Jump to content

Rsullinger

Staff
  • Content count

    530
  • Joined

  • Last visited

2 Followers

About Rsullinger

  • Rank
    Staff

Recent Profile Visitors

5,945 profile views
  1. I am going to send you a PM to collect some debug information for the team so we can get this fixed.
  2. Rsullinger

    MBAE

    Hey everyone, I am going to reach out to you to collect some debug logs on this issue. The development team wants to see how this is triggering. You should see a PM from me with some instructions on how to do this. Thank you, Ron
  3. Hello Everyone, Can you please try the version that is posted here: Want to make sure the newest version is tried to ensure this is not due to a fix we made currently.
  4. Hey Sandy, It will not affect them. The log we write to will overwrite itself after a certain amount of data (this prevents it from being a huge file). It will not affect the user and they will never see it. Just need to make sure that when the alert happens, we collect the logs as it will overwrite if to much time has passed.
  5. Hey Sandy, I want to send you some instructions in a PM to collect me some debug logs. The block looks strange in that it shouldn't be blocking it in that way. We want to see exactly why that is occurring.
  6. Hey MarkTM, I want to have you try a debug build to get me more information. I am going to send you a PM to send it to get that data. Along with this, do you mind getting me a screenshot of the addon's in word or possibly try launching word in safe mode? I want to eliminate the possibility this is caused by an addon.
  7. Hey Slitzinger, I moved this to a new thread as the other one is a bit old and may be outdated for anything right now. I want to confirm what is going on, do you mind collecting the logs from this link: Go ahead and attach it here and I can see why that is happening.
  8. The program will install in the x86 directory that is correct. If it is doing it on numerous machines, then I would like to take a look further into it. I want to see if something in particular is causing this during the upgrade. Can you please collecting the logs from this post and attachthem here: https://forums.malwarebytes.com/topic/191468-readme-first-posts-here-need-to-include-mbae-logs/ Thank you, -Ron
  9. Hey StroTech, That looks like it may have just left behind the un-install entry from the upgrade. If you open up the program and it is showing the correct version there, then it is just something that got left behind for some reason. If you want to clean it up, you can do it manually or run our clean tool to remove everything and install the latest version. If you want to do that, here is the clean tool: https://forums.malwarebytes.org/applications/core/interface/file/attachment.php?id=199258 This is where you can find the latest version of mbae that you have upgraded to: https://malwarebytes.box.com/s/ll8vdfmuc46dkqbk9iuaqp6iik0t0nq4 Let me know if you have any issues!
  10. Hey SBulla, I am going to send you a PM with the link to get it. Normally you can find the latest updated packages (of all the mbes products) from the purchase link that is sent. This one should activate automatically after installed!
  11. Hello Texgal, Can you please collect the logs found here and attach them to this thread: https://forums.malwarebytes.com/topic/191468-readme-first-posts-here-need-to-include-mbae-logs/ I should be able to use those to see what is happening. Thank you!
  12. Hey, sorry for the delay. Here is the link for the latest mbmc: https://support.malwarebytes.com/docs/DOC-1043 In the mean time, see if you can change the setting on the user side (as long as you are an admin you should be able to change it) and see if it works. I would hate to have you go through all of that work for it to not ultimately fix it.
  13. Thank you for the logs! So I reviewed it and it may be due to a setting we have that causes cmd to not be ran if Java calls it. Sometimes infections use this vector so we have that setting to block it on by default. However, you can disable this setting if you know for sure this script is good. To do this, open up the mbae UI on the users machines (or go into the mbae tab in the policy if you are using mbmc) and go to the settings tab. Click on the advanced settings button and go to the java protection tab. Disable that first option for 'prevent web-based java command line' and test to see if it works. If you are pushing it from the console, it may take a bit to be pushed down to the client.
  14. Hey MLAP, Exclusions are usually only done if there is an md5 of the file that can be excluded. I am not 100% sure why that block is occurring so I will need to see the full logs for the product. Do you mind collecting the logs from the instruction here: https://forums.malwarebytes.com/topic/191468-readme-first-posts-here-need-to-include-mbae-logs/ You can send me the data in a PM if you do not wish to post it in the forum.
  15. Rsullinger

    Heap Memory Blocked

    Hey Sheend111, No problem! It may be trying to call something that could have been malicious. If you notice anything else like that, feel free to reach out and I can confirm what is happening!
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.