dprout69 Posted January 30, 2020 ID:1359277 Share Posted January 30, 2020 So I just updated from 3 to 4 (specifics below) on two computers and all of a sudden both computers are attempting a new connection with a seemingly strange protocol (reserved)... whats up with this? Link to post Share on other sites More sharing options...
Staff Malwarebytes Posted January 30, 2020 Staff ID:1359278 Share Posted January 30, 2020 ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes for Windows Help forum. If you are having technical issues with our Windows product, please do the following: Spoiler If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply: NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-X.X.X.XXXX.exe to run the program You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, a file named mbst-grab-results.zip will be found on your Desktop. Click OK Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so: Click "Reveal Hidden Contents" below for details on how to attach a file: Spoiler To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button. One of our experts will be able to assist you shortly. If you are having licensing issues, please do the following: Spoiler For any of these issues: Renewals Refunds (including double billing) Cancellations Update Billing Info Multiple Transactions Consumer Purchases Transaction Receipt Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help If you need help looking up your license details, please head here: https://support.malwarebytes.com/hc/en-us/articles/360038523934 Thanks in advance for your patience. -The Malwarebytes Forum Team Link to post Share on other sites More sharing options...
exile360 Posted January 30, 2020 ID:1359286 Share Posted January 30, 2020 Greetings, We may have to wait for a staff member to respond with a definite answer, however if it occurred shortly following the update or during the startup of Malwarebytes it could have been the new version of the Web Protection driver loading into your network connection for malicious website blocking. It uses WFP similar to the Windows Firewall and it may be that it is making that type of connection to interact with your network connection on your system. Again, this is just speculation on my part so we'll have to wait for a definitive response from a member of the staff to know for sure what it's purpose is. Link to post Share on other sites More sharing options...
exile360 Posted January 30, 2020 ID:1359288 Share Posted January 30, 2020 By the way, while I'm not sure this helps, you should also refer to this Malwarebytes support article; it does list at least the existing/known connections for Malwarebytes, however obviously if this connection is new it will not be listed. Link to post Share on other sites More sharing options...
dprout69 Posted January 30, 2020 Author ID:1359403 Share Posted January 30, 2020 Not certain that an update didnt occur at the moment it starting going off, but it happens multiple times in less than an hour (MB is set to update once an hour). So that would seem to indicate that its not happening during an update (unless it didnt update for some reason and made multiple attempts... maybe the server was down IDK) and definitely not when MB is starting up. Link to post Share on other sites More sharing options...
dprout69 Posted January 30, 2020 Author ID:1359404 Share Posted January 30, 2020 BTW, Im not 100% sure as of yet because it's only day two, however, I note there are a number of threads on here with people having problems with MB ver 4 and Firefox. Well I just noted that no sooner did I open Firefox on my second computer that I got the blocked connection message. I also note that the blocked message popped up on the computer Im on only while Firefox is open. So, in summary this just started on two computers just as soon as I upgraded from 3 to 4. It happens multiple times an hour. From what I can tell right now it only happens when Firefox is open (not 100% confirmed). Link to post Share on other sites More sharing options...
dprout69 Posted January 30, 2020 Author ID:1359425 Share Posted January 30, 2020 Its confirmed... I closed Firefox, walked away from my computers for about an hour, came back and checked my firewall logs and it didnt happen the entire time. Opened up Firefox on both computers and within moments the connection blocked popup occurred on both. There are multiple threads about MB4 and FIrefox issues and this appears to be yet another. Bottom line Protocol 255 is very odd and I wont be opening up that in my firewall unless someone can explain whats happening Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 31, 2020 Root Admin ID:1359627 Share Posted January 31, 2020 It is more than likely due to one of your extensions within Firefox You can disable all of your extensions and then enable them one by one to see which one might be causing it or simply reset Firefox back to default which will almost certainly correct the issue. Firefox Click on Help / Troubleshooting Information then click on the Refresh Firefox button. If that does not correct it then we'd need to get logs to check on it further. Link to post Share on other sites More sharing options...
dprout69 Posted January 31, 2020 Author ID:1359640 Share Posted January 31, 2020 As stated, this started on two different computers IMMEDIATELY after upgrading from 3 to 4. I have no extensions added in Firefox other than what comes as is with the browser. The whole diagnostics things is a crap shoot. You have multiple threads on here about problems with MB and Firefox Is no one at MB able to tell why their program is attempting to make an outbound connection with an obscure protocol??? Seems a bit fishy to me Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 31, 2020 Root Admin ID:1359643 Share Posted January 31, 2020 Okay, then please follow the directions from the following KB article and we'll review your logs https://support.malwarebytes.com/hc/en-us/articles/360039023453 Link to post Share on other sites More sharing options...
dprout69 Posted February 1, 2020 Author ID:1359689 Share Posted February 1, 2020 Im not a beta tester. I learned a long time ago that when MB puts out a new version that you need to wait a couple of months and I did. You people simply dont do enough testing. I reverted back to a system image that was created about an hour before I "upgraded" to 4. There is no longer an issue. The final straw for me was when the first scheduled scans ran on my computers, since the "upgrade", and one had an unhandled exception and the other had my user interface all jacked up as shown in the screenshot below. As I said I waited a couple of months since 4 was released and evidently I need to wait a couple of more. You know MB could really save everyone a lot of headaches by testing more and also by not asking for logs every single time someone has a problem. You could do a bit more on your side to troubleshoot. My issue was very basic and Im certain you have testing computers at your facility where Firefox is already installed. All you had to do on your side was block protocol 255 outbound and you can see the issue yourself and look at all the logs you desire. The alternative to that is to ask whoever designed it the simple question of why 255 is being used. People dont have time to keep jumping through hoops. I've said my peace. This topic can be closed or someone can be proactive and figure out how this software works and provide an explanation or a fix. Link to post Share on other sites More sharing options...
Porthos Posted February 1, 2020 ID:1359694 Share Posted February 1, 2020 12 minutes ago, dprout69 said: the other had my user interface all jacked up as shown in the screenshot below. This is likely caused by the hardware acceleration changes was made to the Malwarebytes version 4 UI. You can now change the settings in the current version of MB 4 Link to post Share on other sites More sharing options...
Porthos Posted February 1, 2020 ID:1359695 Share Posted February 1, 2020 (edited) 21 minutes ago, dprout69 said: You know MB could really save everyone a lot of headaches by testing more and also by not asking for logs every single time someone has a problem. I was a beta tester for quite a long time before MB 4 was released for public beta testing. It does get tested and I am a Firefox user since the Win 98 days. Everyone has different hardware and software combinations on their systems. Logs are for us to see what you have and assist you getting things working correctly for YOU. Both staff and volunteers like my self are just trying to help with your issues. I have about 400 different users using MB that I manage and am not having issues with any of them. Edited February 1, 2020 by Porthos Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 1, 2020 Root Admin ID:1359828 Share Posted February 1, 2020 Well, without logs there isn't much we can do to assist you. I will go ahead then and close your topic if you like and you can wait it out for a newer release version. Thank you Link to post Share on other sites More sharing options...
Recommended Posts