djacobson

Moderators
  • Content count

    313
  • Joined

  • Last visited

About djacobson

  • Rank
    Staff

Recent Profile Visitors

2,404 profile views
  1. That's awesome John, I'm happy I could help out! Don't hesitate to ask if you need any other help, I want to make sure you are successful!
  2. it's no problem at all! I'm happy to help!
  3. It is up to date at CU Package - 1.1.46, there will be an update on the CU fairly soon, target is in the next few weeks. The difference between 661 and 689 is UI changes for the biz product version.
  4. Hi guys, to clarify: 0.9.17.661 is the consumer beta - not for use in business environments - it is meant for a home use PC. 0.9.17.689 is the business build paired with paid Endpoint Security / Anti-Malware for Business / Anti-Exploit for Business subscriptions. The vital thing is that they are on CU Package - 1.1.46.
  5. That's pretty odd, what installer are you using? Exe or msi? If msi, what is the command set you are using?
  6. Hi @jphelan, MBARW's pre-reqs are not much really. Main points are no Windows XP or Server OS support, just workstation's Win 7 and up. Other than that it requires active internet connection and for the following URL's to be explicitly allowed on any firewall, NGFW with SSL packet inspection, content filter, proxy etc.. External URLs to have open https://data.service.malwarebytes.org Port 443 outbound https://data-cdn.mbamupdates.com Port 443 outbound https://keystone.mwbsys.com Port 443 outbound
  7. 3431 has a zero integer check-in timer bug, which sounds like exactly what you are experiencing. I would recommend getting on the 3443 hotfix build as soon as possible. Re-download the package like you did for 3431, the new console installer will be on that same link.
  8. Hi @computercourage With the business products, you are protected on three levels; Anti-Malware's web blocker will stop the dial out for the key(it also now has the signature to catch the hardcoded process name used - C:\WINDOWS\mssecsvc.exe), Anti-Exploit stops the vector that is used - compromised PDF's and Anti-Ransomware will stop the encryption process. If your business environment does not keep Windows full updated due to change process, or long term update vetting, it is vital that your security programs are up to date and that you at least patch the vulnerability that was exploited, MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Also check out our MalwarebytesLabs blog which dissects this ransomware, once you see how badly it is coded, it won't seem so scary at all. https://blog.malwarebytes.com/cybercrime/2017/05/wanna-cry-some-more-ransomware-roundup-special-edition/ https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/
  9. Hi @bigjohn888jb, make sure you are right clicking the installer file and running it as admin, this needs to be done even if you are logged in as a domain admin. Alternativelty, you can use the server's local admin account to do the install. If you pre-install SQL Express or it is already installed on the server you are using, you'll need to create an instance for the Malwarebytes SQL to reside in. Download a new SQL Express installer, choose the one that matches the Express that is already in place. SQL Server 2008 R2 Express:https://www.microsoft.com/en-us/download/confirmation.aspx?id=30438 SQL Server 2014 Express:https://www.microsoft.com/en-us/download/confirmation.aspx?id=42299 SQL Server 2016 Express:https://www.microsoft.com/en-us/download/confirmation.aspx?id=52679 Then follow these instructions for setup: Choose to create a New Installation. Choose "New Installation or Add Features" then click Next. Accept the license, then click Next, then Next again. Name the instance (I suggest naming it Malwarebytes) then click Next. Click "Use Same Account for all SQL Server services." On the popup, enter your Windows credentials. Choose Mixed Mode authentication. Create a password for the SA account, then click Next. Click Next two more times and finish the SQL installation. Now proceed with the Malwarebytes Management Server installation. On the SQL step choose 'Use External Database." Enter the Database Address, if named Malwarebytes from step 4, it will be ".\Malwarebytes" without the quotes. Enter the username as SA, and then the password you created for it. Proceed with the installation as normal Let me know if this works for you.
  10. Hi guys, you can only have one key in the console at a time. The process is to change the seat count of your existing key, the backend changes will report to your console licensing section in the Admin tab of console 1.7.0.,3208 and up once it is completed. Your sales agent is the person who would normally be doing this. @BrianLG I got you! Send me a PM with your sales agent's contact (if you have one, if not that's ok), your email and your current key, I'll push the seat count changes through.
  11. Latest MBARW for business is 0.9.17.689, CU Package - 1.1.46. The install is located in the download package linked from your purchase documents.
  12. Also, follow-up question, are you on 1.8.0.3431 or 1.8.0.3443?
  13. Is auto-refresh on in your client view? What is your check-in interval in Policy \ Communication?
  14. I got you @Brandon_Lutz! Here's a Microsoft article about connecting the SQL and making pivot charts, if you need it - https://docs.microsoft.com/en-us/azure/sql-database/sql-database-connect-excel Here's the database schema for console 1.8 - https://malwarebytes.box.com/s/yzov412l8bydq85v5j5kx82ifhnrqz00
  15. Hi @SteveIT, I'm sorry about the delay, we've been swamped with questions about this thing, thank you for being patient with us. With the business product, you are protected on three levels; Anti-Malware's web blocker will stop the dial out for the key(it also now has the signature to catch the hardcoded process name used - C:\WINDOWS\mssecsvc.exe), Anti-Exploit stops the vector that is used - compromised PDF's and Anti-Ransomware will stop the encryption process. If your business environment does not keep Windows full updated due to change process, or long term update vetting, it is vital that your security programs are up to date and that you at least patch the vulnerability that was exploited, MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Also check out our MalwarebytesLabs blog which dissects this ransomware, once you see how badly it is coded, it won't seem so scary at all. https://blog.malwarebytes.com/cybercrime/2017/05/wanna-cry-some-more-ransomware-roundup-special-edition/ https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/