Jump to content

AlexLeadingEdge

Members
  • Content Count

    86
  • Joined

  • Last visited

Community Reputation

1 Neutral

About AlexLeadingEdge

  • Rank
    Regular Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Alex, Sorry about the delay in replying. We have multiple Malwarebytes installs with Malwarebytes certificate errors and the install isn't actually working, so I can't rule out it is one of these. Malwarebytes Support seem to be calling it "Error 577". We are in the process of moving several hundred computers from Nebula to OneView so we are a little busy at the moment, but will investigate again after Christmas.
  2. Hi Alex, No, we used one network we control to RDP into another network we also control, using incorrect RDP login authentication details. The Event Viewer shows the failed logins, but Malwarebytes didn't block us. The only thing I have noticed that may be a problem is that we haven't defined the RDP port as 3389, we left it blank so Malwarebytes would figure it out on its own.
  3. Hi guys, We turned on the new Brute Force Protection / RDP Blocking feature on, but doing simple tests that should have got us blocked, by connecting with incorrect username and password, shows that the Brute Force Protection doesn't actually seem to do anything. Any ideas why this isn't working?
  4. I have the same issue. Every time I do a scan roughly 176 computers will email me saying they failed to scan (machine.command.failed , command.threat.scan). I asked Malwarebytes Support once before about this but they said it is caused by computers being offline or being powered off during the scan, but this is obviously not correct as I have servers that are online 24/7/365 that are also giving this error. I have opened a ticket with Support and hope to hear from them soon.
  5. This seems to be a part of an old install of Attache Pro, an accounting system. The client installed Attache Pro way back in 2006, but the client needs access to it for historical purposes. Here are the VirusTotal results, both say three AI have picked it up as malware, though interestingly Malwarebytes isn't in the list: https://www.virustotal.com/gui/file/0d81ced30afcc8a7b19d77b5e755e3de4002f5590959a6a43f7db2aaea945c86/detection https://www.virustotal.com/gui/file/5787ec365a04000058832dc9f0d1f4197beaa2cd2d87a160971991a6a24f1efc/detection
  6. How do I unquaratine the file without releasing it back to the end user? How do I run a VirusTotal scan against a file I haven't un-quarantined? i.e. if it is a virus I don't want to reinfect the end user's machine. Surely Malwarebytes can generate an MD5 hash from a Quarantined file?
  7. One would hope that business customers would get priority as it may affect multiple clients at the same time. Also we use Nebula, and perhaps soon OneView, while home users use Premium, but I'm not sure how much diffence there is between them in regards to the scanning systems.
  8. Ah, sorry! I looked under Business Support and didn't see a section for False Positives.
  9. Given this file is on the H Drive it is probably a very old system file, but interesting that the AI thinks it is a threat, perhaps it has been interfered with? Is there a way to get the MD5 hash, so I can plug it into VirusTotal to see what other vendors think of it? Name: Malware.AI.1431233598 Category: Malware Type: File Location: H:\Windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_10.2.9200.16521_none_7b14ed51c173bb6d\mshta.exe Detection ID: 1b07a5a
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.