cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Nielsb
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 5
‎01-14-2021 01:45 AM

ENS 10.7: Error communicating with quarantine manager

Jump to solution

Hi,

I have an issue with one system:

"Error communicating with quarantine manager" and no AMcore info in about

Right click scan for threat: "Cannot communicatre with the scan service"

Upgraded from VSE/HIPS to ENS 10.7 November update 

Removal tool ENS selected

Reinstall of ENS 10.7 November update  same issue:

 

issue 1.PNGNo AMcorce infoNo AMcorce infoissue 3.PNG

0 Kudos
Reply
1 Solution

Accepted Solutions
Nielsb
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 5
‎01-19-2021 01:32 AM

Re: ENS 10.7: Error communicating with quarantine manager

Jump to solution

I found 2 dll's via sysprep tool, LG and Filezilla:

01/14/21 11:48:13 [I] [0x4944] Unsigned injector discovered
01/14/21 11:48:13 [I] [0x4944] File [C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\ScreenSplitterHook2.dll] sha2[032F727A92282E5602DDF1B0070B69812E497BF8A14CB103CEF24123168E6090] sha1[F4D19762CECAE4C9362F188670DCC5A9B7B59E8E] md5[DDE251C85CDD407EBE04C9CD53E1B3CC]
01/14/21 11:48:14 [W] [0x4944] Failed to create MA event [17]
01/14/21 11:48:14 [E] [0x4944] Unable to grant trust to module [C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\ScreenSplitterHook2.dll]

01/14/21 12:16:44 [I] [0x4988] File [C:\Program Files\FileZilla FTP Client\fzshellext.dll] sha2[6805B5F8EC15E1B96D21CFB91928F41A86E4C16BAD2940FA657DBCA1831FC5AF] sha1[1B6760F4BF84C64ED9050A5E2AA4B81C0EE4A1F7] md5[C17950C177286B36F492D87C9940B350]
01/14/21 12:16:45 [W] [0x4988] Failed to create MA event [17]
01/14/21 12:16:45 [E] [0x4988] Unable to grant trust to module [C:\Program Files\FileZilla FTP Client\fzshellext.dll]

 

LG and Filezille application removed, ENS reinstall and same issue

and again the removal tool and bruteforce parameter:

Remove all products using Endpoint Removal Tool with this command line arguments "--accepteula --ALL --bruteforce=SysCore
 
and the installation was succesfull.
My SR was: 4-21607624361

View solution in original post

Reply
4 Replies
Nielsb
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 5
‎01-14-2021 02:13 AM

Re: ENS 10.7: Error communicating with quarantine manager

Jump to solution

again the removal tool and ENS/Agent selected + reinstall of ENS november update same issue

issue 4.PNG

0 Kudos
Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 5
‎01-18-2021 01:08 PM

Re: ENS 10.7: Error communicating with quarantine manager

Jump to solution

Hi @Nielsb,

Thank you for your post. Firstly, It is much appreciated that you already tried the latest version before we investigated further! The issue seems a bit familiar in my experience and this could possibly e due to dll injection going on in the machine.

May I know if you already have a support request created for this? It would be helpful in investigating this with logs.

Also, to confirm if any third party untrusted dlls are getting injected to the UI, we can check the below log file:

Self protection activity located under %^programdata%\McAfee\Endpoint Security\Logs\

You can also request support for the McAfee Sysprep tool that should help you check of injectors as well!

I sincerely hope this helps!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
0 Kudos
Reply
Nielsb
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 5
‎01-19-2021 01:32 AM

Re: ENS 10.7: Error communicating with quarantine manager

Jump to solution

I found 2 dll's via sysprep tool, LG and Filezilla:

01/14/21 11:48:13 [I] [0x4944] Unsigned injector discovered
01/14/21 11:48:13 [I] [0x4944] File [C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\ScreenSplitterHook2.dll] sha2[032F727A92282E5602DDF1B0070B69812E497BF8A14CB103CEF24123168E6090] sha1[F4D19762CECAE4C9362F188670DCC5A9B7B59E8E] md5[DDE251C85CDD407EBE04C9CD53E1B3CC]
01/14/21 11:48:14 [W] [0x4944] Failed to create MA event [17]
01/14/21 11:48:14 [E] [0x4944] Unable to grant trust to module [C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\ScreenSplitterHook2.dll]

01/14/21 12:16:44 [I] [0x4988] File [C:\Program Files\FileZilla FTP Client\fzshellext.dll] sha2[6805B5F8EC15E1B96D21CFB91928F41A86E4C16BAD2940FA657DBCA1831FC5AF] sha1[1B6760F4BF84C64ED9050A5E2AA4B81C0EE4A1F7] md5[C17950C177286B36F492D87C9940B350]
01/14/21 12:16:45 [W] [0x4988] Failed to create MA event [17]
01/14/21 12:16:45 [E] [0x4988] Unable to grant trust to module [C:\Program Files\FileZilla FTP Client\fzshellext.dll]

 

LG and Filezille application removed, ENS reinstall and same issue

and again the removal tool and bruteforce parameter:

Remove all products using Endpoint Removal Tool with this command line arguments "--accepteula --ALL --bruteforce=SysCore
 
and the installation was succesfull.
My SR was: 4-21607624361

View solution in original post

Reply
AdithyanT
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5
‎01-19-2021 02:44 PM

Re: ENS 10.7: Error communicating with quarantine manager

Jump to solution

Hi @Nielsb,

Brilliant! Thank you for keeping us informed on what resolved the issue!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC