[Experimental Build 1.09.1.1225]

Hello,

 

Thank you for the feedback! I will relay that to our team. 

[How to stop MBAE protection so I can test]

Hello Jim,

Just to be certain it is disabled when you hit the stop protection, can you go into the services menu of the computer and stop the Malwarebytes Anti-exploit Service. That service is what controls the protection and as long as that is stopped, the protection cannot start. That is the easiest way to stop MBAE without un-installing it. Also, since you are running the trial, you can go into the UI and disable the IE shield for the program. That will make it so MBAE is still loaded, but we won't protect IE so you can test. 

[Malwarebytes Anti-Exploit]

Hello Robw,

 

If you are having trouble activating the anti-exploit program with the license you were provided, please reach out to me in a PM with the license information and I can verify the status of that license. 

[MBMC]

Hello Preyash,

I want to have you check the managed client service to make sure it is running. The managed client is what facilitates the connection between the clients (anti-malware and anti-exploit) and the server. If you go into the services menu, it will be called 'meeclientservcie'. If it is not running, try starting the service and see if it starts. If that does not communicate, then I would want to see the client logs so I can see why it is not connecting. 

-Locate the this folder on the client computer: C:\Program Files (x86)\Malwarebytes' Managed Client
-In this folder, right click the 'CollectClientLog.exe' utility and run it as admin.
-Save these logs to the desktop of the computer.
-Zip up this folder and attach it to the next reply.
 

Thank you,

 

Ron 

 

[Experimental Build 1.9.1.1208]

Hello Cliff,

 

That is good to hear! Thank you for the confirmation that it has helped the issue you were having. 

[MBMC Update Download]

Hey Jpackard,

That link is no longer being uploaded. Go ahead and use this link instead:

 

https://downloads.malwarebytes.org/file/mbes_for_business

 

This has the MBMC download found under the Managed folder in that zip.

[Malwarebytes Anti-Exploit]

Hello BlackKnight330,

 

I want to have you collect the logs for me so I can see what the program is doing. To do this, collect the logs mentioned in this post:

 

 

[Can't connect]

Hello Urbanspaceman,

 

Do you mind getting a screenshot of the message you are seeing for this? I don't want to make any assumptions on what the error message is until I see it to be sure. 

[Shielded Apps Crash often when exiting w 1.9.1.1156]

Hello Btmp,
 

Thank you for the confirmation! I am glad it fixed the issue for you. 

[Anti-Exploit doesn't Auto-Start since Windows updates]

Hello Bonniebeth,

 

There are some folders and registry entries that are sometimes not removed during a reinstall. Because of that, I want to have you do an uninstall like you did prior, but after you do that I want to have you run the clean tool we have from this post:

 

https://forums.malwarebytes.org/topic/136424-frequently-asked-questions/?page=2#comment-1011766

 

That will go through and clean any entry that is leftover that the normal un-installer didn't catch. Once you do that, re-install with the latest version you were using and activate it with the ID and key you were provided with. 

 

[Azure Active Directory]

Hello Dwardin,

 

Sorry for the delay. I was reaching out to our team to see if we have ever tested this. We have not tested this so I cannot say for sure if it will or will not work. If it has access to a local one it will may work, but without testing I cannot be certain. You are welcome to try and see if it will work with a hybrid setup. I will send this to our team however, to see if we can get this tested with a new build. 

[Console doesn't find some PCs]

Hello Dwardin,

If you can ping the server from the client and vice versa, then it could be a couple of things. 

When you click on the scan button in the client push install tab, there is an option for scan and detect client software. Choose that option. At the bottom, you should also notice that there is two check-boxes. They are wmi and serial IP connection. What I want to have you do is preform 3 tests. 1 test will comprise of you checking both of those options while the others will be of you doing each option checked by themselves. WMI makes it so we will use the system account to detect the client and any software installed. While serial IP is another way of scanning the netbios. 

Let me know if after trying those things that it does not work for you. 

[Exploit code executing from Heap memory blocked]

Hello Wholley,

 

This seems to be from the program files directory. The logs we need to see the issue is found under the programdata directory of anti-exploit.  The directory is hidden by default so you might have to click on "View -> Hidden items" in Explorer to see it. If you are replying to someone else's post, you can click the "More reply options" button at the end of the page to get the file attachment options. You can find the logs in the following locations:

1. Windows XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes Anti-Exploit
2. Vista, Windows 7 and Windows 8: C:\ProgramData\Malwarebytes Anti-Exploit

[MBAE not starting after win10 upgrade to Anniversary version]

Hello Jcgc50,

 

There is not one yet. The developer wants to have us do some troubleshooting steps for this. If you are willing, I want to have you do these troubleshooting steps as well so we can get more information on the issue. If you are willing, can you collect the FRST logs I left earlier in this thread and PM me them so I can take a look? 

[MBAE crashes Chrome when PDF download attempted]

Hello TD47,

 

Perfect! Let me know if the issue returns. 

[Anti-Exploit not notifying protection & Log file stopped]

Hello Bonvant,

 

No problem. Go ahead and let me know if you have the issue again. 

[MBAE crashes Chrome when PDF download attempted]

Hello TD47,

 

That is correct. I just wanted to try just doing a clean re-install to see if the issue persists. If it does, then I will need to get you to run some diagnostic logs that will show why edge is crashing in that way. 

[Anti-Exploit not notifying protection & Log file stopped]

Hello Bonvant,

 

That is correct. In the log I was looking into, it was showing the protection was starting and stopping when a program was opened and closed as normal. So in that log I didn't see anything wrong that it was reporting to me. So the test with the tool is just to confirm that it is truly the case. 

[no support]

Hello Kiaura,

Do you mind sending me a PM with your reference number and the e-mail you were contacting support with? I want to get you the anti-exploit key and see why you have not been responded to yet. 

[MBAE not starting after win10 upgrade to Anniversary version]

Hello SportFlyer,

 

I am going to be sending some instructions to you in PM to collect some other information. 

[MBAE crashes Chrome when PDF download attempted]

Hello TD47,

 

We can keep this in here, I do not have a problem with that. I want to confirm first that the update didn't have any affect on this by doing a re-install of the program. Now this will revert the other issue that is occurring, but we can just apply the fixes once we do re-install. Can you remove the program from programs and features and once you do, use this program here to make sure the files are removed completely:

 

https://forums.malwarebytes.org/topic/177164-how-to-remove-mbae-leftovers-after-uninstall/

 

After you do that, reboot the computer and download the latest version of the program from this link:

 

https://downloads.malwarebytes.org/file/mbae

 

[Anti-Exploit not notifying protection & Log file stopped]

Hello Bonvant,

 

Understood. Well it is protecting you based on what I am seeing in the logs. However, just to be sure that that what I am seeing in the logs is correct, I want to have you use our test tool. Our test tool will check to see if the protection is working. I want to verify that 100% first to confirm it is working before we tackle the message not showing up:

 

https://forums.malwarebytes.org/topic/139368-how-to-verify-that-mbae-is-working-correctly/

 

[Deployment after Migration]

Hello WhatsThisFor,

 

Perfect! Let me know if you run into any other issues. 

[Deployment after Migration]

Hello WhatsThisFor,

There is a file that you may need to change for the package to go to the new server. 

Go to this file location on the server C:\Program Files (x86)\Malwarebytes Management Server\PackageTemplate and edit the sccomm.xml file as a notepad. This is the file that controls where the managed client goes to communicate to the server so this would be what is causing it. Go to the section where it shows <add key="remoteHost" value= and edit the value there to the new server address that you moved the server to. After you do that, create the install package and deploy it to the computers with that new sccomm.xml packaged in it. 

 

If you have already deployed it to some computers and need to fix the sccomm.xml that they have, go to the C:\ProgramData\Sccomm folder and you will see the file there. It is exactly the same as in the server folder (minus the client, policy, and group settings that the clients are given when they check in). 

[MBAE not starting after win10 upgrade to Anniversary version]

Hello Sportflyer,

 

You can send it to me in a PM if you want to keep the information in there between us. I have no problems with that.