Jump to content

spnkzss

Honorary Members
  • Posts

    59
  • Joined

  • Last visited

Everything posted by spnkzss

  1. Had a machine with 2885 PUPs. I have told it many times to delete the files, the machine comes online and then it says it is successful, but in the portal, they still exist. Does this mean they are't actually being deleted from the machine, or is it more that the portal is not updating appropriately? Rob
  2. Ok. Thank you for the update. Do we have an idea of when that might happen? Next week, next month, next year?
  3. Another KEY piece that I don't want missed is that even if the client was online, scans weren't happening. If you look at the scan log it was empty, even though the client was online. That was another thing that needed to be looked for. The complete removal that I did above solved it. I ran through the above sequence at one point with mb-clean-3.1.0.1027 and that DID NOT solve my problem. Again, that is why I was as specific as I was. I just believe that a lot of the problems that I talked about at the beginning of this thread are all related.
  4. While I understand that this is what tech support basically tells you to do for everything, there is some more relevant information in this. The fact that we upgraded the site. The fact that I had to run the /cloud AND without the /cloud. The fact that installing it with the .msi versus the full exe with .NET. I could not get the install to work correctly with the .NET exe, it HAD to be the installer WITHOUT the .NET. I also understand IT_Guy your frustration, as I am feeling all the same things you are, but as you can see my "fix" was not even seen by Malwarebytes because I believe all they are currently seeing is your frustration. I truly do understand it, but I am concerned relevant information that may help someone else is getting clouded. I do understand that you want to keep the protection forum strictly as troubleshooting, however the meat of my response, which I see you aren't even reading anymore and was apparently missed, was troubleshooting and don't believe the comment that I made about closing a thread was anywhere close to harshly critical. I believe it was fairly well put. I did not respond to the support ticket, because as others I wasn't going to try and troubleshoot an issue that was much larger for you guys. I didn't have time. I found some time to try a very specific set of steps that I wanted to share resolved the problem. Where the frustration comes in, and this is where I am assuming some things because no one has claimed otherwise, that on 9/30 a software update landed that broke a lot of clients and it was stuck in limbo which required a force uninstall. Including uninstalling some of the past client because the upgrade didn't take that. Now, if someone somewhere from Malwarebytes just came out and said "We pushed an update, it screwed things up, and we know this. If you could please do x, y, and z, we should be able to resolve this and it shouldn't happen again" this whole situation would have gone completely different. Mistakes happen, but when people.companies don't "own it", that's when people get angry.
  5. An update, moved from another thread. My environment WAS the onsite server based solution. I upgraded everyone to the cloud solution by pushing the solution across the network using the Malwarebytes Discovery and Deployment Tool. Now this part is speculation, but around the end of September (9/29ish), it seems to me that an update was pushed down to the clients from Malwarebytes. This update did not update well on some of my clients. I had a couple dozen offline, even though I knew they were online. I also had quite a few that never did the scheduled scan even though they were definitely online during this time AND showed online in the portal. Now, not speculation, what I did to resolve the issue, I went through every one of my clients in the portal and confirmed the last time they scanned (I have a daily scheduled scan setup). I wrote down the ones that did not scan, especially the ones that still show up as online in the portal. I also wrote down all the ones that were offline. I then went to each machine on this new list, ran the mb-clean-3.1.0.1031 /cloud command. Rebooted. I then ran the mb-clean-3.1.0.1031 WITHOUT the /cloud. 1 in 5 needed to be rebooted again. I believe this was finishing the clean up of the previous server based product. I then reinstalled using the .msi for JUST the Endpoint product without the .NET. They came back online. I then told that client to scan and quarantine. So far, all have continued to be up and running and scanning appropriately for the last 4 days. While I understand that this is what tech support basically tells you to do for everything, there is some more relevant information in this. The fact that we upgraded the site. The fact that I had to run the /cloud AND without the /cloud. The fact that installing with it with the .msi versus the full exe with .NET. I could not get the install to work correctly with the .NET exe, it HAD to be the installer WITHOUT the .NET.
  6. Can we PLEASE move this back to the other topic section. I can understand moving it ot the Product comments and concerns, but the BIGGEST part of my topic is how to FIX the problems people are having.
  7. Could someone please explain to me why the above thread was locked? I am seriously trying to help get this product fixed and give a single location for what we find. This also gives your company a single location to respond to what we are seeing. I came in today to give an update (even possible solution) to what I have found. I truly hope you all understand how that looks to lock a thread like this. Especially with zero response from Malwarebytes. So, what I came in here to say was: My environment WAS the onsite server based solution. I upgraded everyone to the cloud solution by pushing the solution across the network using the Malwarebytes Discovery and Deployment Tool. Now this part is speculation, but around the end of September (9/29ish), it seems to me that an update was pushed down to the clients from Malwarebytes. This update did not update well on some of my clients. I had a couple dozen offline, even though I knew they were online. I also had quite a few that never did the scheduled scan even though they were definitely online during this time AND showed online in the portal. Now, not speculation, what I did to resolve the issue, I went through every one of my clients in the portal and confirmed the last time they scanned (I have a daily scheduled scan setup). I wrote down the ones that did not scan, especially the ones that still show up as online in the portal. I also wrote down all the ones that were offline. I then went to each machine on this new list, ran the mb-clean-3.1.0.1031 /cloud command. Rebooted. I then ran the mb-clean-3.1.0.1031 WITHOUT the /cloud. 1 in 5 needed to be rebooted again. I believe this was finishing the clean up of the previous server based product. I then reinstalled using the .msi for JUST the Endpoint product without the .NET. They came back online. I then told that client to scan and quarantine. So far, all have continued to be up and running and scanning appropriately for the last 4 days. Assuming this thread is not closed, I will update if there is any further developments. Rob
  8. Scans not running. I am randomly going through my endpoints that ARE online and have up to date check in points, however if I go into each one individually, they have NO scans that have ever run on them and I know they are online during the scheduled daily scan. I try and manually tell them to scan and under Tasks it stays pending for awhile then just goes failed. Here I thought at least the ones that are online were doing something. Apparently that isn't even the case. Talk about lack of warm and fuzzies. That's messed up. To get all the ones that are offline online (all but one that is fighting me) I have had to run the clean up tool manually, reboot, then reinstall. Looks like I need to do this on EVERY one of these clients for me to make sure it's working. If I have to manually touch EVERY endpoint again, that may finally be my tipping point on finding another product.
  9. I don't want to remember to have anything on me, like a USB. Maybe have it be an option on install, select light client or full client. In other AV software, you select it in the policy whether they can override or turn off scanning. Or to turn off scanning or add exceptions, require a password to do so. You should be able to handle 100% of this through policies, so even if you go one way, it's EASY to switch it all back the other way. That is a key mindset to an enterprise solution. I can understand the concept of a limited interface, but in practice, it never works out right and I never get the warm and fuzzy. If I don't have the warm and fuzzy, I typically find another product that will give me the warm and fuzzy.
  10. Add to this list exclusions not working.
  11. If, let's say, the software is installed but not communicating with "home", there is currently, no way to scan, or test to see if the break is at the individual PC or with the cloud solution Let's say you have an outbreak, and you have disconnected a bunch of computers from the network, which then includes the internet, you currently have no way to scan. Let's continue to say that you are troubleshooting a computer and you are sitting in front of it, I currently have no way of knowing if a scan is running, what version is installed, when it was last updated, when were the last scans done on it (other than stopping to log into the portal, assuming I can get there). As an IT Administrator, I could go on for another 15 minutes about why I want full abilities to see what a piece of software is doing while sitting directly in front of the PC. Most of all, being able to set a scan running while I'm sitting there or telling my coworker to "try this", then let me know when it's done and I'll come help. Please don't take this as a jab, because it's not, it actually helps me understand the "mentality" behind the software development of this product. The fact that you say " so functions like a UI and right-click context menu scans don't seem overly useful to me personally" tells me you've never been in our shoes and/or don't understand the SMB/Enterprise environments. Rob
  12. There are quite a few issues with this software, that obviously, lots of people are upset about. I'm not going to rant and rave, but I also will not spend my time troubleshooting what I think are basic functions of the software, especially since it has nothing to do with my environment. Too many other people are having the same problems. The only reason that I have not bailed on all of this is your reputation and how many times your software has bailed me out and how well the "core" software works when it works. I wanted to try and create a master list of sorts. Certain things that hopefully we can get Malwarebytes to give us some more "official" answers too. There are lots of hands in the pot, but I'm not getting any warm and fuzzies about what has been done. I will gladly edit this list if someone feels we need to update it and if multiple people are seeing the same things. I will also GLADLY update it if things get fixed. 1.) Offline Endpoints. Associated with one of the services not starting. 2.) mb-clean not removing everything so a reinstall does not work Setup failed 0x80070643. Edit1: 10:02EST. Have noticed that even though you run it, and reboot, the malwarebyte icon is still down by the clock. 3.) Tons of Event Log errors 4.) Memory Leak 5.) Computers not running scans. Even though it's online and I tell it to scan, the task fails. 5b.) No easy well to tell if scans have ever run on machines unless you go to each one and dig in. I know this is border line not CORE function, but if I don't have any faith that the software is doing what it's supposed to be doing, then I'm going to uninstall and find something else that helps me sleep better at night. I have LOTS of machines that this software has been installed on for months that have NEVER run a scan. Yes, I work hard not to let that keep me from sleeping, but.... Rob
  13. Does this cleaner work now? I have tried it on multiple machines and it never seems to get everything. It says it does but when you go to reinstall it asks to remove malwarebytes. Which of course, I just did.
  14. I am not quoting this to bitch, but I am quoting this to show my support. This is a frame of mind that I believe needs to be used for this product to work in the future. Rob
  15. I was told by TS " I am being told that the clients showing up offline issue, has now been resolved and you should no longer be experiencing this. ". I have responded by saying not true, but wanted to hear if any of you have been able to get theirs back up?
  16. Is there any update on this? This software was expensive, which is not my biggest concern, but it's time consuming, which is one commodity that I DON'T have. I am beginning to notice a trend with this company, between the cloud solution and the other server based solution, corporate environments is not their strong suit and I don't take kindly to being BETA testers without knowing this up front. Rob
  17. I have about 17 of my 113 that I know of that have the same issues. This does not include my random laptops that I have no clue are affected or just haven't been turned on. The service is offline and won't start stating "Activation context generation failed for "C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEA.exe".Error in manifest or policy file "C:\Program Files\Malwarebytes Endpoint Agent\MBCloudEA.exe.Config" on line 0. Invalid Xml syntax.". It seems to have been caused by a new version that was pushed down. I understand that things happen, but knowing that I'm going to have to go around to each PC and run the manual removal tool and reboot is not a good solution. Especially when 7 of my machines so far are active environment servers. My bigger concern is knowing if any of my random laptops that connect to the internet every once in awhile are affected or just haven't been turn on.
  18. That makes more sense, except my problem is they are technicians and they don't have a set schedule on when those PCs are even turned on. It's not just about being connected to the internet.
  19. I'm confused by the statement. They already are in their own group just in case I can do something special, but I can't create a scan schedule for something that is only online occasionally at random times.
  20. I agree. Especially my laptops of field guys that work random times and sometimes don't see internet for days. These are the ones I want scanned the most as they are the most likely to get something. I thought a good work around for this would be to schedule a task, but the task expires at 3 days. I would really like the option to change that expire time to never for those special occasions. ESPECIALLY on a delete quarantine. There is no reason to have a 3 day expire on that. That needs to happen as soon as the machine is seen again. Even if that's a month down the road. Rob
  21. I am, and would like it back as it told me at one point that a server was blocking DNS requests to a malicious site. Some machine was not protected and that helped me track it down.
  22. Those are checked but any IP level Outbound Connection threat does not email me. A PUP will, and I have selected notification anytime a computer is added, so I know the basic Notification emails work.
  23. Is there a way to get an email notification on a Real-Time Protection Event?
  24. In a future release, can we please have an option to delay, or at least warn people (allow them time to save their work) when we use the Discovery and Deployment tool to push the install before it just reboots the machine. I tested on a couple machines and it did not reboot them, but I had quite a few that once I started to mass install, they needed to reboot and it just rebooted on them without a chance to even know what happened. I now have to stop pushing all installs and manually do it. Defeats a Deployment tool for me.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.