The Tamper protection policy option in Malwarebytes Nebula protects endpoints by limiting end user ability to uninstall Malwarebytes. It also prevents malicious threats from stopping, modifying, or deleting Malwarebytes.
Tamper protection settings
To find and toggle these options in the Nebula console:
- On the left navigation menu, go to Configure > Policies.
- Click New or select an existing policy.
- Select the Tamper protection tab.
Options in this section are as follows:
Uninstall Protection: Stops all endpoint users from uninstalling Malwarebytes agent software or stopping the Malwarebytes Service by requiring a separate password. This is enabled by default for all new and cloned policies, users who attempt to uninstall the endpoint agent cannot proceed without this password. This is enabled by default.
- Click the show password icon to view the current password.
- Click the copy icon to copy the current password when shown.
- Click Change password to modify the current password.
Service and Process Protection (Windows only): Prevents malware from stopping, modifying, or deleting the following Windows services:
- Malwarebytes Endpoint Agent: Handles the communication between Nebula and the endpoint. Protected on Windows 10 Build 1703 and above.
- Malwarebytes Service: Protection component of Malwarebytes that blocks and removes threats. Protected on Windows 7 and above.
- Endpoint Protection or Endpoint Detection and Response are required to use both features.
- Both features do not support Windows XP endpoints.
Return to the Malwarebytes Nebula Administrator Guide.