-
Posts
219 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by KDawg
-
Avira free found Trojan JS but Endpoint Protection No !!!
KDawg replied to Scolette's topic in Malwarebytes Nebula
This is a non Executable file type which we do not detect. I have discussed this issue with our research team has added the run file to now be detected. Additionally if Anti-Exploit was enabled on the machine it would have prevented this at execution. -
Avira free found Trojan JS but Endpoint Protection No !!!
KDawg replied to Scolette's topic in Malwarebytes Nebula
I have brought this to the attention of our research team and we can expect more information shortly -
I generally recommend uninstalling from Add/Remove programs Only if that fails do I recommend the clean tool https://downloads.malwarebytes.com/file/mb_clean Endpoints should now all be correctly showing online Please submit a ticket if you still have online endpoints incorrectly showing off for more direct assistance
-
As well just wanted to clarify, please ensure that these policy changes include the Incident Response module being enabled for Mac endpoints. This will be required for scan command to be successful.
-
Hello, Thank you for the report. This was a false positive that we had on address 255.255.255.255. We have currently fixed this in the latest database. To make sure your clients are on the latest database, please follow these steps: 1. Log into the cloud console and navigate to the endpoints tab. 2. From there, select all the endpoints affected and click on the 'actions' button in the upper right. 3. Select the 'check for protection updates' button and your clients will reach out to our servers to get the latest update. We do apologize for the inconvenience with this block. If you continue to run into issues, please reply back to this e-mail. Many Thanks,
-
In the endpoint tab of your Cloud Console Check the boxes next to machines you wish to update Click the Actions button at the top and select "Check for Protection Updates" Many Thanks,
-
This block has been removed! Please ensure you are on the latest DB version and the block should now be resolved As well an exclusions should work immediately
-
MBAMSERVICE.LOG file being written to constantly at 10MB/s
KDawg replied to IT_Guy's topic in Malwarebytes Nebula
Can you please ensure that your have the self protection module disabled no the policy for these affected machines? Let me know if the issue persists with this option switched to Off Many Thanks -
Average Cisco guy, can you take a look at the policy for the affected endpoints please let me know if the Self Protection module is enabled on these problem endpoints? As well with this option disabled are we able to get the client machines running smoothing
-
Endpoint Agent and .NET system prerequisites installer Setup Fails
KDawg replied to JoeDiaz's topic in Malwarebytes Nebula
Can you please ensure you are right click and running this as administrator? -
Did Mbam 3.0 Forum disappear?
KDawg replied to glitchyrichy's topic in Malwarebytes for Windows Support Forum
Our apologies, this should be available to everyone once again, not sure what happened but the forum team got this back up right away -
There is no EP for Mac at this time. EP and IR are a one or the other, for windows enabling one with turn off the other. In this case you had IR off and nothing on the affected policy.
-
Its being deleted each time. However it appears to be possibly self replicating. With Potentially Unwanted Programs in particular, we see this often if someone has an Ask toolbar or something of the like, legitimately in there extensions, if chrome/IE sees this got removed it will automatically reinstall again. Please check the browser add on's and extensions on the for affected endpoint. PM the notification of alert log and I can give a little more specific info. Many Thanks
-
Incident Response is the traditional functionality of Malwarebytes where you can run scans to find and remediate threats on an endpoint with manual and scheduled scans. Endpoint Protection is currently only available for windows, and includes the Real-Time scanners which actively search the loaded windows profiles to find threats as they happen in real time. Glad to hear we got this functioning properly
-
-
Are they showing up as green in your console? And scans you manually run by checking the machines and selecting scan + quarantine ? I will get those to our mac team now, thanks for collecting
-
My apologies the endpoint agent folder is the correct one should have the same logs file in it if you can zip and upload
-
Tony can you please collect the following? /Library/Application Support/Malwarebytes/NebulaAgent/Logs Into a zip files for analysis with our mac devs Please upload referencing the email you use on the forums: https://www.malwarebytes.com/support/business/businessfileupload/ Many Thanks,
-
waiting for deployment resources: second day
KDawg replied to thunderace's topic in Malwarebytes Nebula
This should now be resolved after I refreshed those installers, please let me know if you still see any messages in your installers under Endpoints > Add Many Thanks -
waiting for deployment resources: second day
KDawg replied to thunderace's topic in Malwarebytes Nebula
Can you please send me the email you log into your cloud account with so I can get these reset for you -
Thanks for the update Miekie If with the latest definitions update on the endpoint (check that here https://data-cdn.mbamupdates.com/v1/database/rules/version.chk ) your block is still persisting Please upload us a sample of the exe file in question being blocked to: Please upload referencing the case#000000 to our file site below: https://www.malwarebytes.com/support/business/businessfileupload/ PLEASE PM ME with your email once this is done Again the Trojan.FakePDF has been fixed so please ensure if you are getting that one in particular that you are on the latest database Many Thanks
-
Some AD computer objects not showing up in MMC
KDawg replied to Luis_Chavez's topic in Malwarebytes Management Console
Luis, If you can please remove and re-add the domain query sync account this should update the current AD changes. You can do this on the Admin > Other setting tab of your console Please let me know if these do not update with a re-add of the ad query account -
Appears legitimate to me. If you have a concern over any specific files please upload in a password protected zip folder for review https://www.malwarebytes.com/support/business/businessfileupload/
-
The installer may have a slightly older version which should then try and update itself once checked back in. Can you please double check this has not yet upgraded. As well let me know the hostname (PM me) I can pull some logs and see if there is any issue getting that update.