Jump to content

Search the Community

Showing results for tags 'corporate'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Android Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • False Positives
    • Translator Lounge
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 1 result

  1. In the early morning of Saturday, January 27, 2018, a faulty Web Protection update was released which caused a connection issue for many of our customers. As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash. We triaged the issue quickly and pushed a protection update on Saturday, January 27, 2018 at 10:48a PST. The affected products were Malwarebytes 3 Premium, Malwarebytes Management Console (MBMC), and Malwarebytes Endpoint Protection (aka Malwarebytes Cloud Console). Malwarebytes for Mac, Android, AdwCleaner, Incident Response and Breach Remediation were not and are not affected. For a complete description and root cause analysis please click here. Please note endpoints were not affected if they were turned off before Saturday, Jan 27, 2018 and then were not turned back on until after Saturday, Jan 27, 2018 at 11am PST. For affected endpoints, this thread is intended as recovery guidance. Guidance below applies to corporate customers using the on-premise Malwarebytes Management Console (MBMC) as well as corporate customers using the cloud-based Malwarebytes Endpoint Protection (aka Malwarebytes Cloud Console). If you're a home user and/or Malwarebytes 3 Premium user, click here for details on how to recover your systems. For corporate customers running the on-premise Malwarebytes Management Console (MBMC) In the Malwarebytes Management Console, edit the Policy and disable real-time protection Once real-time is protection is disabled and your clients can communicate, highlight the endpoints on the Client tab and click the Update Database button at the top. This should fix it for most endpoints. If any endpoints fail to get the update, you will have to force an update. This can be done locally on the endpoint or remotely over the network. Locally on the endpoint (logged in to the machine). You can point your endpoint users to do this themselves: Download and execute MBAM Rules Offline Updater Reboot the computer Remotely over the network Make sure your machine is on a non-blocked IP (i.e. 10.x.x.x or 192.x.x.x). Blocked IP ranges are from 128.x.x.x to 191.x.x.x. *NOTE* It is recommended to not use your MBMC server for this task Download the following script and extract it to a folder on your computer Create a file named hostnames.txt in the same folder, adding one IP per line for each of your endpoint IPs. You can export a list of IPs with the faulty update from the Management Console (sort by update version, select affected ones, copy, and paste into notepad). If your internal DNS is not on a blocked IP range, you can feed hostnames.txt with hostnames instead of IPs Edit the script and type in the *LOCAL* admin username and password for endpoints (i.e. NOT the domain admin) in the first 2 lines Run the batch file, which will delete the faulty database file and schedule a reboot in 30 seconds Once all the machines are updated, turn on real-time protection in the Management Console Policy settings. If the Management Server SQL database grows heavily and takes up too much space, feel free to truncate the contents of the TBL_ClientSecurityLog and TBL_ClientSystemLog SQL tables. Detailed instructions can be found in this document. IMPORTANT: this will remove ALL detection history and is irreversible. For corporate customers running the cloud-based Malwarebytes Endpoint Protection (aka Malwarebytes Cloud Console) In the Malwarebytes Cloud Console, go to Settings -> Policy and disable Web Protection and Self-Protection (if enabled). Do this for all the Policies On the Endpoints section, choose "select all" and choose "Check for Protection Updates" from the Actions button. This should fix it for most endpoints. If any endpoints fail to get the protection updates, you will have to force an update. This can be done locally on the endpoint or remotely over the network. Locally on the endpoint (logged in to the machine). You can point your endpoint users to do this themselves: Login to the machine and start a scan by right-clicking on the Malwarebytes traybar icon. This will force an update and fix the issue. Cancel the scan and reboot the machine. This should fix the problem in most cases. If the above doesn't work or the machine is unresponsive, download mbep-fixer.exe to your Desktop. If you want to deploy this over the network using SCCM or other similar platforms, you can use instead use mbep-fixer.msi. Execute mbep-fixer.exe. You will need to execute this as admin. Reboot. Remotely over the network Make sure your machine is on a non-blocked IP (i.e. 10.x.x.x or 192.x.x.x). Blocked IP ranges are from 128.x.x.x to 191.x.x.x. Download the following script and extract it to a folder on your computer Create a file named hostnames.txt in the same folder, adding one IP per line for each of your endpoint IPs If your internal DNS is not on a blocked IP range, you can feed hostnames.txt with hostnames instead of IPs Edit the script and type in the *LOCAL* admin username and password for endpoints (i.e. NOT the domain admin) in the first 2 lines Run the batch file, which will delete the faulty database file and schedule a reboot in 30 seconds Once all machines are updated and connecting correctly, go to the Cloud Console, Settings, Policy, and enable Web Protection and Self-Protection again. If the above guidance does not help and you are a corporate customer, please contact corporate-support@malwarebytes.com for further support.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.