Rsullinger

Staff
  • Content count

    458
  • Joined

  • Last visited

About Rsullinger

  • Rank
    Staff

Recent Profile Visitors

4,976 profile views
  1. Hey TeamHorner, So it looks like this may be due to anti-exploit updating. I want to have you try a couple of things. 1. On the client, can you try restarting the Meeclientservice and see if it shows the correct version in console? 2. If that does not work, please try rebooting the client and see if that fixes it. I want to say that 2 will definitely work but I want to confirm to see if my suspicions are correct.
  2. Hello TeamHorner and welcome to the forums! I want to have you collect me some client logs so I can see why it is not sending the status of mbae correctly to the console. To do this: -Locate the this folder on the client computer: C:\Program Files (x86)\Malwarebytes' Managed Client -In this folder, right click the 'CollectClientLog.exe' utility and run it as admin. -Save these logs to the desktop of the computer. -Zip up this folder and attach it to the next reply.
  3. Hey Fedup, The actual service name is MbaeSvc like you were seeing, but the display name is Malwarebytes anti-exploit service. So seeing either is generally fine. Generally you should see mbaesvc in the services menu of task manager and you should only see the display name in the actual services menu. Let me know if after a reboot that happens again. The service should start every time the computer is started so if it is not, we can look into that.
  4. Hey Fedup, There is a couple of ways. First way is to check the tray in the bottom right to see if you see the orange shield. You can also open the up the services menu by pressing windows +R on the keyboard and typing in services.msc. You can then scroll through the list and see if malwarebytes anti-exploit service is started. As for the build, there is a newer version then that so it could be having update issues. You can find the build here ( i would recommend un-installing, rebooting, and installing it): https://malwarebytes.box.com/s/9v3b9lw11xk3ghh5hsa1gacnaqhpohro
  5. Hey CliffS, Glad to hear it! Let us know if you run into any issues past your initial testing
  6. Hello Pcleary, Thank you for the logs. In office, do you have any plug-ins or add-ins that are not int he defaults from it. If possible, can you take a screenshot of the addons so I can confirm a few things. We can disable something in the advanced setting to fix this, but I want to confirm what is causing this first to see if it is a known conflict.
  7. Hello Everyone, Here is the latest standalone beta of anti-exploit 1.10: https://malwarebytes.box.com/s/xhbp0e8xyj4iom093gdtwyervxva0zxh New Features: Added Dynamic Hooking Feature to manage conflicts Opened up Premium shields to Free users as part of MBAE Beta Opened up addition of custom shields feature to Free users as part of MBAE Beta Fixes: Fixed dll uninjection issues resulting in ghost process Fixed dll uninjection issues with chrome extensions Fixed false positive with FLTLDR.exe Fixed false positive with QTTabBar plugin in Opera
  8. Hey Ivan, I do apologize for the delay. If that is the case with the logging, then it may be best just to collect these two logs since that tool gathers a lot more: C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.log So the mbae-default log is an encrypted log that only has information about mbae and just gives me more information on the alerts. The mbam service log has all the products communication to that log. It doesn't pull any user information and just pertains to scans, blocks, or communication to our services. Also, while it is possible to install it side by side, both of them use some of the same dll's so it is not recommended to run anti-exploit side by side. For the question in your second post about sandboxing, is that setting on the win7 side? I will have to check with our team if that will make a difference but I want to clarify if you are just asking about turning it on or not.
  9. Hello, Just to confirm, on next reboot when it occurs again, when you go to that same setting is it checked again or not? I just want to confirm. If it is not checked and you are still having the issue, is it generating an alert? If so, I will need the logs collected to troubleshoot further. All you have to do is run this tool https://downloads.malwarebytes.org/file/mb3_check and collect the zip file that is on the desktop.
  10. Hello MaryAnn, I want to have you collect all of the logs the program creates so I can look into this further. All you have to do is run this tool https://downloads.malwarebytes.org/file/mb3_check and collect the zip file that is on the desktop. Go ahead and attach that and I will look into this issue further for you!
  11. Hey Fedup, Sorry for the delay. I was getting the logs looked at. It looks like one of the service is not launching correctly. This may have something to do with the creator update interfering with it but I cannot be sure 100%. It may be best, in this case, to re-install the latest version as that will re-install the service and driver so the product can run correctly again.
  12. Hello SecGuru, I am sorry to hear that the EPP client missed that. If the machine is still up, I want to have you collect the endpoint security logs for our team so I can take that (with the file you provided) to them to get tested and fixed. The easiest way to get these logs is to run a command into CMD: C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEA.exe –diag You may need to go to the actual directory to run it so these can help: cd C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEa.exe -diag This will create a zip on the desktop called MBDiagnostics.
  13. Hello Fedup, Do you mind collecting the logs from this forum post for me: Thank you,
  14. Hey Ivan, No problem. If you have any other questions let me know!
  15. Hey Ivan, Page 14 of this admin guide here: https://www.malwarebytes.com/pdf/guides/MBAEBGuide.pdf?d=2017-07-12-11-42-29--0700 goes into it a bit on what each of the settings do. However, they are a bit technical and wouldn't answer most questions more then anything. However, the images from that guide is what the business have checked compared to the one in MB3. The main changes are to the final 2 tabs that involved the application behavior protection and java protection. Some of those settings are changed since business environments have a lot more java management programs that are not malicious.