case

We're having an issue with one of our endpoints and attempting to troubleshoot (threat scan was grayed out when trying to run from the endpoint). It showed as online, so we sent a refresh request and waited a couple of hours, assuming the scan would run at the one-hour check-in mark. It didn't, so we tried a delete and reinstall. However, after deleting/un/reinstalling, the task remained and is preventing a scan from being run ("Scan is pending" when we try). Is there a way to remove the manually generated task, since that seems to be preventing the threat scan?

Just want a confirmation - does MEP run scheduled scans at next boot if an asset is offline? I'm not seeing anything in events/tasks/scan history

Related to this thread: I saw the detection when I opened the dashboard. Any idea why I wouldn't get a notification of something being detected?

Perfect - thanks! Any idea why we wouldn't have gotten an email on malware being detected when we have detection alerts on?

I think so - do I need to start pushing an update check manually?

Note: Didn't realize this was the Home section. We're using MEP.

This is tax projection software. It's legit. Turbo-Launcher.zip

We are working on some security reporting and auditing and need to create a setting to prevent users from uninstalling MalwareBytes. We currently use AppLocker as a whitelist for installing/running software, but I don't believe that we have a blacklist method. But, I don't want to blacklist something that would keep us from being able to update the software. Can we enable self-protection to do this or is there another way to do that? Edit: I think I put this in the wrong topic!

Perfect - much appreciated!

Okay - this one is small enough. Thanks for checking into this. Spoon-ChromeMessageHost.zip

I have a CSV report of detections... Detections_Daily_20180408_151238.csv

Hi all - BNA is a website used in tax preparation. We had about 20 users get a false positive on the plugin for the website today (not great timing... heh). It's flagged as a Trojan.BitcoinMiner. The file is too large for me to upload, but the plugin comes from www.bnaitweb.com. Please let me know how to proceed - thanks!

Cool cool. Wasn't sure if the fix was put in place in the 3/26 release as previously stated, so I thought I'd check in

I removed the exclusion for five minutes this morning (just now) and several units are throwing detections. I made sure to update them to the latest database, as well. Canon IJ Network Utility, Dropbox, ScanSnap and svchost.exe (still) seem to be the culprits. Though, I hadn't seen Canon throwing the detect alert before. @AlexSmith tagging because I know you were looking into this

Awesome! I was hoping for that. Looking forward to it!

Hey all, I'm only seeing that we can generate a report as far as 30 days back in the cloud management site. I can see detections from further back, though. Is there any way to pull a historic report of detections for a longer period? We're hoping to build a "here's how the security work we've done has impacted stuff" type of report in the future. Thanks!

udabest

Nope. But I'm following your Snaps - We CoCI'd together

Oh hey friend. Thank you! I figured there was a backup - no worries. Just a bit pressed for time with a project they're needed for on our end.

No, I just left my third voicemail :/

Dude. I've been trying to get in touch with sales for a week. and Hi Vlad!

Someone from the support team reached out to me this morning and said it's still being worked on. I'm still having the issue with ScanSnap

@KDawg svchost is still blocking. 255.255.255.255:68