Limon

Hello, I have been unable to find a way to summarize our endpoints to understand the health of our Malwarebytes clients. Is there a way to report on the endpoints to include Engine Version / Agent Protection Version and any other information to determine what endpoints are properly updating and those that are not? It's not feasible to click into each of our 2500 endpoint records one at a time. Thank you for your help.

Good morning, To say that our Malwarebytes EP experience has been poor is an understatement. We rolled out to the entire enterprise the weekend of the mal-formed update and still have not completely recovered. The tech has been unpleasant "I've already called you twice", and we have not been able to track down a workable exclusion for the hundreds of end users forced to reboot with a registry change that Malwarebytes is cleaning daily. I'm turning to the forums since it appears we have exhausted our support through two phone calls. Basically we are forcing a wallpaper image and not allowing users to change it. The error in the console looks like this: PUM.Optional.NoChangingWallpaper Quarantined Detection Data Name: PUM.Optional.NoChangingWallpaper Category: PUM Type: Registry Value Location: HKU\S-1-5-21-2425530655-2670725271-3209618128-9677\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ACTIVEDESKTOP|NOCHANGINGWALLPAPER Detection ID: 1d93df19-0d56-11e8-aed3-6c0b8469375e Endpoint: Scanned At: 02/09/2018 - 07:51:35 AM Scan ID: Blocked By Real-Time Protection Looking for any thoughts or recommendations to allow us to control the wallpaper in this manner through exclusions so that we don't have hundreds of users being forced to reboot daily. I see this is part of Malwarebyte's design (https://blog.malwarebytes.com/detections/pum-optional-nochangingwallpaper/), but we need to exclude detection of this. Note it's an user key location, so different with each user. Thanks so much for your insight and help!

With the recent attention to version of definitions and engines, how on earth do we view the versions and sort by versions on endpoints? When you have 2,000 endpoints, you can't just click into each one. Is there a listing of all endpoints and their component versions on the web/cloud portal?

Good afternoon. When we are setting up our policy it appears Full Scan has been replaced by Threat Scan in the cloud console. Does Threat Scan include all the options available in the Optional Scan check boxes including the root kit scan? I don't see mention of this in the admin guide and didn't find anything when searching the forum. Thank you! Henry

This is affecting our (large) organization greatly. Many of our users were interrupted throughout Friday, lots of lost work, and 1/3 of the IT staff pulled out of support roles to work on a root cause with no call-backs or response from MB. to submitted ticket(s), etc. Users continue to lose work and the fact that the workaround is to disable Endpoint realtime scanning is a terrible idea. How about specific exclusions we can add to endpoint? How about calling back the customers who leave voicemails/open tickets? Based on this forum it's only 6 calls that would help MB to retain customers. Here is what would help us customers the most: 1. Acknowledge the issue and who is at fault - done, it's a Malwarebytes problem, not Microsoft 2. Communicate with the customer - sort of -- in a forum? 3. Provide an eta to a real fix with regular updates to manage our expectations--we have to answer to Management. Thank you for your help and please, please keep providing updates and developments within this forum as this appears to be the only mode of support. There's rumors out there that say we should exclude certain Malwarebytes files. Is this valid and are you testing that?