Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.
Category published:  Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection   Click on the Category button to get more articles regarding that product.

Trellix/MCAFEE ATD: Sandbox stays at STATUS BAD

Posted by admin on 27.09.2020


Trellix/MCAFEE ATD: Sandbox stays at STATUS BAD

We just had a case where an MCAFEE ATD-3000 Sandbox was staying at the Status BAD.

A person hat submitted a file to analyse with XVIEW (Look into the Sandbox) and did shutdown the VM after that analyse.

NO > Rebuild of the VM’s did not solve

NO > Reboot of the Sandbox did not solve

Logon to Sandbox with SSH and PORT 2222 not 22 (Logon with cliadmin)

CLI: reboot active

Logon to Sandbox with SSH and PORT 2222 not 22 (Logon with cliadmin)

CLI: removeSampleInWaiting

After this the FILE in the queue which may generated the error did disappear and the status went back to “GOOD”

Found in Doku file: ATD_3.6.2_Product_Guide_revA.pdf


 Category published:  Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection   Click on the Category button to get more articles regarding that product.

Related Post

Crowdstrike Falcon Sensor, Azure VM Repair paths

Falcon Sensor, Bluescreen of Death Vmware workaround if you can’t boot into recovery

19.07.2024 BSOD Blue screen Crowdstrike

Template theme: Newsup by Themeansar (External Link, you will leave www.butsch.ch).