Jump to content

alicias

Honorary Members
  • Posts

    33
  • Joined

  • Last visited

Posts posted by alicias

  1. We're having an issue with one of our endpoints and attempting to troubleshoot (threat scan was grayed out when trying to run from the endpoint). It showed as online, so we sent a refresh request and waited a couple of hours, assuming the scan would run at the one-hour check-in mark. It didn't, so we tried a delete and reinstall. However, after deleting/un/reinstalling, the task remained and is preventing a scan from being run ("Scan is pending" when we try). 

    Is there a way to remove the manually generated task, since that seems to be preventing the threat scan? 

  2. We are working on some security reporting and auditing and need to create a setting to prevent users from uninstalling MalwareBytes. We currently use AppLocker as a whitelist for installing/running software, but I don't believe that we have a blacklist method. But, I don't want to blacklist something that would keep us from being able to update the software. 

    Can we enable self-protection to do this or is there another way to do that? 

    Edit: I think I put this in the wrong topic! :(

  3. Hi all - 

    BNA is a website used in tax preparation. We had about 20 users get a false positive on the plugin for the website today (not great timing... heh). It's flagged as a Trojan.BitcoinMiner.

    The file is too large for me to upload, but the plugin comes from www.bnaitweb.com. Please let me know how to proceed - thanks!

     

     

  4. I removed the exclusion for five minutes this morning (just now) and several units are throwing detections. I made sure to update them to the latest database, as well. 

    Canon IJ Network Utility, Dropbox, ScanSnap and svchost.exe (still) seem to be the culprits. Though, I hadn't seen Canon throwing the detect alert before. 

    @AlexSmith tagging because I know you were looking into this :P

    image.thumb.png.a7088acbf21cadb04f0b30e482d57cc8.png

  5. Hey all,

    I'm only seeing that we can generate a report as far as 30 days back in the cloud management site. I can see detections from further back, though.

    Is there any way to pull a historic report of detections for a longer period? We're hoping to build a "here's how the security work we've done has impacted stuff" type of report in the future. 

    Thanks!

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.