cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
off2
Level 9
Report Inappropriate Content
Message 1 of 7

Malware detected in ePolicy Orchestrator due to Deep Freeze

My origination is getting ePolicy Orchestrator notifications that are saying that malware is detected and handled due to deep freeze. This seems like a mistake as deep freeze has been used for some time. Just wanted to bring this McAfee's attention. Any suggestions?

6 Replies
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

Submit a sample to be sure that your deep freeze hasn't been infected for any reason.  You can submit it as a false detection so if it is not infected, they can reverse the detection in the dats.  

https://www.mcafee.com/enterprise/en-us/threat-center/how-to-submit-sample.html

 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Pinard
Level 8
Report Inappropriate Content
Message 3 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

Hi,

We're also having multiple detection related to Faronic Deep Freeze console and client services. Is this an known issu? Can it be concidered has false positive. If so, what would be the recommended step? Create a path excusion?

Regards

cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

I am going to move this over to the team that handles malware, but we would always recommend, in every detection that might be thought to be false, to submit a sample for analysis.  I would never recommend a blind exclusion without it being analyzed first if it was detected as anything.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

off2
Level 9
Report Inappropriate Content
Message 5 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

According to Faronics this is a known issue they are monitoring currently. I am working on submitting this as a sample for MacAfee right now to determine my next step. I believe this is a false positive but I don't want to get ahead of myself.

Pinard
Level 8
Report Inappropriate Content
Message 6 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

We have open a service request and support have confirmed that it is a false positive in AMCore 4641 and 4642. It's fixed in AMCore 4643.

Eddies
Level 8
Report Inappropriate Content
Message 7 of 7

Re: Malware detected in ePolicy Orchestrator due to Deep Freeze

Good morning, has this been fixed? we are pulling 4848 and still seem to have this issue. 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community