Jump to content

j_french

Honorary Members
  • Posts

    41
  • Joined

  • Last visited

Everything posted by j_french

  1. Hi I used the Malwarebytes add for MS Excel and used the removed duplicates feature. However when I go back to the cloud Nebula console the number of endpoints listed is still the same original number before the duplicates were removed. I found 230 duplication endpoints, and selected to remove those. I log into the Nebula cloud console, and the number of endpoints listed is the same number as before I removed the duplicates.
  2. Hi We noticed on 4\15\2020 that the Malwarebytes Anti-Exploit blocked MS Excel file from being open for a few of our customers. One customer reported that he tried to open up a MS Excel attachment from within MS Outlook, and was not able to do so since a pop up occurred stating Anti Exploit blocked the file from being opened. Malwarebytes Anti Exploit version 1.13.2.164 on 4\15\2020. I have log files that can be analyzed. Thank You Janet
  3. How do I contact support? I would like to get the excel based tool and the schema.
  4. What is difference between Malwarebytes Endpoint Protection to Endpoint Security?
  5. How can I get assistance with the schema that can help with the reports from the SQL data? Can I get assistance with the powershell or schema for the reports?
  6. We have full scans twice a week for the physical systems that run during the evening hours. We have full scans on the weekends for the PVDI systems. Management is wanting to know if the scans are completed by the start of business hours (7:30am) for all of these thousands of systems. Is there a powershell command that could be run to gather this information? How do I know if a system is having an issue with the scan and isn't finishing by morning? How do I determine if the scans are taking too long to complete? How do I determine if all of the systems got a successful scan? Also, is there a way to have the scans scheduled, but stopped if they haven't completed by business working hours (7:30am)?
  7. Hi We are running Malwarebytes Suite: Malwarebytes Anti-Exploit version 1.13.2.127, Malwarebytes managed client 1.9.3671, and Anti Ransomware business 0.9.18.806 Malwarebytes managed console 1.9.0.3671. How do I generate a report on thousands of systems to show when the scans started and when the scans on those systems completed? I need to monitor system scans, to ensure that they are complete prior to 7:30am. Also, is there a way to end the scans if they don't complete in time for the start of the business day at 7:30am? We don't want the scans to run during the business hours. Thank You
  8. Hello, I would like to be able to do a report or somehow capture the metrics of how long full scans are taking on the sytems. Is there a way to capture the scan time information? Also, is there a way to cancel the scans applied to systems if the scans are taking to long to complete? Thank You
  9. Hello We have seen allot of cases where the Anti-Ransomware has been blocking files from running, but is not sending out notifications to the Malwarebytes console. Some software (Ex: SAS) is not fully installing on our systems until we put the exclusions into the Anti-Ransomware.No notifications or pop notifications are received during software installs. We dont see notifications of the files being blocked quarantined within the console. But when we put in the exclusions in the anti-ransomware on the local computer then the software successfully installs.
  10. Hi I'm using Malwarebytes Management Console 1.9.0.3671, Malwarebytes Managed Client 1.9.3671, Malwarebytes Anti-Exploit 1.13.2.125. I would like to add to the ignore list a few network paths of a where an access databases are stored. However, when I put in the network path into the ignore list, it is not accepted the response is "The above ignore item is invalid". Is there a way to add the network path or another option?
  11. Hi I have customers using a PVDI that are still getting the, "The Malware Anti-Exploit service is taking too long to start. Please reboot your computer to restart protection.” Even after a restart the message is still occurring. Thanks, Janet
  12. Customers are still reporting receive a warning block that says: Malwarebytes anti-Exploit has blocked an exploit attempt when trying to open up links. One of the links I tried to go to was The Archives of Pediatrics and Adolescent Medicine published by the American Medical Association. Another was a link to a funding grant for Walk to School. Another customer reports that opening up a hyperlink in word document, document closes without saving and a Malware Bytes Anti-Exploit pop-up. Here are our settings:
  13. I've noticed that in Windows 10 PVDI that I had to double click on the Malwarebytes Anti-Exploit.exe in order to get it appear in the task bar. If I look at the services, the service is started. If I look under program files it is installed. Why doesn't it appear in the task bar with the Malwarebytes Anti-Ransomware and Anti-Malware? Thanks
  14. Hello I've checked the setting "Automatically upgrade to new versions". My computer updated to the newest version without a restart. However I'm still getting reports from VDI and PVDI customers that the message pop up is still occuring. Thank You Janet
  15. Hello Our customers are stating that, "The Malware Anti-Exploit service is taking too long to start. Please reboot your computer to restart protection.” We are running version Malware Anti-Exploit 1.12.2.124 Thank You Janet
  16. Hi, The delay to populate the available printers occurs in all of the MS Office 0365 applications in the Windows 10 1709, 1809 environment. Are there recommended settings or whitelistings for the Malwarebytes anti-ransomware, anti-exploit, anti-malware in the Windows 10 1709, 1809 environment running MS Office 0365? I believe that the VDI team will be installing MS WIndows 10 and then add the applications to determine which application might be causing an issue. Thanks, Janet
  17. Hi In virtual environment (Virtual Desktop Infrastructure (VDI), and Persistent VDI (PVDI) ) there seems to be a 6 second delay when trying to print. When you are in MS Word and select print it is taking an additional 6 seconds for the printer list to appear in order to select a printer. When Malwarebytes (anti malware, anti exploit, anti ransomware) are removed from the VDI or PVDI no delay occurs. When we removed the malwarebytes suite and then select printers, the printer list populates normally without any delays. We are wondering if there are any services that we need to whitelist or allow in the Malware suite of applications for the Windows 10 1709 & 1809 environment with 0365 MS office Suite applications? Thank You Janet
  18. Hi We have a policy to scan both the persistent VDI and physical desktops 2 times a week after business hours at 8pm. However, we had the full scan start in the middle of the day on the PVDI's, even though it was scheduled to start at 8pm. We cant have the scans go during the middle of the business day to interrupt the business process. The policy has been in place for a log time but all of a sudden the full scan was starting to run at 12pm on all PVDI's instead of the scheduled scan time of 8pm on all PVDI and physical desktops. According to the logs: ServiceName MBAMSwissArmy ImagePath C:\Windows\system32\drivers\MBAMSwissArmy.sys ServiceType kernel mode driver StartType demand start A service was installed in the system. Service Name: MBAMSwissArmy Service File Name: C:\Windows\system32\drivers\MBAMSwissArmy.sys Service Type: kernel mode driver Service Start Type: demand start How do we ensure that the scheduled scans run after business hours? What would make the full scan start in the middle of the day on the PVDI's when it is outside of the maintenance window? Is there a way to do a policy just for the PVDI and a subset IP address range? Thanks Janet
  19. I'm not able to get to the url. The url takes me to a log in page. When I search for documents, 1161 doesn't appear. Thanks,
  20. Hi I noticed with the new Malwarebytes update that it now has Anti Ransomware. I noticed that if you right click on the Anti Ransomware it has the option to "stop protection". Is there a way to disable that, so customers can't click on that and disable the application? We would like our customers to not have the option to disable or stop protection of the anti ransomware. I dont see the option in the management console to not have the "stop protection" enabled on the Anti Ransomware. Thanks
  21. Kevin, Our systems currently have: Malwarebytes Managed Client 1.8..0.3443. Installation: C:\Program Files x86\Malwarebytes Anti Malware 1.80.2.1012, Malwarebytes Anti Exploit 1.09.2.1291, Malwarebytes Managed Client 1.8.0.3443. When I run the msi to upgrade the endpoint to version 1.9 I get: Malwarebytes' Managed Client 1.9.3671, Malwarebytes' Managed Client 1.8.0.3443, Malwarebytes Anti Exploit version 1.12.2.124; Malwarebytes Anti Ransomware 0.9.18.806-1.1.185 update package 1.1.185, Malwarebytes Anti Malware 1.80.2.1012. If I uninstall Malwarebytes' Management Client by command in batch file msiexec /x {xxxx} and then do the installation msiexec /i of the 1.9 version the Malwarebytes Managed Client is 1.9.3671; Malwarebytes Anti Exploit version 1.12.2.124; Malwarebytes Anti Ransomware 0.9.18.806-1.1.185 update package 1.1.185, but no anti malware. However no Malwarebytes Anti Malware is installed. The installation looks alright, expect that the endpoint has Malwarebytes' Managed Client 1.9.3671, and Malwarebytes' Managed Client 1.8.0.3443 showing in control panel program and features. Whats the recommended process of updating our endpoints with remote measures to the latest version 1.9? We have update the servers, management consoles, and generated the msi package that we can deploy with SCCM. Do we need to do the cleanup utility first (no restart), and then the 1.9 installation? Does the 1.9 contain all needed files, so that if I did do the cleanup utility first, and then the 1.9 installation that the endpoint would have all needed files? Thank You!
  22. Hi We updated our server and our management consoles to the newest version of Malwarebytes 1.9. I generated an msi to update our endpoints from the server. I put a SCCM applcation together to install the Malwarebytes onto the endpoints. However this msi doesn't replace the existing Malwarebytes 1.8 on the system, but instead installs an additional version 1.9 So, the systems have both 1.8 and 1.9 version. I was just going to do the uninstall of the Malwarebytes 1.8 with the msiexe /x command, and then do the malwarebytes 1.9 msiexe /i command to install the newest version. But I do that hte application doesn't seem to fully install. It seems when the msi gets installed it isn't showing the "M" in the taskbar. Also the C:\Program Files (x86)\Malwarebytes' Anti-Malware\ folder only contains mbabmext.dll file. The anti-ransomware and the anti-exploit seem to be installed successfully, but the anti-malware seems not to be fully installed. What are the recommended steps of updating the endpoints to this newest version through SCCM methods (remote measures)? Does the msi need to be copied locally? Or can I in a script point to the msi on the network server? Thanks :0)
  23. Hi We have updated the Malwarebytes Server and Malwarebytes management console. We generated the msi with all of the standard defaults for the client package. When I ran the clientsetup.msi onto a machine that had Malwarebytes Managed Client v1.8 the installation installed another application the Malwarebytes Managed Client v1.9. I was under the impression that this installation updated and replaced the existing client, so that there wouldn't be 2 versions of Malwarebytes Managed Client. The machine now has both Malwarebytes Managed Client v1.9 and Malwarebytes Managed Client v1.8 installed. Is there an command line switch that we need to use so that when we use SCCM to silently deploy this msi, so that the installation just replaces the current version with the new version on the system? We would like to not have both Malwarebytes Managed Client v1.9 and Malwarebytes Managed Client v1.8 installed on the endpoints. We would like to deploy the msi through an SCCM application to systems that have the version 1.8 running, and just replace that version with this new version. Thank You
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.