Jump to content

gonzo

Staff
  • Content Count

    3,065
  • Joined

  • Last visited

Everything posted by gonzo

  1. I am not seeing a block either.
  2. Whitelist entry has been added in Browser Guard for this URL. Please give it a few minutes to propagate out.
  3. Whitelist entry has been added. If you go to that site without the "www." prefix on it, you will end up somewhere else entirely, and it has a different block on it (not ours).
  4. I added a Browser Guard whitelist entry for this site. Please give it 20-30 minutes to propagate out and let us know if the block continues.
  5. I added a Browser Guard whitelist entry. It should be unblocked within 20-30 minutes. After that period of time, please let us know if the block continues.
  6. gonzo

    techlore.tech

    It has been whitelisted.
  7. Each specific URL that has been requested has been whitelisted. Adding a whitelist entry for the entire CDN would open the door to abuse. I have reached out to product owners for advice on an effective means of whitelisting CDN-based links.
  8. gonzo

    False Positive

    Site has been whitelisted.
  9. Site has been whitelisted. Please give it 30 minutes for so for the changes to propagate out.
  10. gonzo

    ICQ for Windows

    ICQ has been whitelisted. It should have made its way into the field by now.
  11. Go to ALLOW LIST, Under Add a URL or IP Address, enter google-analytics.com Under Disabled Protections, select Ads / Trackers from the pulldown Click Done
  12. Please provide a screenshot that shows the block. I am not seeing a block with Malwarebytes Premium or with Browser Guard.
  13. Adding a filename would accomplish nothing, because any file -- regardless of what it is -- could be given a name that matches an exclusion, and could then prove fatal to your computer. Download a program that will generate an MD5 hash, determine the hash value for your Powershell file,. then enter it as an exclusion. That should work.
  14. The manager of our Customer Success team would like to have a conversation with you, but has been having problems reaching you. He could probably provide assistance to you in a number of ways if you are willing.
  15. Time not wasted. If you had not asked the question and showed concern, someone else would have. We got a chance to respond and everyone is a bit wiser now. Thank YOU!
  16. For Endpoint Security, we have a Excel-based tool available. Support can get that for you. You can also get the schema so you know what fields are there, and in which tables you can find those fields in. Endpoint Security has the Management Console, Anti-Malware 1.9, Anti-Exploit 1.13.x (available option) and Anti-Ransomware 0.9.x (available option). The Management Console is installed on a server, and the SQL database is installed on a separate server (best idea) or on the same server as the Management Console (can cause issues). It can work with thousands of clients, but optimizing performance can be tricky. Endpoint Protection is the newer cloud-based product that contains all of the same functionality that Endpoint Security has (which you have grown accustomed to). You do not need to run a server or a SQL server to support your environment. Control of the clients that protect your computers is driven by our cloud services. It is faster, requires no maintenance, has better reporting, and also offers availability of limited forensics. It is also updated on a regular basis. Honestly speaking, I think it is better suited to your needs.
  17. Endpoint Security is a whole different world, as you are aware. It stores data in a SQL database. There is no customizable reporting on the product, but you can create reports from the SQL data. Customer Success can get you a schema that will enable that option for you. Powershell would still need to get at the SQL data to do any reporting. However, I think there are bigger issues at play that I would like to address...I hope that's okay. Management Console runs as a combination of executable and services on a server, connecting to a SQL database which may be on the same server or on a separate one. All server-database communications run through an agent (middle man), as do communications between server and all of your workstations. Bandwidth usage can get rather intense at times, so we use policies to distribute the communication workload. Policy changes cause a bandwidth spike, as does initiation of a scan and reporting of the results. Coupled with this is the number of threads that are available to do the work in the server CPU. Both can cause queueing of communications between client and server. If the SQL database is on the same machine, the load on the server is increased to support that as well. If you experience a malware attack, all affected computers/workstations will simultaneously start eating your bandwidth to send alerts about the malware. That can lead to queueing of communications to the SQL database, and can be magnified if periodic disk maintenance is not performed to assure you have adequate disk space. Its a balancing act! The second issue is full scans. You have Anti-Exploit and Anti-Ransomware along with Anti-Malware. That means that the methods malware would use to inflict damage are rendered unusable. It doesn't really matter what is present if it can't do its dirty work. Anti-Exploit and Anti-Ransomware look for the first signs of behavior that is of concern to you. Virtually all malware utilizes several process steps that enable it to do its job. If you block the process, you block the malware. You could trim those full scans back considerably without worry, and trust your real-time protection to take care of you. Lastly, have you compared Malwarebytes Endpoint Protection to Endpoint Security? It has the reporting you are looking for, it offloads much of the work that is slowing you down, and is updated often. I see the value in both product lines, but to me, its a function of the environment that the software will be protecting. Its worth mentioning
  18. Every scan log tells you the amount of time that the scan required. My full scan will take a different amount of time than your full scan, because they are two different worlds that must be scanned. It is not one size fits all. You should also know that a full scan run in the background will take longer than a full scan run "on demand." You can cancel an in-process scan, but based on the criteria already mentioned, you would need to run several scans in each mode to determine what "too long" means to you. One more item on this topic...a scan that is interrupted by your computer entering sleep mode will screw up the "scan time" that is reported, because the time reported is based on system time. If you're running MB4, click on the SCANNER panel and select the REPORTS tab. Every scan in the last 30 days is listed there.
  19. I just added this URL to the whitelist. Give it a few minutes, then try it. Please report back if there are any issues.
  20. Whitelisted now. Give it half an hour or so and try again. If it doesn't work, I'll use Plan B.
  21. Whitelist entry for the download has been created.
  22. gonzo

    False Positive

    Whitelist entry has been added. Please allow a few minutes for the DB to propagate. Thanks!
  23. The site has been whitelisted, though if the block was due to trackers, I may need more information to whitelist it properly. Please give it 30-60 minutes for the database changes to propagate out.
  24. Whitelist for above two sites has been added. Please allow time for the database to propagate out.
  25. The Malwarebytes block is being removed, and that will cause the Browser Guard block to be removed as well. Please give it time for a database update to propagate out.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.