Kalrand

Are you on the latest Add-in, 3.0.4?

My two cents are the add-in really is something. Wouldn't have thought so much could be done in Excel.

That or possibly something like this, https://docs.microsoft.com/en-us/previous-versions/visualstudio/visual-studio-2010/1zyc39fb(v=vs.100) or https://www.add-in-express.com/creating-addins-blog/2015/02/12/autoupdate-office-addin/. Not even sure if it's on the same page as how the Add-In was built, just something I ran across.

Anyway of adding a check for updates on the Malwarebytes Cloud toolbar to stay up-to-date?

This particular forum is for the Cloud managed endpoints, you might find better answers in the forum for Management Console, https://forums.malwarebytes.com/forum/230-malwarebytes-management-console/. Endpoint Protection is Cloud-based whereas Endpoint Security is On-Premise, took me a bit to realize the difference.

Another vote for the Cloud Excel plugin for data export, works well.

@theyzer Our workstations are on 24/7 as well, minus a scheduled reboot in the morning. The workstation is on however the Agent service doesn't start properly thus the Cloud endpoint shows offline.

We've had a similar or possibly the same issue in the past, if you check the MBEndpointAgent service is it not started on the trouble endpoints? We found this mostly happens with Windows 10 clients. It appears to be related to when the Agent tries to start in the Startup process, it tries and gets chocked out, so what we've done is to change the service start mode to Automatic Delayed Start. Your mileage may vary but since doing this it's cut down our dropouts to maybe 1 or 2 a week, I think some endpoint updates reset the service start mode. Below is the procedure we use, script and deployment method. Let me know if this helps!

Not that I've seen, but that's not definitive by any means. What's odd is it works and then it doesn't which means that something is interfering with it. The other odd point is why are they running manually? If it missed a schedule it would put a crosshair like icon next to the endpoint and wait till it came back online. I'd probably get support involved because some things just don't add up or I'm missing a piece of the puzzle.

Unless @KDawg is already on it, I found this link: https://support.malwarebytes.com/community/business/pages/contact-us

Usually when we get multiple the extension installs multiple pieces on the computer. If you look at the location, are they all the same? If not, delete them like the others. If they are I'd raise this up to support.

If you log into the Malwarebytes Cloud and click on Quarantine is it listed there? If so, click the box on the left to select it then click Delete in the upper right.

Ah, I see. For us it was the Malicious Websites (10 Endpoints) and a one Endpoint with PUPs, which were deleted. Thank you @LeeWei for clearing that up. The notification for Detections Found, would it also include Malicious Websites? If so, anyway to exclude it?

I'm also seeing this and cannot track where these supposed infected endpoints are from the Cloud console and I've pulled down the data using the Excel Add-in but not seeing them there either. Any thoughts, @djacobson or @LeeWei?

I know when the endpoints are off it doesn't produce that type of alert in the Cloud when it misses a schedule, we have about 5 schedules a day (3 asset and 2 scan). Usually when that type of alert comes up for us is when I manually told the endpoint to do something, like check for protection updates or scan and quarantine, and it never reached the endpoint or it kept trying to run the command on the endpoint and it failed/timed out.