Jump to content

Jcolagrossi

Staff
  • Posts

    61
  • Joined

  • Last visited

Everything posted by Jcolagrossi

  1. While there are loads of ways to get infected, I believe our anti-exploit tool can help protect your browsers from java script exploit based delivery of malware. Have you played with MBAE as of yet? You can check it out and even pull down a trial of it from here https://www.malwarebytes.org/antiexploit/
  2. Hi Eric, Apologies for the delay, I'm just starting to warm up to frequenting the forums more often. There really isn't another way to log where the connection came from as we do not have any forensics in the program as of yet as we are focused more on detection and remediation at this time. I'm not sure what would be a better solution for gaining more details on the connection, though you may consider to ask our business success team for more possible information.
  3. Hello DomainController Welcome to the forums! The first thing I would want to mention for this issue would be related to the communications check in time that is configured in the policy. The status of the machine will not update until the time interval has come and gone from the point that the pc has turned on. Outside of that, the next thing we would want to check is some logs on the endpoint which we may want to involve the business support team in.
  4. Hi ManoloUD, We should be able to disable the notifications under the Settings tab, General Settings. We can disable the notifications from here!
  5. Hi Eric, With the ip protection enabled on the server their wont be a way to identify the culprit trying to reach out if all traffic is filtered through that server machine. Any traffic that is deemed malicious will be stopped on the machine that the network traffic originated from. I did a quick lookup on Virustotal, the ip is hosted in china it seems. https://www.virustotal.com/en/ip-address/122.228.198.140/information/ If you really want to find out which host machine is trying to access that ip, you could disable the protection on the server machine, let the host machine touch it, then you will see which machine is the culprit in the client view of the console. But I would highly recommend against it as it sounds like it is a production server.
  6. Cool thing is to know that just about all AV's will work with Malwarebytes. Aren't any conflicts to my knowledge with any!
  7. Hey guys! I'm glad to see these got sorted out! Let me know if I can get you in touch with the support team if issues like this arise again!
  8. Only a little ashamed to admit I would do this all the time in college. I must have found at least 6 during my college career.
  9. Hey Doveletchan, I don;t know if you sought help anywhere else on this issue yet. But this is likely due to the default treatment for PUPS. it is set to detect and show those items but not to remove them. We can change this treatment in the policy setting under scanner tab, modify the setting for PUP detection's from "Show in results list and do not check for removal" to "Show in results and check for removal" Once this policy is updated on the endpoints, the next scan should be able to remove these items! Let me know if this helps or if you have any other issues.
  10. Hi Westur999! My first thought is if you are using the default check in time on the policy? The default setting is for the clients to check into the server every 5 seconds. There is an option to modify this in the policy settings under the communication tab. Also, if may help to break up your clients into multiple groups and different policies with different check in times to help reduce the chances of all the machines from checking in at the same time, save a bit of bandwidth there too. Let us know if this helps. If the issue still remains I can help you get in touch with our success team and get closer assistance!
  11. Hi djarvis! Is the error similar to the one in the post you linked? Are you trying to access the reports from the system the management server is installed on?
  12. Hi Bumskull, I would first check if the MeeClientService is active on these machines, if possible could you create a ticket with our business support team? They will likely want to collect logs and information that is a bit more verbose for posting here on the forum; https://www.malwarebytes.org/support/business/
  13. Hi Matt! The all inclusive package would be our Endpoint Security package that includes both Anti-malware and Anti-exploit with the management console. You'll have access to both the standalone products as well as use of the standalone versions too! I could get one of our sales associates to get in touch with you to try and have a conversation and see what solutions could work out for us! If you could fill out this information form, one of our guys or gals can reach out to you soon with a call https://www.malwarebytes.org/business/licensing/
  14. Hello! It is possible to configure a dmz setup, basically if the clients can communicate with the server, they can be managed! The client uses port 18457 to communicate to the server. Alternatively, you could create a policy where the remote endpoints can update on their own by reaching out over the internet instead of reaching to the server for db updates. This would provide the confidence to know those machines are always staying up to date on their own when they are not connected. The next time they connect via vpn or other connection, they would shoot up their logs and pull down any policy changes from the server. I hope this information helps!
  15. Hi Ireman, Currently there are no other configurations that will allow for the reports to display properly from the console hosted on the server.
  16. Hi Jim, can you send me a private message confirming your email address? We would like to support you through Zendesk on this issue. Or if it is easier, you can create a ticket http://www.malwarebytes.org/support/business/contact/
  17. Hi Markg0527, Unfortunately there is no option in the policy settings that prevents a user from interacting with the services of the program. What we typically see for these settings is a gpo put in place for the administratorsof other customers networks that prevent users from having that capability.
  18. Hi Temple, I apologize for your experience but, the support you are describing is not provided by our team or affiliate Cleverbridge as they do not provide any sort of technical support. Currently we provide all consumer support via email through this online portal http://www.malwarebytes.org/support/consumer/contact/ or here on the forums. I will provide the information you have brought to us about this scam to the appropriate team members so that it can be investigated. If you could provide any information regarding where you acquired the information for those contacts it would assist greatly. Additionally, you can read up more on these type of tech support scams here: http://blog.malwarebytes.org/tech-support-scams/ Thank you.
  19. Hi Nrnoble, I wanted to reach out and ask if this issue has been resolved yet and if so, what was done to resolve it?
  20. Good morning TSchwab and welcome to the forums, For remote systems we can create an exported .exe or .msi installation package to manually install the managed client to. We can also have these clients reach out the the Malwarebytes update servers for updates over the internet if they are not able to reach out to the MEE server. Please note however, that for these clients to work according to policy, they will need to check in with the server at least once either via vpn or other method to register. I hope I was able to answer your question. Please let me know if you have any other inquiries or concerns. Thank you.
  21. Hi is35a, We apologize for the delay in our response times. Currently we are encountering a high volume of support requests along with the launch of 2.0, and are doing our best to get to all requests in a timely manner. I ask that you continue to troubleshoot with the tech helping you. We do frequently collect information and logs to better understand the issues that are reported, frequently this type of information will be shared so that we can better tune the product in future builds. Again, thank you for your patience and understanding during this time. Thank you.
  22. Hi Geofftracy, Currently email alerts are not present in the program, this is something we are looking to get added in a future build of the program though. Please look forward to it!
  23. Hi Nictraf and welcome to the forums, Currently we do not have the capability to send logs, reports, or notification alerts through email. Email alerts is a feature coming up in a future build release. Please look forward to it soon. Please let me know if you have any other questions. Thank you.
  24. Hi James! We should be able to schedule multiple events in the policy. Are these events still not initiating? Let me know. If they are not I will send you a private message asking for some additional details from the system. Thank you!
  25. Hi Mcr010 and welcome to the forums! I will get this request forwarded to the appropriate parties so we can see about getting this fixed for a future build. Can I ask for a screenshot of the error that appears when logging in with this method?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.