Jump to content

Recommended Posts

I'm having the same kind of problem described here, but don't have the option of disabling the Access Protection module to install.

 

This is going to come up more and more as organizations move to a BYOD environment.  I have my personal device, and am able to remote into my orgs environment, as long as I accept an install of their VSE 8.8 managed by ePO.  The ePO settings cannot be changed, because they are managed by the organization.  However, I'm a personal user and want MBAM for my own personal uses (not needed for the organization).

 

The answer to this original issue seems to be to add exclusions to VSE 8.8.  However, in a scenario like mine with BYOD that requires a managed-VSE instance, the personal user cannot do this - preventing an MBAM install.

 

The rule that is preventing MBAM install for me is VSE's rule to prevent Windows file spoofing.  MBAM tries to install a svchost.exe file (why?), which is detected as a spoof attempt.  Is that svchost.exe from MBAM really necessary?

 

This leaves users in a hard spot when they are in a BYOD situation but actually joining temporarily to a remote org imposes extra restrictions.

 

Thanks

Link to post
Share on other sites

I'm having the same kind of problem described here, but don't have the option of disabling the Access Protection module to install.  This is still a personal use situation, not a business support issue, since I'm in a BYOD environment and am on my personal device primarily used for personal purposes.


 


This is going to come up more and more as organizations move to a BYOD environment.  I have my personal device, and am able to remote into my orgs environment, as long as I accept an install of their VSE 8.8 managed by ePO.  The ePO settings cannot be changed, because they are managed by the organization.  However, I'm a personal user and want MBAM for my own personal uses (not needed for the organization).


 


The answer to this original issue seems to be to add exclusions to VSE 8.8.  However, in a scenario like mine with BYOD that requires a managed-VSE instance, the personal user cannot do this - preventing an MBAM install.


 


The rule that is preventing MBAM install for me is VSE's rule to prevent Windows file spoofing.  MBAM tries to install a svchost.exe file (why?), which is detected as a spoof attempt.  Is that svchost.exe from MBAM really necessary?


 


This leaves users in a hard spot when they are in a BYOD situation but actually joining temporarily to a remote org imposes extra restrictions.


 


Thanks


Link to post
Share on other sites

  • 1 month later...

Greetings,

I apologize that you did not receive a reply sooner. The file in question is a part of Malwarebytes Chameleon. It is to be used in scenarios where Malwarebytes Anti-Malware cannot run due to being blocked by an active infection as using known Windows system file names (among others) can often work to get security tools like Malwarebytes running when they would normally be prevented from doing so by an active threat.

As for how to bypass the McAfee protection to allow Malwarebytes Anti-Malware to install, the best advice I can offer would be to seek the assistance of you IT staff that handles deployment and management of your enterprise antivirus solution and explain to them that you use Malwarebytes as an additional layer of protection and request that they make an allowance for it in the rules/policy on your system so that you can get it installed alongside McAfee.

I hope that was helpful and again, I apologize that it took so long to get a response.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.