gonzo

I hope your school is not using what we called Malwarebytes Enterprise Edition (MEE), because that is ancient and was replaced 3.5 years ago by another product that has continued to evolve. Ransomware is not "a" thing, it is a collection of things. Many or all of the ingredients may be present, but only after the process has begun can you tell that it is what you believe it is. A poor analogy (which I will use anyway) is that you can have eggs, flour, water, salt and whatever else, but its not a cake until you combine them in the right order and prepare them in the prescribed manner. Ransomware is similar in that regard. You can wait, get screwed and know for sure, or recognize the extreme possibility and take precautionary steps. I hope that answers it better.

I'm not sure what Malwarebytes Enterprise is, but a Windows or Mac version of Malwarebytes would use signatures designed for those operating systems as well as heuristics based on characteristics of those operating systems. The same would hold true for Mobile. While you may have the same program that runs on multiple operating systems (Windows, Mac and/or Mobile), they are put together differently based on the rules and requirements of the environment. The way that ransomware would attack also differs from one OS to another. All of that being said, I'm not surprised at what you reported.

You will need to pursue this in your support ticket. Also, please clarify to them whether you have Endpoint Protection (new program) or Endpoint Security (older program). They are completely separate entities, and I bring that to your attention based on your last reply. The names of our products are very similar and unless you have been with us for a while, you may not be aware of that. The Support person you are working with is also new (I believe).

Q1: Not the case. That is the build number associated with the version 3.0.3 release. The next one would be 3.0.4 or 3.1, depending on the significance of the update. I stay out of that part, so I don't know which it would be. Q2: This page tells you what version is current, and what changes were incorporated into the version. It also shows older versions. When they update the product, you will need to download the new one and install it. The Windows version can download updates for you, but I don't think the Mac version does yet.

Damn! I was hoping. I can understand why it is done. A single subdomain may become infected, so unblocking all with one command could cause you worse problems. They're helping you, though it doesn't seem like it. The notification allows you to add an exclusion for that specific server/IP each time, so once you have all of their servers excluded, you wouldn't see any more notifications. That keeps you protected and slowly gets you to where you want to be. Sorry I don't have a better answer.

Have you tried using "example.com" as your exclusion? I believe that will also exclude subdomains. Try it. Let us know.

Adding to what @Aura said, if your email address is an entry in someone else's address book AND it had been compromised, it is likely that everyone that person knows got an email similar to the one you received. The best way for you to handle things like this is to: Not respond to things that make no sense Never click an "unsubscribe" link (this validates your email address as a live one, causing you to receive even more of these) Hover over links to find out where they actually go (regardless of who they say they are), and ignore any that raise doubts on your part Bad guys look for easy prey. Don't be the easy prey. You could always raise a question on this forum if you are unsure, and people will be glad to help you stay safe.

@pjm1128, What geographical area are you in? Its not being blocked right now for someone in Florida, so I'm gathering data.

Verified here as well. I will report it through internal channels also.

@Bomberh, I work here and just received the notification that an update was available. The previous poster summed it up well, but if you insist on an immediate upgrade, follow the advice of @Porthos. Unless there is a major upgrade, the most important thing to me is that I am safe. I was and I am.

Assuming that you have the Premium version, go to SETTINGS. Look at the APPLICATION tab, and scroll down to WINDOWS CONTEXT MENUS. Slide that to the ON position, and it should work like you want it to.

The EULA is fuzzy on this issue, but the System Requirements on the Download page is not. No server is on that list, for a reason. People use the software commonly for real-time protection. Neither the website protection or the ransomware protection will behave as expected on a server operating system due to differences between server OS and client OS. The safest way to guard against issues which may arise is to check what OS you are using before allowing updates. As Porthos said, a support ticket is your best bet.

@MAM Thank you for jumping in with that correction.

You might check the status of your .NET install on each machine. Sometimes you need to install, and sometimes its already installed but you need to enable...it depends on the OS involved.

1.2.6 is currently the "most recent" version. It runs only in the foreground, but it is also remediating after the damage has possibly been done. 3.0 in Premium mode offers REAL-TIME protection in the background. Real-time is a MAJOR advantage when it comes to protection.