3 Replies Latest reply on Mar 9, 2011 2:40 AM by Attila Polinger

    Challenges with epo 4.5

      Hello, I have downloaded epo4.5 P4 and Virus scan 8.8 to my server, done the necessary check in and dispatched. However the rogue sensor detected all the workstation on the network but nothing is being managed except the server on which the ssoftware is downloaded. Can you help me to resolve this problem?

       

       

      I also have this viruswhich i have been trying to clean from my computer but still not successful

       

      i2regfft.dlldetected as Generic PWS.y!cwm detection is a Trojan , I am still not able to remove it with the current Dat FILE

        • 1. Challenges with epo 4.5
          Hayton

          This looks as if it belongs in one of the Business sections, probably Management Platform. The secondary question about the detected Trojan implies that it cannot be removed - try downloading the latest DAT file and see if that works; if not, post a separate message in Security Awareness (Malware Discussion/Corporate User Assistance).

          • 2. Challenges with epo 4.5
            alexander_h

            You could create an automated task to push agents on these systems if you wish so.

            let me know what exactly you want to do so i could try to help you

            • 3. Challenges with epo 4.5
              Attila Polinger

              Hi,

               

              please setup an automated response for rogue detections with action to push epo agent. Subsequently, please define a VirusScan deployment task that runs in intervals you see fit (like in the morning or at cone, or every two hours, etc.). Once it VirusScan deployed successfully no actual further file downlooad or installation will be made if epo agent sees that there is no use of it.

               

              As for the possible malware .DLL you cannot remove: chances are the file is kept in use by a loaded program or it is the program/driver itself that was loaded, or it is loaded under one of the system processes that Windows does not allow to kill.

              There is a slight chance to clean it yourself if you have command line VirusScan with latest engine and DATs on a removable drive and while you boot safe mode, you could use the command line scanner to remove the file.

               

              Attila