Mcafee/Trellix - www.butsch.ch

ENS | Endpoint Security FW Fortigate FW Sophos GPO | Gruppenrichtlinien Ivanti Frontrange Enteo M365 - Exchange Online Mcafee/Trellix Microsoft SCCM,MEM,MDT Outlook Scripting Tools we made VMWare VSE | VirusScan Enterprise

CRL Check – Certificate Revocation List Validation Freeware Tool

15.12.2025 admin

CRL Check for Windows Environments CRL check is a tool designed to collect executables from most used paths on your client. It checks whether they are digitally signed with a code certificate and then retrieves the Certificate Revocation Lists (CRL) and OCSP for each signed file it finds. It then automatic verifies if the client […]

ENS | Endpoint Security EPO | ePolicy Orchestrator SECURITY

Trellix Endpoint Security Platform 10.7.19 mfeesp.exe crash nach Update, Event 1000, W11, SRV 2016 und 2019, Deutsch

01.12.2025 admin

Migration von Trellix Endpoint ENS 10.7.19 fehlerhaft ENS Oberfläche zeigt Fehler: Error commincating with the Event Log (Windows Defender ist aktiv) mfeesp.exe verursacht Abstürze In der ENS-GUI erscheint: “Error communicating with the Event Log” Application Event 1000 mit Verweis auf MSVCP140.DLL, MSVCP140_1.DLL, MSVCP140_2.DLL, MSVCP140_atomic_wait.dll oder MSVCP140_codecvt_ids.DLL Betroffen: Microsoft Windows 11 24H2 sowie Windows Server 2016 […]

Deployment ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix Scripting SECURITY

Unable to migrate Trellix Endpoint ENS 10.7.19, Event 1000, MSVCP140.dll, mfeesp.exe, Error communicating with the Event Log

20.11.2025 admin

Unable to migrate to Trellix Trellix Endpoint Security ENS 10.7.19 and ENS GUI crash with event 1000 (Update/migration/upgrade) mfeesp.exe crashing GUI: Error communicating with the Event Log Application Event 1000 from MSVCP140.DLL, MSVCP140_1.DLL,MSVCP140_2.DLL, MSVCP140_atomic_wait.dll or MSVCP140_codecvt_ids.DLL Affected OS we have seen with error: Microsoft Windows W11 24H2 Microsoft Server 2016 Microsoft Server 2019 Terminal Server […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4

05.02.2025 admin

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4 We have installed the latest Update 4 on several customer on-premises EPO installation and the update works fine and without any problems. Key Considerations for Updating Trellix ePO 5.10 SP1 to the Latest Rollup 4 Check your ePO database size. Some Trellix SP or Rollup […]

Deployment FW Fortigate FW Sophos Mcafee/Trellix Scripting SECURITY Tools we made

Check EXE Signature Online or Verify Code Signing Certificates for Executables

22.10.2024 admin

verify code sign certificates with our freeware tool to automatic If you’re searching for an easy way to check an EXE signature online or verify a code signing certificate on an executable, you’ve come to the right place. Over the last 20 years, we’ve seen how Certificate Revocation (CRL) issues on Windows systems—especially in enterprises—can […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix MSME | Security for Exchange SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2]

Crowdstrike Falcon Sensor, Azure VM Repair paths

19.07.2024 admin

The procedures in this article describe methods you can use to attach an encrypted OS disk to a repair VM and then unlock that disk. After the disk is unlocked, you can repair it. As a final step, you can replae the OS disk on the original VM with this newly repaired version. Microsoft has […]

Hotfixes, Updates Mcafee/Trellix Microsoft Server OS SECURITY Server 2012 R2 Server 2016 Server 2022 [21H2/22H2/32H2] VMWare

Falcon Sensor, Bluescreen of Death Vmware workaround if you can’t boot into recovery

19.07.2024 admin

Workaround Server / Vmware affected with NO Recovery Option and not encrypted: There are some server where you can’t boot into recovery or safe boot. If the volume is not encrypted you have one way to delete the faulty crowdstrike def file from the disk. Base article: 19.07.2024 BSOD Blue screen Crowdstrike – […]

Mcafee/Trellix SECURITY TIE/ATD/ATP | Sandbox - Advanced Threat Protection

19.07.2024 BSOD Blue screen Crowdstrike

19.07.2024 admin

The falcon has crashed BSOD blue screen of death on clients and server OS Red Teams and Hackers > see where you have brought us? https://www.trellix.com/about/why-trellix/vscrowdstrike/ The latest CrowdStrike Falcon Sensor update is causing a widespread issue resulting in a Blue Screen of Death (BSOD) boot loop globally. It’s a security professional’s worst nightmare […]

ENS | Endpoint Security Exchange 2013 Exchange 2016 Exchange 2019 WSUS

13.06.2024 False-Postive with ENS 10.7, AMCORE 5554 on Windows Defender AM_Delta_Patch Server 2019 German

10.07.2024 admin

Trellix ENS 10.7 deletes Windows Defender Update which come from WSUS-Server on German Server 2019 We just did see a false positive on Windows Defender Updates we provide via WSUS with autoaprove on a Windows Server 2019 German with Trellix ENS 10.7 and AMCORE 5554. The file was deleted from C:\Windows\SoftwareDistribution\Download\ Microsoft affected file: […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 3 fixes Update and LDAP bugs

04.06.2024 admin

FILE: ePO_5.10.0_SP1_UP3_1634, 460MB Finally the LAP Sync bug and the rollback (WMI) bug was fixed. There seems to be some truncate or shorten engineering force. We can understand that they want to prevent Buffer Overflow but the issue here with the LDAP client names shorten and then the issue with the TIE/DXL […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix SECURITY

Mcafee/Trellix ENS Gootkit False ENS 10.7 after 15.05.2024, rule SIG 6232 with VBS from TEMP

16.05.2024 admin

Mcafee/Trellix ENS 10.7 Exploit Prevention Content 13401 Update SIG 6232 from 15.05.2024 brought a false with some customers from us. This comes with good (change) or bad (false) timing after we have seen some Gootloader activity happening in EU/CH these days. This happens on ENS 10.7 APRIL 2024 and also on Nov 2023 Version […]

FW Fortigate FW Sophos KEMP Load Balancer M365,AZURE,INTUNE Mcafee/Trellix SECURITY

Google chrome 124 and Edge Chromium Probleme Webserver SSL-Brechen [DEU]

08.05.2024 admin

Google Chrome.exe 124 und Edge Chromium könnten Probleme haben, sich mit einem Webserver hinter älteren Firewalls oder Proxys zu verbinden, ODER bestimmte Sicherheitsgeräte filtern HTTPS/TLS-Websites nicht mehr. Das Problem hat etwa am 22.04.2024 begonnen und nimmt laufend zu. Dies könnte Sie betreffen, wenn: Sie oder jemand anderes einen Webserver oder einen Dienst mit […]

Deployment ENS | Endpoint Security FW Fortigate FW Sophos Mcafee/Trellix Scripting SECURITY

Certutil.exe –url –urlcache how to use and freeware GUI crl check to automate CRL verify

21.04.2024 admin

How to use Microsoft certutil.exe –url or –urlcache to find CRL and OCSP on Windows manually, or utilize our freeware tool crlcheck.exe, which performs the same function fully automatically for all EXE files on your system. crlcheck.exe https://www.butsch.ch/post/crlcheck-exe-certificate-revocation-list-check-tool-to-verify-all-crl-and-ocsp-on-windows-client/ What is a CRL Certificate Revocation List file? Each certificate authority (CA) periodically issues […]

EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection Tools we made

McAfee ATD – Trellix TIS MASU.exe Sandbox Uploader. A freeware tool to submit files to ATD/TIS automatic

09.04.2024 admin

M.A.S.U (M)CAFEE (A)TD (S)ANDBOX (U)PLOADER V4.1, Mike Butsch, Senior System Engineer, www.butsch.ch Remark 2024: Everything will work for TIS / Trellix Intelligent Sandbox we have been using the same tool with every release of TIS. Hopefully there is a ready solution for FireEye without using Python The tool is freeware, feel free to use it. […]

CRUNCH ENS | Endpoint Security FW Fortigate FW Sophos GPO | Gruppenrichtlinien Intunes M365 - Exchange Online M365,AZURE,INTUNE Mcafee/Trellix Microsoft SCCM,MEM,MDT Microsoft Server OS Scripting Tools we made Uncategorized W10 WSUS

CRL check, Zertifikatsperrlisten Software, Certificate Revocation List Check Tool zum suchen aller geblockten CRL in Firmenumgebungen, crlcheck.exe

06.04.2024 admin

crl check | crlcheck tool Eine Certificate Revocation List (CRL) ist eine von einer Certification Authority (CA) geführte Liste, die digitale Zertifikate auflistet, die revoziert wurden und nicht mehr gültig sind. Sie stellt sicher, dass Benutzer die Gültigkeit eines Zertifikats überprüfen können, was die Sicherheit innerhalb einer Public Key Infrastructure (PKI) erhöht. Mit diesem Tool […]

Certificate Revocation List Check Tool is designed to enhance security by performing several key functions related to executable files (EXE). It can scan your client for EXE files and examine their code-signing certificates. The tool also searches for the relevant CRL to determine whether it can be downloaded. It validates the integrity of the certificate chain, checks both the certificate and CRL for expiration dates, and can export a comprehensive list of all gathered information as a file. Additionally, it cross-references to ensure you are not using any revoked certificates, helping maintain a secure environment.

Category: Mcafee/Trellix