-
Posts
201 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by REGITDept
-
-
-
On 5/21/2021 at 5:36 PM, thisisu said:
Hi,
The block will be removed in the next update. Sorry for the inconvenience
Regards
Thank you.
-
Dear Malwarebytes,
This site is being blocked: hxxps://cal.lighting (104.196.166.200)
Believed to be a FP.
Thanks.
-
-
Once the "Malwarebytes Endpoint Agent" is corrupted, you cannot un-install it using normal means.
If you try to remove the Agent using the installer, you will get error "Malwarebytes for Windows does not support this system's CPU or hardware architecture. This installer will exit now". (Please see screenshots).
The only way to fix this is to manually deep clean it out of the system and install again. Such a hassle when having to deal with many Endpoints.
Hopefully Malwarebytes can solve this ASAP.
Thanks.
-
1 minute ago, Porthos said:
Not the best idea MS had ever come up with. 😂
100% agreed. Too many issues arises from that 😄
- 1
-
1 hour ago, Porthos said:
It might have no bearing on the issue but, Do these endpoints have Windows 10 and fast start enabled?
I suggest turning off fast startup in Windows and see if the issue continues. I do not use the managed Malwarebytes but I do turn off fast start on every computer I touch.
https://www.tenforums.com/tutorials/4189-turn-off-fast-startup-windows-10-a.html
Hi Porthos,
Thank you for your input but we disabled Fast Start by default on all our endpoints.
-
I found out that these Endpoints had corrupted Malwarebytes agent.
Wonder what caused the Malwarebytes agent to become corrupted?
I'll provide more details when I have more time.
Thanks.
-
Dear Malwarebytes,
I noticed this happened quite often where Endpoints would ended up in "Last Seen 7+ Days Ago" after a while. Some can be as long as 6+ months even though it is active online every single day.
Perhaps this is some kind of bug?
Thanks.
-
Dear Malwarebytes,
We are currently using Malwarebytes Endpoint Protection. Do you guys still provide to us the Standalone versions as well? The one that is the same or similar to the ones we had when we still using the Management Console from our own dedicated server? Basically, an Unmanaged version?
Thanks.
-
8 minutes ago, cli said:
I scanned the file and it wasn't detected. It may have been automatically fixed.
Thank you.
-
2 minutes ago, cli said:
Can you attach the detected file and scan logs? Thanks.
Detected file attached.
Not sure which Logs file you are looking for.
This is the Managed Malwarebytes Nebula.
Thanks.
-
-
2 hours ago, cli said:
Thanks for reporting, it was whitelisted on March 8, 2021 and should no longer be detected.
Thank you.
-
-
-
Dear Malwarebytes,
We recently got a detection for MachineLearning/Anomalous.100% for the Setup file of the Adobe Photoshop Elements 10.
I have attached the file for verification whether this is a false positive or not.
Thanks.
-
Dear Malwarebytes,
Our user reported this website as blocked:
hxxp://www.sabahinternationalinc.com
Can you please verify whether this is a false positive or not?
Thanks.
-
1 hour ago, Zynthesist said:
Are those still left over from the compromise?
http://newkrungthai.com/wp-admin/lm/m5c0f59ps50r http://newkrungthai.com/wp-admin/closed-sector/close-profile/o93v0mfhrn0on342-81v8tx http://newkrungthai.com/renew/ http://newkrungthai.com/resultsgeneral/tell_a_friend.php http://newkrungthai.com/wp-admin/lm/m5c0f59ps50r/ http://newkrungthai.com/wp-admin/7ojwdf-2l8-442 http://newkrungthai.com/wp-admin/closed-sector/close-profile http://newkrungthai.com/wp-admin/invoice/ygh2i2yqa2ot/5dr22z3-897-525-6fyx2f8es6w-gil4735a3f http://newkrungthai.com/wp-admin/invoice/ygh2i2yqa2ot/5dr22z3-897-525-6fyx2f8es6w-gil4735a3f/ http://newkrungthai.com/wp-admin/closed-sector/close-profile/ http://newkrungthai.com/wp-admin/closed-sector/close-profile/o93v0mfhrn0on342-81v8tx/
Thanks for the follow up.
-
Any status updates guys?
Seems like pointless to still block something that is no longer exist?
Thanks.
-
New Krungthai website uses WordPress (horrible in security) and was compromised to deliver malware from IP 134.249.116.78.
The IP is currently no longer valid.
-
Dear Malwarebytes,
Can you please verify to see if this is a false positive or not?
Malwarebytes kept blocking it.
Thanks.
-
-
FP: hxxps://www.batterysystems.net
in Website Blocking
Posted
Hi guys,
I believed this to be a false positive:
hxxps://www.batterysystems.net
Thanks.