Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1954 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mal/TibsPk-A

QC

Yesterday one client started sending alerts about Mal/TibsPk-A. Cleanup setting were Automatically clean up / otherwise deny access only. Computer details showed no file location and alternating Blocked and Cleaned Up with intervals from 1-20 seconds. Using SEC I then changed the policy to Don't automatically clean up / Delete. The only effect was that the actions now were None and Deleted but still were generated every few seconds. So I changed the policy to deny access only and now it's quiet.

For now I have not yet contacted support as I'd like to see the machine's logs and we don't have access to it. I hope I can contact the administrator for this machine tomorrow.

Meanwhile - any similar experiences or ideas?

Christian

:2206


This thread was automatically locked due to age.
Parents
  • 0

    Thanks for your answers (which are helpful even though I can't right now do what you suggested).

    You can just C$ to the machine though

    I would if I could :smileywink: - that's the point: no administrative rights, no access, not knowing what's going on. 

    In these cases we generally need a fuller picture

    Yup. That's the next problem. Yet another product to update but - how about installing SDU together with ESDP? And the option to start it from SEC. There's still the question where it should write the log to, but I think this could be solved. Ideally I too would like to know what's in the sdulog (that is - what's on the machine) ...

    Christian

    :2223
Reply
  • 0

    Thanks for your answers (which are helpful even though I can't right now do what you suggested).

    You can just C$ to the machine though

    I would if I could :smileywink: - that's the point: no administrative rights, no access, not knowing what's going on. 

    In these cases we generally need a fuller picture

    Yup. That's the next problem. Yet another product to update but - how about installing SDU together with ESDP? And the option to start it from SEC. There's still the question where it should write the log to, but I think this could be solved. Ideally I too would like to know what's in the sdulog (that is - what's on the machine) ...

    Christian

    :2223
Children
No Data
Unfiltered HTML