Jump to content

rssbandittrick

Honorary Members
  • Posts

    50
  • Joined

  • Last visited

Everything posted by rssbandittrick

  1. I'm still having this issue. it's only a problem when trying to use Kaseya to migration these endpoints.
  2. I'm trying to migrate endpoints to OneView using Kaseya. I've tried using Executeshellcommand and also running from a batch file to no avail. The result is the same when trying to run the command: “C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEA.exe” -accounttoken <tokenID> Kaseya gives me: log4net:ERROR Failed to find configuration section 'log4net' in the application's .config file. Check your .config file for the <log4net> and <configSections> elements Log4NetConfigurationSectionHandler,log4net" /> This is not a Kaseya error. Can anyone help? Anyone here using Kaseya that's successfully used it? command works fine If I do it from the desktop manually.
  3. I've had no reports of BSOD since I turned off the scheduled hyper and threat scan. I will leave it without for a week before I schedule these scans again.
  4. Hi, I have a PC running Norton Internet Security and Malwarebytes Endpoint Protection Cloud. When MB is install the PC will BSOD. When I remove it and leave it off there is no problem with the PC. I have an existing case open with support already but wouldnt mind input of others. I have reinstalled the PC (Windows 10 64 bit) and the PC still BSOD. I have put exclusions in for both MB and Norton to no avail. At first I thought it was my scheduled scans causing the BSOD but I've ran both a threat scan and hyper scan and they go fine. 011019-28392-01.dmp 10/01/2019 16:00:26 KERNEL_DATA_INPAGE_ERROR 0x0000007a fffff6fc`40006f50 ffffffff`c0000185 00002001`6b2ce860 fffff880`00dea93c ataport.SYS ataport.SYS+1e93c ATAPI Driver Extension Microsoft® Windows® Operating System Microsoft Corporation 6.1.7600.16385 (win7_rtm.090713-1255) x64 ntoskrnl.exe+93ba0 C:\Windows\Minidump\011019-28392-01.dmp 4 15 7601 306,272 10/01/2019 16:02:01 There are 5 PCs in this company all running NIS and MB and only this one is having the issue. thanks
  5. Thanks. i've tested the site on my PC running MBEP and it blocks it. It was also MBEP that picked up the submitted file. However, I was curious to see what this file actually did when executed as this file has been on the customer PC for weeks before I installed MBEP.
  6. Hi Guys, we've had a breach one a computer via RDP brute force they were able to get on. They downloaded this file from http://gear3.com Could you check it for me? Open it in a sandbox see what it does? Thanks, Protected.zip
  7. We use Endpoint Protection cloud and a few of our servers have had the same file detected and quarantined as a trojan. I need to know if this is a false positive. autochk.zip
  8. @BenCunn Dyllon told me yesterday that stopping the services via CMD whilst the problem is happening will not work. See his email:
  9. Got another PC from another site doing similar thing. Tried the commands to find that the protection -stop command hung and didnt do anything. had to reboot the PC 3 times.
  10. I have also partially replicated the problem on my own computer. If I go to task manager and kill MBAMService.exe, the symptoms are exactly what is happening. minus the immediate lock up. This does not happen if I I stop it via CMD or services. Do you think it could be an issue with this process starting up? @BenCunn I'm running ESET instead of Symantec now so it's not the same test. Could you enable protection on one of the PCs and change the startup delay from the console to say 90 seconds?
  11. @Bencunn I will keep you updated. The last thing Dyllon said to me was this:
  12. I spoke too soon. one of the affected PCs has again become unusable. Programs are not opening, explorer is crashing. Windows Defender is off. MSE is not installed. I need this resolving otherwise i'm removing it.
  13. UPDATE: It is now 4 days without incident. Fingers crossed that this no longer occurs since doing recent changes.
  14. For reference of the thread, I have changed MBAM Protection startup to delay by 30 seconds and i've updated MAE to version 1.09.2.1398. I have also enabled MBAM protection on the 4 computers so all machines on the network are running the same policy of MBAM.
  15. Dyllon, your reply is great - But, It fixes a different issue for one affect user. What about the original problem posted? I've got several machines with MBAM protection disabled as per your suggestion and they have not had any issues. What do I do now?
  16. I may have spoken too soon. The user is unable to browse "This PC" to show network drives or local drives. I've tried to log in as administrator but it just hangs "loading windows". Unable to do anything on this machine really so i've had to reboot it. And guess what happened when I told it to reboot? It hung. Had to force reboot the PC. Can we resolve this? Client getting frustrated, I'm too busy to keep dealing with this with no resolve. Disabling MBAM is not an option. Only other option is to remove malwarebytes and discontinue using it elsewhere.
  17. Hi Dyllon, the computers which have got mbam disabled have not had the issue with opening programs. the pc i reported had it enabled and i've had to hard reboot the computer to get it working again. today i have an issue with a different pc where internet explorer will not load correctly but firefox will. i have tried to run procmon but it wont load. i assume malwarebytes is stopping this too. I just disabled mbam on this PC and saw task manager activity increase a lot then stop. Now Windows Explorer has stopped responding so I've had to kill the process and bring it back up. I enabled MBAM again and I reset IE via IE Options. I also deleted temp files etc and IE opens properly now. Not sure if it was Malwarebytes or just IE. You mentioned that MBAE had "blown up" - Do i need to disable this for my customers? Can you tell me if the issues i'm having are solely malwarebytes or is it because it's clashing with Symantec? Reason i ask is, we're moving our customers to ESET and if it's a clash then I can move them to ESET right away.
  18. @djacobson The PCs which had MBAM Protection disabled have so far no had any problems. Ive had a call from someone who has it enabled and they're unable to open Microsoft Dynamics NACV 2016 (Process name is Microsoft .Dynamics.Nav.Client.exe) I've set this PC to disable protection and it still wont open. I've tried to do some troubleshooting but as always, explorer and task manager are not responding. my only option is going to be to reboot this PC.
  19. Hi, Cant use local admin account on the PDC, as it's the domain administrator account. still doesnt find the server.
  20. Hi, I have the MGMT console installed on our domain controller. When I do an IP scan or any other scan, it does not find the server. I have been able to install the agent on the server manually and it shows in the console. However, i'm getting email notifications all the time to say the defs are out of date on the server. When I look on the console and the endpoint I can see that they're up to date.
  21. I've had a call from another customer who cannot open Outlook. It started in safe mode with no problems and it also starts up when i disable the Symantec add on. They've only recently just had Malwarebytes installed too. I tried to log collect and explorer crashed. I tried restarting the process but the PC has hung. it's starting to get annoying now
  22. @djacobson I got on the PC and started the log collect but explore crashed. I then started a restart and it hung. I disabled all Malwarebytes protection via the console and it got a little further but ultimately the PC had to be hard reset. logs should be in your inbox. I'm reinstalling malwarebytes and Symantec now as I did with the previous PC.
  23. At the same site I have a 3rd PC now. Can open Outlook but Internet and Navision are not opening. I'm about to remotely access the computer. @djacobson are you about?
  24. Since posting I have removed a few apps from the PC, Run CCleaner and reinstalled both Symantec and Malwarebytes. I've asked the customer to get in touch as it's happening, so I will get the logs then.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.