jp18

Thank you - it's been certainly slowing down on the ticket creations now.

I am also using the latest database version and this is showing up for our agents. I use MBAM Business 1.80.2.1012.

Thank you both for the replies - in this case, I do not have the infected file, only the description from a Bitdefender scan. I see how it can be generic, thankfully we haven't had cases of this for our systems, but will continue to be on the look out and post additional information here when possible.

Checking if anyone out there can advise if this rootkit is able to be detected and remediated with MBAM. We're using MBAM 1.80.2 via Automate/Labtech on the latest database version. Below is info found out by our partner MSP. Trojan.GenericKD.32968937 Hitman pro log: Fuzzy . . . . . . : 23.0 The file is completely hidden from view and most antivirus products. It may belong to a rootkit. Uses the Windows Registry to run each time the user logs on. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. The file is in use by one or more active processes. Starts automatically as a service during system bootup. Program is code signed with a valid Authenticode certificate.

Resolved! Posted this too quickly. The Global Ignore list is located in the system dashboard > config > integration > Malwarebytes.

Perfect thank you! Looking to take this a step further by adding to the global ignore list for now. I've gone ahead and posted to the business form. Thanks, Mieke!

Hello, we are using CW Automate with the MBAM plugin. Version 1.5.1.10. I am unable to click on /select the Ignore list for an agent. In light of that.. where do I go about accessing the global ignore policy to add to?

Thanks Porthos, but this works a little bit different for me. I use Connectwise Automate with the MBAM Plugin.

Hello. I am currently am running database version : v2020.01.16.06 and I see the above-mentioned vulkan dll's listed in quarantined. Also, I checked another system running v2020.01.16.07 and these items are also quarantined. Will I need to manually un-quarantine these or take other steps to resolve? Thanks, J