Jump to content

AlexLeadingEdge

Members
  • Content Count

    52
  • Joined

  • Last visited

Posts posted by AlexLeadingEdge


  1. Hi guys,

    It turned out there were three copies of Malwarebytes on that computer. Version 2 (Corporate), Version 3 (Free, installed via Ninite), and the Cloud Agent we are currently using. Talking to Malwarebytes Support Australia the Cloud Agent should have removed the previous versions automatically but for some reason failed to do so. It appears the Cloud Agent was the only one running but the old folders and files were there from the previous versions and was screwing things up.

    I uninstalled all Malwarebytes using Add or Remove Programs / Programs and Features / appwiz.cpl, only version 3 and Cloud Agent were available to uninstall, then manually deleted all folders with "Malwarebytes", "MBAM" or "MB3" in the Program Files, Program Files (x86), and Program Data folders. Reinstalled the Agent. Scans now work as expected.


  2. Hi guys,

    I'm just working on your cloud system and some files popped up last night that were flagged as malware and quarantined. That's fine, but I would like to take the MD5 or SHA256 hash of these files and put it into the likes of virustotal.com to see if it is a false positive, which I suspect they are. At the moment I can't see any details about the quarantined files other than a Detection ID and Scan ID, which seems meaningless to anyone outside of Malwarebytes. My only option seems to be to release the quarantined files and then upload them manually to virustotal from the end user's computer, which seems extremely risky.


  3. Going by the failure log and comparing it to the scan log of the individual machines, it seems to be intermittent and usually runs the next time it is scanned.

    I wonder if the computers are simply being turned off during the scan and the console is reporting that as "machine.command.failed"?

    Maybe the error message is just not very helpful / self-evident?


  4. No, different companies, different domains. We have PDQ Deploy in some of our bigger client's premises. I have remote access to all of the computers, it's just a pain as there are quite a few. Just doing an audit, it's not as bad as I thought as some have the same error multiple times; it's 10 computers in 6 different companies.


  5. Hi guys,

    At the moment when I do a scan on a computer using the cloud console I'm getting emails like the one below. It's not every scan, maybe 1 in 30, but it's still significant since we have several hundred end points. Re-running the scan gives the same error message (below).

    Any idea as to how I can get them to work properly?

    Quote

     

    Based on your preferences, you are being notified that a new event has occurred on your account:


    Endpoint Name: COMPUTERNAME.DOMAINNAME.DOMAINNAME
    Source: managed.machines
    Severity: warning
    Type: machine.command.failed
    Details: command.threat.scan

     

     


  6. Hi guys,

    We use SolarWind's MSP for central management of computers, which uses Bitdefender as the antivirus. We also use Malwarebytes Endpoint Agent (Cloud).

    Recently we have found that if we install Malwarebytes before we install Bitdefender then Bitdefender won't install through the central console, stating that "the system is incompatible". Removal of Malwarebytes then allows the install of Bitdefender. We get no alerts from the Malwarebytes Agent that it is blocking the install.

    We build bespoke business computers so mass production via installation images isn't practical for us. Please get the developers to look at this incompatibility as it dramatically slows down our production of new computers.

     


  7. Hi guys,

    We are seeing six machines with the dropbox blocked message on 255.255.255.255.

    For now we will uninstall Dropbox as it is annoying the end users but what can be done for them to resolve this?

    We are using the Malwarebytes Endpoint Protection cloud system. I have pushed an updated ("check for protection updates") and run a scan+quarantine, nothing has changed.


  8. Hi guys,

    We are seeing six machines with the dropbox blocked message on 255.255.255.255.

    For now we will uninstall Dropbox as it is annoying the end users but what can be done for them to resolve this?

    We are using the Malwarebytes Endpoint Protection cloud system. I have pushed an updated ("check for protection updates") and run a scan+quarantine, nothing has changed.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.