Jump to content

paulderdash

Honorary Members
  • Posts

    58
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

1,285 profile views
  1. That Agomo key does exist now, but it's not detected, so the previous one was bad but the new one is OK.
  2. Scanned again and now it's not detected, so cleanup was good. Seems to be picked up during memory scan. Well done MB3. Thanks Ms Moes.
  3. I did have CCleaner 5.33 installed, but x64 version so I do not believe I was compromised. These keys seem to be due to CCleaner Cloud. I presume I did have the compromised version of that, but it has been auto-updated to clean version. If I quarantine these keys, after a restart I have to login to CCleaner Cloud account again and looks like keys are recreated. I will run scan again to see if it gets picked up again.
  4. Actually it may have been a temporary problem. Seems to be working now, but very slow!
  5. Updated two machines to 3.2.2.2029 using Ninite updater. Everything is working but when I try and access 'My Account' I get this pop-up on both machines: Unable to contact license server. Check your network settings or contact your system administrator for help. I have previously had a similar problem (below) but now I am getting this on both machines, different software. Is the license server down, or is there a simple solution.
  6. I have Windows x64 and (now) CCleaner 5.34 - and up-to-date CCleaner Cloud(!) - and do not have the HKLM/SOFTWARE/Piriform/Agomo key. But MB3 scan now picks up the following threats: Registry Key: 1 Trojan.Floxif.Trace, HKLM\SOFTWARE\WOW6432NODE\PIRIFORM\AGOMO Registry Value: 1 Trojan.Floxif.Trace, HKLM\SOFTWARE\WOW6432NODE\PIRIFORM\AGOMO|TCID But these appear to be related to CCleaner Cloud (previously Agomo) account, because after quarantining these, I had to re-sign in to my account, so I suspect these may be FPs. MB3.txt
  7. I had to remove the certificate added by RansomOff and now all is back to normal. It 'remembered' my license but I did lose my settings because it reverted to 'free' mode. Here were my instructions from RO, in case it helps anyone else: Anyway, here are the steps that should get MB3 back running. First please shutdown MB3. Then we need to remove the certificate that RO installed. To that to you need to open the certificate snap-in. First open a Run dialog (Windows Key + R) and type mmc.exe. It will need to run with admin privileges. When that opens click File and then Add/Remove Snap-in. You'll see a list of snap-ins that you can add on the left side. You want to add the Certificates snap-in but we'll do it twice. The first time you add it, make sure the 'My User Account' radio button is checked. Then click 'Finished.' Add the certificates snap-in again but this time check the 'Computer Account' radio button and click 'Next' and then 'Finish.' Once the snap-ins are added click 'Ok' and then the MMC main window will load two certificate instances on the left side. Expand both trees and you should see a sub folder called 'Intermediate Certificate Authorities.' Expand that and you'll see two sub-folders. We just care about the 'Certificates' sub-folder. In each folder, locate the certificate named 'DigiCert High Assurance EV Root CA' under the 'Issued To' column. You just need to right click on that certificate and click 'Delete.' The certificate may only be present in one sub-folder but just check both to make sure. Once you delete the instances of the certificate you can close MMC. Next we need to clear the SSL cache. Open Internet Explorer and go to the Internet Options. You can also get to these options from the Control Panel. Click the 'Content' tab at the top of the options window and then you'll see a button that says 'Clear SSL state.' Click that and it should say the SSL cache was cleared. We also re-installed MB3 overtop of the existing installation but we aren't sure if that really makes a difference. Once you restart, verify that MB3 does not throw an error. If it does, obviously let us know.
  8. More info from the RansomOff devs: Well not only MB3 but any other program that uses SSL with a DigiCert certificate may also be impacted. Haven't run into any others yet but they are probably out there. After digging deeper, it's not even a RO and MB3 thing really. RansomOff adds certificates to the Windows certificate store which generally isn't a big deal. MB3 uses some third-party SSL library which relies on internal Windows functions to perform the secure network communications so the SSL piece is outside of MB3's control essentially. That's all pretty standard as well. So it's either the library or even deeper in Windows that does not seem to be handling this condition which honestly, we aren't sure exactly what condition that may be. Just that a DigiCert certificate is causing problems when validating a DigiCert SSL chain. Strange! Fortunately the fix appears to be almost as simple as just deleting the certificate that RO added. We just need to run through it a little bit more to make sure but we'll let you know once we are.
  9. No need to investigate further. I have discovered the reason for this problem. I have another program installed called RansomOff (yes, MB3 ransomware protection was off, in fact only exploit protection was enabled). From the devs of RansomOff: We figured out it was a conflict with the certificates that RansomOff adds during installation and the certificate chain MB uses in it's SSL communications. We both use DigiCert for our cert CA but for some reason, they are conflicting. We will work on fix for you to get MB3 working again and add this fix to our upcoming release.
  10. Log files attached.I would add that with respect to 'Check your network settings', I have no issues with this in any other respect - only wrt contacting the MB license server. mbamservice.zip FRST.txt Addition.txt MB-CheckResult.txt
  11. And I have now been reverted to the free edition. Have I lost all my seetings i.e. anti-exploit custom ssettings?
  12. Hi I have a lifetime license but after updating to 3.1.1.1722 beta, I keep getting the following: 'Unable to contact license server. Check your network settings or contact your system administrator for help'. and 'SSL validation error There was a problem validating SSL certificates. Please launch IE once and try the operation again'. I tried a clean install. Same problem. Also reverting to 3.1.0.1716. Same problem. Do i need to send you logs as per:
  13. I can confirm after an uninstall, reboot, mb-clean, reboot, install I can again toggle self-protection. I think this bug was introduced with CU3. All other settings were unaffected. I could toggle them.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.