Jump to content

AlexLeadingEdge

Honorary Members
  • Posts

    155
  • Joined

  • Last visited

Everything posted by AlexLeadingEdge

  1. One would hope that business customers would get priority as it may affect multiple clients at the same time. Also we use Nebula, and perhaps soon OneView, while home users use Premium, but I'm not sure how much diffence there is between them in regards to the scanning systems.
  2. Ah, sorry! I looked under Business Support and didn't see a section for False Positives.
  3. Given this file is on the H Drive it is probably a very old system file, but interesting that the AI thinks it is a threat, perhaps it has been interfered with? Is there a way to get the MD5 hash, so I can plug it into VirusTotal to see what other vendors think of it? Name: Malware.AI.1431233598 Category: Malware Type: File Location: H:\Windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_10.2.9200.16521_none_7b14ed51c173bb6d\mshta.exe Detection ID: 1b07a5ae-3558-11eb-bee3-7085c277369f Endpoint: REDACTED Scanned At: 03/12/2020 7:01:01 PM Quarantined At: 04/12/2020 12:15:25 AM Reported At: 04/12/2020 9:17:01 AM Scan ID: 839fb3d2-672d-47e1-8d8d-db142bf7871d
  4. That is the customer portal, the URL I provided is for contractors.
  5. Beakon. I called their beakon.com.au website phone number.
  6. Hi guys, Malwarebytes is incorrectly blocking the following website: au.beakon.io/dhl Beakon is the official DHL provider in Australia. I gave them a call and their tech department confirmed that this address is correct.
  7. Malwarebytes Support officially confirmed that this is a false positive.
  8. Woops, sorry, that first link should be to this: https://www.virustotal.com/gui/file/7e32b9948fe3d9c99b34c2a8a6b85a160891c909b7358e2d621f1a40469ee6ea/detection
  9. Same problem here, 43 machines all saying the same: Trojan.FakeMS File Malware Quarantined C:\WINDOWS.OLD\WINDOWS\SYSWOW64\CACLS.EXE Trojan.FakeMS File Malware Quarantined C:\WINDOWS.OLD\WINDOWS\WINSXS\WOW64_MICROSOFT-WINDOWS-ACLUIFILEFOLDERCOMTOOL_31BF3856AD364E35_10.0.18362.1_NONE_35013EF5B6D4FE26\CACLS.EXE https://www.virustotal.com/gui/file/ac9535dfd7bb58fbb48aee69d5cab6cdd7b32dc92c3ca78b4e345607279507f2/detection https://www.virustotal.com/gui/file/7e32b9948fe3d9c99b34c2a8a6b85a160891c909b7358e2d621f1a40469ee6ea/detection A lot of our machines have just gone from Windows 10 v1909 to Windows 10 v2004. I unquarantined the two files on one of our older spare computers and ran a MD5 hash check on VirusTotal.com and it says they are clean, but noted that one person a year ago flagged it as suspicious. Reading the person's comments who flagged this seems to convinced that Microsoft is spying on him and also flagged other important OS files such as DISM.EXE. I am fairly convinced this is a false positive, but I get someone from Malwarebytes confirm that this is the case?
  10. Hi guys, Malwarebytes is quarantining Free File Sync, including the Donation Edition which removes all the ads, so we attempted to add the MD5 Hash to Malwarebytes Cloud / Nebula but it doesn't seem to replicate through and stop Malwarebytes from quarantining our install file. In the new Exclusions window the Exploit Protection option is ticked, but Malware Protection, Ransomware Protection and Website Protection is grayed out as options to select. I'm wondering if this file comes under Malware Protection and therefore doesn't automatically stop the blocking of the file?
  11. Hi guys, We have been asked by our Malwarebytes supplier to test and evaluate Malwarebytes OneView. Is there a way to migrate Malwarebytes installs from Nebula to OneView?
  12. Hi guys, When I do a scan it I get emails saying "machine.command.failed". I've asked about this problem before and I was told that this meant the machine went offline, but I have computers that are on 24/7 and they're still doing it so I'm not convinced. Is there a better explaination for this? How do I fix it? Also, is there a way to silently uninstall and reinstall Malwarebytes Endpoint Protection that I can do via command line? I have remote management software so I can add or remove programs if I have the installer or uninstaller switches.
  13. Hi guys, Just saw this on one of our workstations, how do I know if this is not a false positive? Name Type Category Status Path Spyware.Agent File Malware Quarantined C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\UPDATER\ADOBEUPDATER.EXE Spyware.Agent Reg, Value Malware Quarantined HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\UPDATER\ADOBEUPDATER.EXE
  14. Same here. The amount of craplets that come pre-installed is getting excessive, especially with notebooks.
  15. *Sigh. And I can't edit my posts here. I have deleted all the files in the TEMP folder and it seems to have stopped popping up.
  16. Was two servers, one workstation, now one server, one workstation. Now my issue is that I can't get Malwarebytes Support Tool to stop popping up every time someone logs into the Terminal Server. Sign.
  17. They have had the same licence since October 2016. It was sold directly to the client, they asked for a version that would run on Small Business Server 2008, as this was their server at the time (now Server 2012R2 for the Terminal Server and 2016 for the Domain Server). As far as I know Malwarebytes Premium was the only paid-for version available at that time.
  18. I have installed the Malwarebytes Cloud Console version and it works fine. I was hoping to avoid this as the client already owns a 3-pack licence of Malwarebytes Premium, so now they're effectively paying twice for the same thing (and I think they've only just renewed their yearly licence). Unfortunately New Zealand and Australia are undergoing a major cyber attack so we have had to get this back up and running ASAP, rather than wait until the end of the month for the fix.
  19. Hi tetonbob, Thanks for your quick reply. This server is a terminal server and has no wireless devices, hence why the server role hasn't been added. How long until this issue is repaired? A rough estimate is fine. I would rather not add overhead by adding services that are not necessary. Will Malwarebytes Premium update automatically if the service is running in the background, even if the tray is not able to start?
  20. Hi guys, Logging into a Windows Server 2012R2 I am greeted with an error message saying the Malwarebytes Tray has crashed: mbam.exe System Error The program can't start because wlanapi.dll is missing from your computer. Try reinstalling the program to fix this problem. The services are still running, but I can't access the Malwarebytes Tray. Reinstalling Malwarebytes doesn't fix the error. The only patches that have installed recenty were install three days ago, and are listed here: KB4556401 KB4484384 KB4556846 KB890830 Any ideas as to why Malwarebytes has stopped working?
  21. Hi guys, We have accountants here in New Zealand pulling their hair out because Malwarebytes has quarantined the latest update of MYOB Accountants Office (ao.exe) as Ransomeware, as well as links to that file. What is doubly annoying is that when I unquarantine it Malwarebytes says it has completed, but the ao.exe file doesn't return.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.