Jump to content

Jcolagrossi

Honorary Members
  • Posts

    59
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

4,669 profile views
  1. While there are loads of ways to get infected, I believe our anti-exploit tool can help protect your browsers from java script exploit based delivery of malware. Have you played with MBAE as of yet? You can check it out and even pull down a trial of it from here https://www.malwarebytes.org/antiexploit/
  2. Hi Eric, Apologies for the delay, I'm just starting to warm up to frequenting the forums more often. There really isn't another way to log where the connection came from as we do not have any forensics in the program as of yet as we are focused more on detection and remediation at this time. I'm not sure what would be a better solution for gaining more details on the connection, though you may consider to ask our business success team for more possible information.
  3. Hello DomainController Welcome to the forums! The first thing I would want to mention for this issue would be related to the communications check in time that is configured in the policy. The status of the machine will not update until the time interval has come and gone from the point that the pc has turned on. Outside of that, the next thing we would want to check is some logs on the endpoint which we may want to involve the business support team in.
  4. Hi ManoloUD, We should be able to disable the notifications under the Settings tab, General Settings. We can disable the notifications from here!
  5. Hi Eric, With the ip protection enabled on the server their wont be a way to identify the culprit trying to reach out if all traffic is filtered through that server machine. Any traffic that is deemed malicious will be stopped on the machine that the network traffic originated from. I did a quick lookup on Virustotal, the ip is hosted in china it seems. https://www.virustotal.com/en/ip-address/122.228.198.140/information/ If you really want to find out which host machine is trying to access that ip, you could disable the protection on the server machine, let the host machine touch it, then you will see which machine is the culprit in the client view of the console. But I would highly recommend against it as it sounds like it is a production server.
  6. Cool thing is to know that just about all AV's will work with Malwarebytes. Aren't any conflicts to my knowledge with any!
  7. Hey guys! I'm glad to see these got sorted out! Let me know if I can get you in touch with the support team if issues like this arise again!
  8. Only a little ashamed to admit I would do this all the time in college. I must have found at least 6 during my college career.
  9. Hey Doveletchan, I don;t know if you sought help anywhere else on this issue yet. But this is likely due to the default treatment for PUPS. it is set to detect and show those items but not to remove them. We can change this treatment in the policy setting under scanner tab, modify the setting for PUP detection's from "Show in results list and do not check for removal" to "Show in results and check for removal" Once this policy is updated on the endpoints, the next scan should be able to remove these items! Let me know if this helps or if you have any other issues.
  10. Hi Westur999! My first thought is if you are using the default check in time on the policy? The default setting is for the clients to check into the server every 5 seconds. There is an option to modify this in the policy settings under the communication tab. Also, if may help to break up your clients into multiple groups and different policies with different check in times to help reduce the chances of all the machines from checking in at the same time, save a bit of bandwidth there too. Let us know if this helps. If the issue still remains I can help you get in touch with our success team and get closer assistance!
  11. Hi djarvis! Is the error similar to the one in the post you linked? Are you trying to access the reports from the system the management server is installed on?
  12. Hi Bumskull, I would first check if the MeeClientService is active on these machines, if possible could you create a ticket with our business support team? They will likely want to collect logs and information that is a bit more verbose for posting here on the forum; https://www.malwarebytes.org/support/business/
  13. Hi Matt! The all inclusive package would be our Endpoint Security package that includes both Anti-malware and Anti-exploit with the management console. You'll have access to both the standalone products as well as use of the standalone versions too! I could get one of our sales associates to get in touch with you to try and have a conversation and see what solutions could work out for us! If you could fill out this information form, one of our guys or gals can reach out to you soon with a call https://www.malwarebytes.org/business/licensing/
  14. Hello! It is possible to configure a dmz setup, basically if the clients can communicate with the server, they can be managed! The client uses port 18457 to communicate to the server. Alternatively, you could create a policy where the remote endpoints can update on their own by reaching out over the internet instead of reaching to the server for db updates. This would provide the confidence to know those machines are always staying up to date on their own when they are not connected. The next time they connect via vpn or other connection, they would shoot up their logs and pull down any policy changes from the server. I hope this information helps!
  15. Hi Ireman, Currently there are no other configurations that will allow for the reports to display properly from the console hosted on the server.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.