LeeWei
-
Posts
35 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by LeeWei
-
Sorry, there must be a bug somewhere. The schedule information is stored in the Windows Registry here: HKEY_CURRENT_USER\Software\Malwarebytes\ExcelAddin\Schedules. - If you want to keep the schedule(s), you can export the hive and send me to debug (lwei @ malwarebytes.com). - If you don't care to keep the schedules, you can delete the entries and you will be able to "View Schedules" again. Former Malwarebytes employee Follow us: Twitter, Become a fan: Facebook
-
Given their large number of IP addresses, I wonder how useful this page is. I am not familiar with your whitelisting process and wonder if SecOps will just laugh us out of the room. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html Note this URL with the large number of IPs: https://ip-ranges.amazonaws.com/ip-ranges.json I wonder if further possible to narrow by service and region.
-
We use Amazon CloudFront as the CDN (Content Delivery Network) and the IP might change. So we don't have static IPs for whitelisting. Is whitelisting an arduous process? You want to try the first IP is resolves to and see how long it might stay the same?
-
No Ricky it is not your mistake. I have been tracking this error for a while now, but not successful. The error has to do with my code not being able to create a Worksheet. First of all, it has nothing to do with Malwarebytes Cloud or API. I don't know what state does Excel get into where it does not allow me to create the worksheet. Restarting Excel, or possibly restarting the computer fixes this.
-
Please feel free to send me any enhancements and requests!
-
@MnM33, We are meant to paste Machine IDs into the panel to move them to a different group, and not computer names. - First use menu Configuration and Options, and check the option "Import and Show ID Properties". - Next use menu Endpoint Computers to import a computers of interest. - You are meant to copy the ID column of the endpoints of interest to the Move Endpoints screen. Sorry that this is a little convoluted. Use either the Console or the Excel Addin for the job depending on which one is easier. The reason for the steps is that when I developed this for a customer, they have a complicated filtering criteria to select hundreds of computers before grabbing the IDs and pasting into the Move Endpoints screen. Please contact me if I can be of help at lwei @ malwarebytes.com.
-
@wep I have confirmed that Excel 2007 does not work correctly because there are APIs I use that is not available in 2007.
-
@wep Thanks for the extra context and information.
-
I have seen this error when there are more rows than Excel can handle. This current Excel versions can handle 1M rows. - What version of Excel are you using - What operation are you doing when you get the error - Would you mind contacting me at lwei @ malwarebytes.com and I would like to find the bug.
-
@Kalrand Thanks for the information, very useful.
-
@Kalrand you are referring to the Excel Addin itself is up to date? That makes so much sense, and maybe I should just pop a message (but not too often as to be annoying) once in a while?
-
Malwarebytes Endpoint Protection Repair Script
LeeWei replied to Taylor9's topic in Malwarebytes Nebula
Very nice and works well for me, thanks @Taylor9 - once I follow your requirements to install ActiveDirectory module and use PowerShell v5. -
@RickyF I have seen this problem but having a hard time trying to duplicate the error. The error is local, and nothing to do with the Malwarebytes server. Basically, the code cannot create a new worksheet. Others have reported it, but then it goes away. I wonder if it has to do with another Excel process running away. Can you please use the Task Manager to double-check. Does the problem go away if you were to reboot the computer?
-
@AndrewPP, I used and benefited from this today, thank you for the great work!
-
@RickyF, there is a change in the API causing the error which I have fixed in version 2.3.1. Sorry about that. Lee Wei
-
@amartilianom, the log files are located here: C:\Users\[user_name]\AppData\Local\Temp\Malwarebytes Excel Addin adregistrator.log is the log file generated during installation. adxloader.log is the log file generated when the Addin is being loaded in Excel You can send to me via private message, and we will look for errors. If think you have already done this, in Excel Menu --> File --> Options screen below, make sure that the Excel Addin is not in the Inactive or Disable lists. Lastly, I have message you with my contact info to help.
-
@wpclau looks like a bug in the code. I determine the available properties (columns) from the first record. So if the first row does not have a "status.last_scanned_at" property, it will miss it. Normally the API returns a NULL value for the property, but in this case, the first row is not returning anything for "last_scanned_at". You can see the data returned by click on "Show API details" button. For a workaround, the list is returned sorted by ascending computer name. So if it is possible to ensure the first row has a value, that will make it work.
-
@wpclau, this should have already been available under importing of Endpoint Data per the screen shot below. Let me know if you are referring to something different.
-
@RickyF, search for the machine name in the "Endpoint Computers" button, NOT "Detection and Threats".
-
A few people have asked for the Excel Addin to support Excel 2010. I have just added that in the new version v2.3.
-
@RickyF if you want just the detection data for one endpoint, you can do the following. - In the "Endpoint Computers" export button, use the search field to find your endpoint. - Following that, any data extracted from the "Detections and Threats" button will be filter for this endpoint only. This way, any charts and summary will also be for this endpoint.
-
@RickyF, hah, I have not targeted (designed...) the reports to highlight one single endpoint, they are most meant for a group of computers. This is why we see Top 10 categories etc. I think the report will be very different, and you can provide all the details of the endpoint including OS details, network, software installed, Windows updates. Basically everything that is available when drilling into a single endpoint. Past that, many have asked for the ability to schedule the reports for delivery. Yes both these will require some work, but I appreciate the feedback.
-
@syarbrough, I forgot to follow-up with you. The new version 2.2 will now report threats and detections only for the endpoints (e.g. group) that you have selected. Thank you for the suggestion and input.
-
If you use the Excel Addin, please consider upgrading to v2.0 that I have just published. https://support.malwarebytes.com/docs/DOC-2672 Other than bug fixes, I have incorporated a lot of features and requests from you guys. One main enhancement is the management of Endpoint Statuses now available in the Cloud console. You can see summary charts of endpoints with the different statuses like Scan Needed, Remediation Required, Reboot Required, etc. A summary report with these data points are included as the primary KPI. And lastly, there is a "Take Status Action" dialog to take the actions in bulk. Also added is a better way of handling and managing groups. You can filter endpoints by a group hierarchy. Per usual, I appreciate bug reports and enhancement requests.
-
@syarbrough I understand and love the idea. I do lament that the detection data does not reconcile with endpoint selection. On my list of enhancements now, thank you!
