Computerdienst
-
Posts
26 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Computerdienst
-
-
Seems like our problem, but in addition we are facing blue screens. KERNEL SECURITY CHECK FAILURE.
-
ehm
Thanks for..... nothing? I thought there's also staff here?
-
Dear all
Problem: After my MacBook Pro wakes up from hibernation, I have to wait about 2 minutes until my keyboard and mouse is usable.
Funfact: Only happens when WIFI is turned ON.
It's definitly MEP's fault, because it doesn't happen when the client is uninstalled, and a second MacBook (Air) has the same issue, but not as often.
Any solution?
Regards
Christof -
In addition, why isn't it possible the disable Exploit Checking in exclusions for files and folders?
-
Dear MB-Team
This file get's quarantined every time:
Acrobat_DC_Set-Up.exe
Can you check? Just installed latest signatures. Didn't help.
Regards
Christof -
Good morning,
I'm currently having issues installing Endpoint Protection on a Windows 2008 Server. The agent installs sucessful but it doesn't continue with installing the Client itself.
Anything I can do?
Greetings,
Christof
-
Some clients reported online directly after the installation, but after the next reboot it's gone. Strangely BOTH services are running, so this isn't the issue.
I think there must be some Windows Update or Software issues, as I have customers which do not have this issue on any client, and others are completely offline. It seems to happen more often on Windows 7, but I also have clients with Windows 10 (but upgraded in place from 7).
-
Dear all,
Will the issues with clients not visible / appearing offline ever be fixed? I did a reinstall on several clients, before the removal was done with and without the /cloud parameter.
Still - today some clients are not online again, altough the have the latest version installed.
This is really getting annoying. I could have saved a lot of many for my customers if I just sticked to Malwarebytes standalone if this isn't working.
-
Good morning,
Since the new cloud console is up, I have 11 machines INFECTED. I was shocked at first, but then I've seen that it was simply webblocker activity which caused my clients to be "infected" now.
To be honest, I don't know ANYONE could have such an idea. Why should a machine marked as infected when a website got blocked?
Regards,
Christof
-
On 17.11.2017 at 12:29 AM, djacobson said:
Cloud installer links are always up to date, though you are only downloading the agent platform, once the machine that is installed and the agent connects to your cloud console, it will pull the latest protection pieces down automatically and according to what you have outlined in you Endpoint Protection policy..
The OP's question was for the on-premises product and is not related to the cloud product.
Sorry, that's just wrong.
For example, I did a brand new installation last week on a client, this is what it shows:
Product Name: Endpoint Protection (1.1.0.140) Product Name: Asset Manager (1.1.0.104)
We all now that this was a buggy version. It doesn't even seem to update itself now.
-
When can we expect that the download in the cloud is up2date? I think that's important....
-
9 hours ago, djacobson said:
Hi @Computerdienst, just the normal self-protect module causes the issue for you?
I think so, because I thought I never enabled the early start protection. But can't tell you anymore.
-
I don't see the problem. That's a legitimate software for hardware dongles. Or am I mixing something up?
https://sentinelcustomer.gemalto.com/sentineldownloads/
I had to install this myself for one of my customers. Don't know why you want to detect it?
-
On 27.10.2017 at 6:19 PM, djacobson said:
Thanks @deanb1234, I was hoping that was the case. That setting is ultra sensitive, it is meant to be used when you are dealing with an infection that can kill security program services. You can utilize that setting to load MB drivers early to prevent tampering and killing. Be aware that this setting can prevent normal safe changes to the files and can leave your product unable to update, don't use it for the every day, it's for emergencies.
Hi Dyllon,
Is only the "Enable Self-Protection Module Early Start" which can cause problems or also the "Enable Self-Protection Module"?
At the moment I disabled the "Enable Self-Protection" Module.
-
13 hours ago, kmerolla said:
One suggestion, when you enable a feature that previously wasn't there, don't default it to "On" for the enterprise. My end users were really confused this morning when all of a sudden the endpoint started popping up messages about blocks, etc. At my company we communicate all user-impacting changes before they get enabled.
I agree with that. To be honest I LIKE that my clients do not see anything at all. If something they needed got removed, they should call me to check.
-
12 hours ago, exile360 said:
OK, thanks for the additional information guys. The next time you have access to one of these systems could you please verify the exact build of Malwarebytes? To find out, open the main Malwarebytes UI and click on Settings>About and make a note of the exact version numbers listed under Version Information:
- Malwarebytes version: <version number>
- Component package version: <version number>
- Update package version: <version number>
This way they at least know which version(s) is/are being impacted by this issue and they can then let us know if the issue has been worked on and/or corrected in a newer release or is planned for an upcoming release.
I'll pass on the info about x86 systems being affected. That would likely explain why I haven't encountered this issue before personally as most of our customers these days are on x64 operating systems.
But EP has no User Interface...
-
2 hours ago, deanb1234 said:
Hi Samuel,
I'm unable to gather any logs either, we've turned the machines back over to the end users and it's very hard to get them to bring machines back to us. :-)
The way we fixed it was to go into safe mode and copy the .sys file giving the error from a known good machine with the same version of Windows. That resolved it.
When we get another machine I will make sure the help desk gathers the logs.
Thanks,
Dean
Strange. I wasn't even able to boot up safe mode, so I needed to use the Kaspersky Boot CD and with the integrated registry editor, I was able to remove Chameleon from the Services. However, that won't work with my Bootcamp Clients in case of emergency.
-
8 hours ago, exile360 said:
They've requested some additional info. Can either of you guys please run the diagnostics tool posted here on one of the affected endpoints and attach the log it creates on the desktop to a reply to this topic? They want to have a closer look at what's going on with one of the affected installations.
Thanks
Hi Samuel,
I can't, as I'm an external IT guy and don't have access to this client at the moment. What I can say is, that this client has Windows 7 and the real difference to my other customers / clients is, that this machine is still running x86 and NOT x64.
Also, the driver that failed was the Chameleon Driver, but "encrypted". Something like a RANDOMNUMBER.SYS.
For the moment I did what you told and disabled the self protect module. Hope this won't happen now.
-
10 hours ago, exile360 said:
Hello,
Over the past several months Malwarebytes has released several updates/upgrades and patches to address many issues, bugs as well as to implement improvements to protection and the application overall. If you wouldn't mind, could you please let us know in particular which issues you are continuing to experience with the software so that we might provide more details on the status of any particular bugs you describe which we might still be working on and which ones we believe we have already resolved in one of our recent updates?
Thanks
Hi Samuel,
Sure.
1.This one problem with machines not booting because of an Chamelon Driver error. I only had that once so far, but that's the error which bothers me much, as I don't know if we have ticking timebombs. It would be horrible if suddenly all clients would stop booting. I really need asap an information, if this is a common bug or if this just happens random. I would really need to deinstall EP if this is a common bug.... You can check this thread:
2. My event logs still got flooded with this error: 2017-10-16 08:09:14,455+02:00 [19] ERROR LicensePipe. The event log is full in about 2 minutes with just this one entry. That makes error resolving on clients almost impossible. This SHOULD be fixed in october according tec support.
3. The usual "clients don't show" problems.
4. Agents which do not start.
-
I'm really sorry to say, but paying customers are NOT beta testers. I would be really glad if someone could CONFIRM that you are really working on all those issues.
It is just frustrating. I was so glad when I could finally offer my customers a tool which was so great all the years, but now - sorry to say - it's just a mess. So MANY issues and problems. That just can't be. Don't get me wrong, I don't want any money back. I want a tool which works. A tool which was great!
I hope you guys DID get this. And I really hope the Q4 release or what ever WILL resolve this issues...
Regards,
Chris -
Yes, and so it seems like this is a real issue. Well done Malwarebytes. AGAIN. I'm really losing confidence. You really have to make up a LOT with the new release...
How have you fixed this?
And is there any way to avoid it? Or can I excpect that I have this all next week???
-
22 minutes ago, KDawg said:
What you quoted Dyllon from was previously true for the legacy product this is out of the guide from our other product. This is no longer the case in Endpoint Protection RDS is supported, as well as Anti-Ransomware on sever endpoints.
Sorry but: where did you get this from? My understanding is, that this is still NOT supported, coming somewhere in q4.
-
2 hours ago, AndersVogt said:
In our case it breaks everything, which is bad.
We are using Norwegian as our language, and we have thought the same. It has happened with other software before, e.g a program looking for "Administrators", but in Norwegian that would be "Administratorer". I guess the case would be the same for other languages like German.
I have not gotten a timeframe for a fix yet, but they tell me the Cloud team is working on it. I will update this thread when I have more info.
Good point with that. But did you made the needed exclusions for your servers? Have you deactivated the Ransomware part and maybe the webfiltering? I always do this because this can make a mess.
I ask because I don't have any issues except the log flooding.
-
Hi,
Case is still pending. They told me today I should get a response this week. But I'm REALLY GLAD that somebody else got that problem to! Luckily our Servers and Clients don't seem to care about this error, but still it's very annoying.
By any chance, are you using another language than English OS? That's the only thing at the moment I could imagine, as all my clients and servers are german.
KERNEL SECURITY CHECK FAILURE Bluescreen
in Malwarebytes Anti-Malware for Business
Posted
Dear Reader
Since about one and a half hour I have a lots of client crashing with above BlueScreen and also no connection to the Internet. Deinstalling Malwarebytes fixed it.