-
Posts
1302 -
Joined
-
Last visited
-
Days Won
250
Content Type
Forums
Store
Downloads
Events
Posts posted by DarrenWhite99
-
-
UAC? You cannot drag/drop from an unprivileged process (explorer.exe) to a privileged one. The result matches your description. If the Manage process is elevated, Explorer Drag/Drop will be blocked.
-
If you want to do it and run it, then do it and run it. 😀
We can't/won't pin a post until it:
- Exists
- Has ValueAddress those two things and we can see about pinning it.
-
Has anyone used https://www.liongard.com/roar/?
Any feedback on what they like/don't like about it?
We use SonicWALL and Cisco equipment, Azure, Office365, Windows Servers, Active Directory, Veeam, etc.. Basically, we have hands in many areas they say they cover. So it looks like it's worth investigating, but if someone has already formed opinions I would love to know what they found out/thought about it.
-
If you have a hosted server, it will not be possible. If you have on-prem, you can use the LTServer Shell function, or switch @computerid@ to the agent on the server and issue a File Delete command as @Bobs16 suggested.
-
Why specifically do you need to delete it? If the filename doesn’t change it will just overwrite the earlier file.
-
I was sloppy and replying from mobile... From the Patch 11 Enhancements:
Agent Encryption
The encryption method used by the Automate agent has been updated to enhance the security of protected data stored by the remote agent.
I knew that we had dealt with it before Patch 12, and that I hadn't seen any new issues when Patch 12 was installed. Initially some AV products (even ones provided by CW) were blocking it, and SonicWALL CaptureATP was flagging it because 3 or 4 products in Virus Total (which appeared to all be products SonicWALL was leveraging) were flagging it as suspicious. Once the false positives were reported it seemed to be ok, but it's possible that the file changed somehow in Patch 12. (Or if you never had 11 in your environment, that Patch 12 was the first time you came across it)
-
Actually, Janus.dll was added in Patch 10. It caused several AV false positives, but that seems to have calmed down. We updated to Patch 12 and didn’t have any new Janus related issues (at least none I am aware of).
Antivirus Tile showing Windows Defender Instead of Webroot
in General Discussion
Posted
I just dug into this in 2019 Patch 8 in a comment here: https://www.mspgeek.com/topic/4956-antivirus-tile-priority-manually-change/?do=findComment&comment=29012
Windows Defender gets some special treatment now, but roughly the AV product is still considered a possible match even if the dates are the same. (It used to only change selection when a NEWER date was found...) Otherwise, all things being equal, I believe the current behavior will take the HIGHEST ID (that at least matches the newest date found), as long as it isn't Windows Defender AND your other AV product was found "Running". This should reduce the need to change the Windows Defender ID since as long as your preferred AV product is found running alongside Windows Defender your AV product should be the one chosen.