Jump to content

Rsullinger

Staff
  • Posts

    533
  • Joined

  • Last visited

Everything posted by Rsullinger

  1. Hey Johnnyjr, I am going to reach out to you in a PM to collect some additional logs. Go ahead and reply to that with the logs and I will get this to our team to look into further!
  2. Hey Regitdept, I am going to send you a PM to collect me some additional logging. Not seeing anything initially in the logs.
  3. Hey StroTech, This is happening because we are currently metering the updates for 1.10. We are slowly updating people to the latest version so all of your clients will eventually pull it and update to the latest version. So you are seeing 1 or 2 clients updating because of that. We do this with our updates to make sure that if there is an issue with the upgrade, we can stop it so it does not affect all machines.
  4. Hello Berto, Do you mind collecting the logs from this link: we want to look into the issue further as this may have been fixed already.
  5. Hey pmcasey, I am going to send you a PM with some logs I want to have you get from the machine.
  6. Hey Heliae, That is odd, I would assume you would be seeing it more in your environment. Based on the logs, it does look like a memory error that some addons cause. I want to have you try a build on her machine to see if it fixes the issue. This build can be found here: https://malwarebytes.box.com/s/t5mh3h3kwtux9ugaj22q87gra1qg0i92 If that does not fix it, then we may need to run a debug build. Let me know how that build does as we will be deploying that build out to everyone soon.
  7. Hello Heliae, As a temporary work around, you can disable the shield for the office item (word an excel). That will make it work as temporary fix. However, to know for sure what is causing this and how to fix it, we will need these logs:
  8. I am glad to hear that fixed it! We do plan on pushing out that new version that I linked. So if you have that setting enabled that I mentioned, then you will get that as well when it is released. Let me know if you run into any other issues Al.
  9. Hello Al, It looks like this is due to an issue that was fixed in one of our newer versions. I see that this is still on 1.8 of anti-exploit which is at least a version old. There is an option to turn on for the clients to update to the latest version automatically which should fix this. Since you are using the management console you can go into the policy> anti-exploit tab and enable the automatic updates option there. You can also test the latest beta build here which should fix it as well:
  10. Hello Stefanc, I will want to see some of the logs to see why this is happening. Can you follow the instructions here to collect the logs I will need: https://support.malwarebytes.com/docs/DOC-1375 Also, to answer your question, if it is not popping up again, then we may have blocked the process it needed to run and it is not calling it again until our protection is disabled. We won't know if we will be able to exclude it until I get the logs though unfortunately.
  11. Hey Marky200, Your version you are using is still valid. While you correct that there is a new test build (.37) on the forum, we have not pushed that out through automatic updates yet. One thing with 1.10 is that we opened up the premium shields to any free users now. So the subscription renewal would go toward the mb3 product. If you would like, I can have someone contact you about your subscription in a PM.
  12. Hey Cliffs, The announcement should have some information on what was fixed in 1.10. A lot of it is opening up the premium features for free and our dynamic hooking (which is more for us at malwarebytes to help FP's). The rest have been bug fixes noted in the list. We will be posting the new updates out on the forums when it is available!
  13. Hello Peggyortman, Where are you seeing this happen. For example, are you seeing this in the cloud console or on the machine itself?
  14. Hey V_2, I am going to send you a PM with a build I want to have you try that should help resolve both of those issues.
  15. Hello Hake, That is correct. Certain bit-defender applications cause a hooking conflict with anti-exploit installed side by side with it. So in that case, our dynamic config would disable that so they can work side by side.
  16. No problem! Let me know if you run into any other issues, King!
  17. Hello Hake and Ridevries, That sounds like our dynamic exclusions may be playing a part in that. I can find out for sure if you collect the information found in this forum post:
  18. Thank you for those! So it looks like there is a proxy set under the system account which we seem to be finding: ProxyEnable: [.DEFAULT] => Proxy is enabled. ProxyServer: [.DEFAULT] => 10.10.1.66:8080 Is that something that may have been setup by the company on a network level? If not, once that is removed, then the clients will connect to the server like normal.
  19. Hey King, Alright. We are detecting a proxy from something, you shouldn't be able to ping it but should be able to resolve it. It doesn't look like it is able to resolve it based on the logs. Do you mind running FRST on one of the machines. It will show me what is installed and if there is any proxy settings set on an account. Sometimes it may be on another account and we are detecting it from that. You can send me the FRST logs if you don't want to post it directly on the forums. To do this: 1: Please download FRST from the link below and save it to your desktop: FRST 32-bit version: https://downloads.malwarebytes.com/file/FRST FRST 64-bit version: https://downloads.malwarebytes.com/file/FRST64 2: Double-click the purple FRST icon to run the program. Click Yes when the disclaimer appears. 3: Click the Scan button 4: When the scan has finished, it will make 2 log files in the same directory the tool is run, FRST.txt and Addition.txt. Please attach both files in your reply.
  20. Hey King, This looks like a separate issue for this: System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The remote server returned an error: (407) Proxy Authentication Required. Much like the 2008, it is trying to contact our sirius server but it is failing on proxy authentication. Do these computers have a proxy on them that must be met? if not, they may have something in the IE proxy settings that needs to be cleared. Some adware will do this for example. If this is a proxy that the clients must use, during install of the product you can specify a proxy the client will use. That is mainly information for future use, for now, you would just need to go to the same directory as you collected the logs and run this instead: MBCloudEA.exe -proxy.server 1.2.3.4 -proxy.port 906 -proxy.user Malware -proxy.password Bytes Just replace the information there with the information of your actual proxy. After that, restart the service for Malwarebytes endpoint agent and it will connect to the server.
  21. Hey King, Is this server by chance on service pack 1 of 2008? It looks like it is not able to reach out and talk to our sirius.mwbsys.com address. The error it is giving that it does not have a common algorithm which normally points to a TLS/SSL issue. For 2008 at least, we have some instructions here on how to fix it if that is the case: https://support.malwarebytes.com/docs/DOC-1897 Can you get the logs from one of the other endpoints as well so I can confirm that they are all having the same issue and not just 1 offs for each?
  22. Hello, I want to have you collect me the diagnostic logs from the server so I can see why it is not collecting. You will have to run this command in command line: Note: you may need to load an admin command prompt to run the command. “C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEA.exe –diag” You can do it by using: cd C:\Program Files\Malwarebytes Endpoint Agent\ Then use: MBCloudEa.exe -diag This will save a file on the desktop called MBDiagnostics. Send me that file and I can see why your server is not connecting.
  23. Hello Alex, They will indeed. The only thing you want to do to ensure that both of our products don't try to scan each other is put in mutual exclusions. So you would want to put BitDefenders file directories into our exclusion list and vice versa, you want to put these exclusions in theirs: https://support.malwarebytes.com/docs/DOC-1236 You should not have to do anything else once you do that!
  24. Hello Gokhan, I want to take a look at some logs that were not collected to help give me more information as to what is causing this. Initially it looks like something being called from a UNC path on firefox. You can disable firefox shield as a temporary measure but that opens up everything through firefox. To collect these logs: https://support.malwarebytes.com/docs/DOC-1038
  25. Hey Fedup, That was dumb of me, I should have provided you a link at least: http://downloads.malwarebytes.com/file/mbae That link will have the latest version of mbae that you can download. Let me know how it goes!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.