jscotto Posted January 12, 2023 ID:1549312 Share Posted January 12, 2023 I am a developer for PC Matic. You are blocking one or both of the essential DLLs to run our software. I added to a zip file (7zip) to upload. Downloads.zip Link to post Share on other sites More sharing options...
Staff blender Posted January 12, 2023 Staff ID:1549318 Share Posted January 12, 2023 Hello, I am unable to reproduce the detection. Do you have a log you can attach? What is the detection name? Thank you, Link to post Share on other sites More sharing options...
jscotto Posted January 12, 2023 Author ID:1549319 Share Posted January 12, 2023 Hi, What logs are you looking for? Link to post Share on other sites More sharing options...
Staff blender Posted January 12, 2023 Staff ID:1549324 Share Posted January 12, 2023 This topic should explain how to get the logs depending on which version of MBAM you are running. Link to post Share on other sites More sharing options...
jscotto Posted January 13, 2023 Author ID:1549445 Share Posted January 13, 2023 Hi, I am attaching the log our customer sent us. It looks like it has to do with your whitelist signatures. The info in question starts around line 5286: 01/12/23 " 08:31:29.731" 147855796 1560 2114 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::PredetectWLCache::FindEntry "predetectwlcache.cpp" 341 "Removing modified entry: 'C:\Program Files (x86)\PCPitstop\Super Shield\SuperShieldProcessHooker32.exe'" 01/12/23 " 08:31:29.731" 147855796 1560 2114 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::SystemProtectedWhiteLister::IsFileWhiteListed "systemprotectedwhitelister.cpp" 126 "Checking limited system protected white listing for 'C:\Program Files (x86)\PCPitstop\Super Shield\SuperShieldProcessHooker32.exe'" 01/12/23 " 08:31:29.731" 147855796 1560 2114 INFO CleanControllerImpl mb::cleanctlrimpl::whitelist::PredetectSignatureWhiteLister::IsObjectWhiteListedEx "predetectsignaturewhitelister.cpp" 101 "'PC Matic, Inc' not found in whitesigs" Thanks MBAMSERVICE.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted January 16, 2023 Staff ID:1549833 Share Posted January 16, 2023 Hello again, We require a scan log to determine how exactly the file is being detected. This is different than the service log. Thank you, Link to post Share on other sites More sharing options...
jscotto Posted February 2, 2023 Author ID:1552745 Share Posted February 2, 2023 Hi, The user finally got back with us and said he is using a different version and that the instructions you provided don't work. His version is Malwarebytes Endpoint Agent (1. 2. 0. 1022). I am attaching a log that may be what you are looking for. Otherwise, I'll need more direction on how to get the correct logs. Thanks EndpointAgent.txt Link to post Share on other sites More sharing options...
Staff screen317 Posted February 5, 2023 Staff ID:1553023 Share Posted February 5, 2023 The instructions here should be informative: https://service.malwarebytes.com/hc/en-us/articles/4413789306771-Collect-Malwarebytes-Endpoint-Agent-diagnostic-logs It would however be much easier to just know what the detection name is so we can look it up on our end and figure this out. Thank you, Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now