Jump to content

Rsullinger

Staff
 View Profile  See their activity

  • Posts

    533

  • Joined

  • Last visited

 Content Type 

Posts posted by Rsullinger

    Quarantined files marked for deletion, need to revert back before I reboot on Server 2008 - HELP

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Helpdesktndusa,

     

    I would like to take a look at the logs to see what files were removed and what we can do to get those restored for you. Can you send me an PM with your e-mail address so I can create a support ticket on our side for this? If this is a FP, I want to collect information for our team so we can get this fixed as well.

     

    Thank you,

     

    Ron S

    Exclude specific PUM object type: NoSMHelp

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Imperator,

     

    What version of the management console/management client are you on? If you open up the management console and look in the bottom left, you will see the version number written out there. In version 1.6.1, we put in the ability to add wildcard registration entries like the one you put above. So if you do have version 1.6.1, you can simply put in what you wanted to enter in:

     

    HKEY_USERS\*\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp

     

    That will exclude it on all user accounts on the machines.

     

    If you are not on 1.6.1, you will just need to update to that and push the new managed client and anti-malware client version to the computer. You can use the instructions here for that:

     

    https://support.malwarebytes.org/customer/en/portal/articles/1835539-how-do-i-upgrade-to-the-latest-version-of-the-malwarebytes-management-console-?b_id=6401

     

    Thank you,

     

    Ron S

    Whitelist Reg key

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Scoutt,

     

    With the anti-malware for business version 1.80.1.1011, you can exclude that key with a wildcard symbol so it will exclude all the different users and machines. For example:

     

    HKU\*\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegistryTools

     

    That will stop your policies from being detected.

     

    Thank you,

     

    Ron S

    Windows 10 Malwarebytes install fails

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Mike,

     

    I think this may be due to .net framework 3.5 not being enabled. The management client uses .net framework 3.5 and by default windows 10 does not have that enabled. You just need to go into programs and features on the computer and enable it. I am attaching a screenshot to show what I mean. 

     

    Let me know if that ends up not fixing it. We may need to create a case in our ticketing system if I need to grab more information from the computers.

     

    Thank you,

     

    Ron S

    post-162330-0-18237800-1450807308_thumb.

    Excluding Symantec Folders

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Guy947,

     

    We unfortunately do not have a list of recommended files, folders, or registry keys that Symantec would recommend. However, a basic blanket exclusions of their C:\ProgramFiles(x86) and any Program data files should be enough. One thing you may want to do if you exclude this is to add a \* at the end of the exclusion. For example, C:\Test\*. That will exclude the test folder and all sub folders and files in that folder. So it will help exclude the entire path.

     

    Thank you,

     

    Ron S

    Startup Delay - Best Practice?

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Guy947,

     

    It is basically like you mentioned at the end of the post "My first thought is to not use this feature unless I start hearing complaints from users about boot times". You shouldn't need to use the option unless you notice any issues that require the setting.

     

    For example, there are some customers I have helped in the past that needed that option because of their log in scripts. Because anti-malware starts on startup, it tries to scan the scripts to make sure they are not that was being run which led to a longer boot then normal. However, if they delayed it by 30 seconds they would not see that boot delay because the script would run its course. 

     

    So you can leave that setting unchecked unless you run into this type of issue. If you run into such an issue as well, you can contact me or any of our support team at corporate-support@malwarebytes.org and we can assist you there as well!

     

    Thank you,

    Ron S
     

    Computer Status Unregistered

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Mike!

     

    That is correct that they will drop in 30 days. If you are on the 1.5 version of the program, you can change how often those clients drop off. This can be found under the admin pane and under the other settings tab.

     

    As for an alternative way, you can remove and re-add your OU group. That will re-populate the entries on the management console since it has to query the OU group completely again. 

     

    Also, if you go to the admin pane and go to the other settings tab you should see the AD sync settings there as well. If it is only showing as un-registered, hitting the sync now button should remove the entry if it is no where to be found in that OU group.

     

    If these do not fix it or if you have any other questions, let me know and I can create an e-mail case through our support system. That way I can get any logs if we need to troubleshoot the issue!

     

    Thank you,

     

    Ron S

    User Profile damaged after chameleon malwarebytes install

    in Malwarebytes Anti-Malware for Business

    Posted

    Hello Paul and John,

     

    I am sorry to hear that happened. That is not something that should have happened and I am interested in why it may have occurred and how our product may have had a hand in it. You mentioned you were able to provide a fix for this, if you want to see why this may have occurred I can assist in troubleshooting this with an e-mail case. Let me know if that is something you wish to do!

     

    Thank you,

     

    Ron S

    Blocked Sites - Odd Hours Help

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Peteo,

     

    Sites like virustotal may give you more of an incite as to why this is being blocked. However, it may not have the reason why we have it in our database. If you would like to know more about it, I can get more information about it. But I would like to create a e-mail ticket for this. There may also be an infection on the computer which I would like to verify with a diagnostic log. Is this something you would like to do?

     

    Thank you,

     

    Ron S

    Malwarebytes Enterprise managment console and now DB out of date on some PC's

    in Malwarebytes Anti-Malware for Business

    Posted

    Hey Pferreira,

     

    After you did the update to the management console, did you do a push install to the clients to make sure they have the new version of the software that manages the communication between client and server? If you did and it didn't fix the issue, I would like to have you grab some logs for me. For this, I would like to make a ticket. If you could, shoot me a PM with your e-mail and I can reach out to you further for this.

     

    Thank you,

     

    Ron S

    MBAM Management Console

    in Malwarebytes Management Console

    Posted

    Hello Crickard,

     

    No problem. I can assist with this. We use a sql query on the database to reset the password. I would like to reply to the ticket that you submitted to give you the instructions for this. Can you send me your e-mail that you used for the ticket through a private message? I will get the instructions sent out to you when I get that!

     

    Thank you,

     

    Ron S

    Network Deploy Through Lansweeper (MSI)

    in Malwarebytes Anti-Malware for Business

    Posted

    Hello Littleadam!

     

    We have not heard of any issues with pushing out the package with other deployment programs such as SCCM. I am not as familiar with Lansweeper, but is there any log that is made in it to show if there was any issues during installation. If not, is there a .msi log that is created in temp folder on those computers? That should usually give you a better idea of the point of failure. Also, if you haven't already, make sure /qn is used for the silent switch. If you have any more information from any of the items I just mentioned, I can create a ticket on our side and we can see where the issue may be. Just shoot me your e-mail.

     

    Thank you,

     

    Ron S

    MEE forces install of IIS 7.5 and SQL Express?

    in Malwarebytes Anti-Malware for Business

    Posted

    Hello Send2brian,

     

    Unfortunately the IIS 7.5 express is still a requirement for the product and will be used on any new installation. I am not sure of any changes that may be coming to that portion of the install and use of the product, but I can submit that you are looking for this as a feature request/suggestion to our PM.

     

    If you have questions about this, let me know. 

     

    Thank you,

     

    Ron S

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.