cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Dwee
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 5
‎08-13-2020 06:23 PM

install ens failed

Jump to solution

hi,

i know this topic already have posts but i just have to ask about this,

summary: server os : win server 2008 r2, (unmanaged/not join domain), have many viruses and else (scanned with stinger but after scan it keeps coming back), agent successfully installed using frmpackage from epo,  5.9 , we tried install AV like avast and else still failed too same as when we tried to installed ENS standalone package,

so far we tried to repair the os first than scan with stinger again and hopefully we can install ens after that,

is it save if we try to use mcafee ransomware interceptor too ? (we detected from stinger that theres wanna cry too but failed to clean or delete using stinger

any suggest plan ?

installation logs in the attachment 

0 Kudos
Reply
2 Solutions

Accepted Solutions
AjaySundar
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎08-13-2020 09:52 PM

Re: install ens failed

Jump to solution

Hi @Dwee ,

Good day to you!

The ransomware interceptor would not be of help in this case. Can you confirm if the machine is patched with the latest Windows update? If not you can start off with that followed by updating the user account passwords. Run the stinger again reboot the machine and attempt the ENS installation.

I would request you to check if there are any services/process named eternal blue running on the machine, if it is then I would recommend you to re-image the machine as the malware would have damaged the machine also wouldn't allow any AV to be installed on the machine.

On a second note, you can also consider using the command line scanner for Windows. This helps to scan the complete machine with the latest DAT contents, which would help you in cleaning the machine. Since you have a license for ENS you should have the CMD scanner too, it is available for download from the McAfee product download site.

The instruction on how to use the product is available in the below article.

https://kc.mcafee.com/corporate/index?page=content&id=KB75478

You could run the scan even in safe mode without networking which is one of the best ways to clean the malware of the machine where an AV is not installed.

I hope this helps.

Thanks

AJ

View solution in original post

0 Kudos
Reply
Dwee
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 5
‎08-13-2020 10:57 PM

Re: install ens failed

Jump to solution

Hi Ajay,

thx for your reply, can the cmd line scanner clean or detect virus or malware that slip stinger detection ? that will put cmd line scanner above stinger level am i right ?

i will try these "Can you confirm if the machine is patched with the latest Windows update? If not you can start off with that followed by updating the user account passwords. Run the stinger again reboot the machine and attempt the ENS installation" first, i'll get back here to inform you later,

 

Thanks again

Dwi

View solution in original post

0 Kudos
Reply
4 Replies
AjaySundar
Employee
Employee
Report Inappropriate Content
Message 2 of 5
‎08-13-2020 09:52 PM

Re: install ens failed

Jump to solution

Hi @Dwee ,

Good day to you!

The ransomware interceptor would not be of help in this case. Can you confirm if the machine is patched with the latest Windows update? If not you can start off with that followed by updating the user account passwords. Run the stinger again reboot the machine and attempt the ENS installation.

I would request you to check if there are any services/process named eternal blue running on the machine, if it is then I would recommend you to re-image the machine as the malware would have damaged the machine also wouldn't allow any AV to be installed on the machine.

On a second note, you can also consider using the command line scanner for Windows. This helps to scan the complete machine with the latest DAT contents, which would help you in cleaning the machine. Since you have a license for ENS you should have the CMD scanner too, it is available for download from the McAfee product download site.

The instruction on how to use the product is available in the below article.

https://kc.mcafee.com/corporate/index?page=content&id=KB75478

You could run the scan even in safe mode without networking which is one of the best ways to clean the malware of the machine where an AV is not installed.

I hope this helps.

Thanks

AJ

0 Kudos
Reply
Dwee
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 5
‎08-13-2020 10:57 PM

Re: install ens failed

Jump to solution

Hi Ajay,

thx for your reply, can the cmd line scanner clean or detect virus or malware that slip stinger detection ? that will put cmd line scanner above stinger level am i right ?

i will try these "Can you confirm if the machine is patched with the latest Windows update? If not you can start off with that followed by updating the user account passwords. Run the stinger again reboot the machine and attempt the ENS installation" first, i'll get back here to inform you later,

 

Thanks again

Dwi

0 Kudos
Reply
ryadav1
Employee
Employee
Report Inappropriate Content
Message 4 of 5
‎08-13-2020 11:36 PM

Re: install ens failed

Jump to solution

Hi , 

I dont think its a  ransomware, so McAfee ransomware interceptor not going to be of much use.

The primary recommendation here would be to update the Microsoft Security updates on the impacted box and then run then try Installing the ENS . That should help .

Thank you 

0 Kudos
Reply
Dwee
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 5
‎08-18-2020 11:10 PM

Re: install ens failed

Jump to solution

Hi Ryadav ,

we have tried fix/patched windows up and so far we successful install the agent and the ENS, but some still can't install (some both agent and ens other agent only), and the one that installed agent and ens success to clean or delete the virus and other malicious, but there's some Trojan type in threat event that failed to delete or clean it, and we dont know why mcafee ens failed to delete ,clean or block these trojan, (target names: mssecsvr.exe, and functionprotocolhost.dll), mssecsvr.exe <-- isnt wannacry ?

amcore and dats all uptodate,

thanks

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC