Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by kmerolla

  1. Any word on a resolution for this? I really need to onboard several machines to their proper groups.
  2. Dyllon, Security and Maintenance just shows "Malwarebytes is turned on." Could this be caused by having the real-time protection delayed 15 seconds? It's only happening on boot, and not again until subsequent boots; but not all boots and not all systems (I've never seen it). I am thinking Windows is tripping on the DB version (or last update date) before MBCloudEA has a chance to run the update on startup. I'd like to be able to prove this as telling my users "just ignore it" is not an enviable proposition.
  3. Seemingly corresponding with the April product update, several of my Windows 10 endpoints are now displaying a pop-up every reboot stating that Windows Defender has been turned off and is not monitoring the system. I have confirmed that the Malwarebytes Agent is up to date and the endpoints are running the latest database version. Anyone else seeing this? What can be done to rid my endpoints of this nuisance?
  4. We are all awaiting this feature. Hopefully it will be incorporated sooner than later.
  5. Dyllon, we deploy using full exe with prerequisites via SCCM. Also only happening to Windows 10 endpoints. Working with Josh on my support case and and the dev team identified 3 reg keys that, when removed, allowed the upgrade to occur silently and without issue on 2 of my affected endpoints. [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Malwarebytes' Managed Client] [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72BE25D7-574A-4F4D-B9B3-907D239CE1C7}] [HKEY_USERS\<user SID>\Software\Malwarebytes' Anti-Malware] (we are migrating off 1.8 MBMC but some legacy agents survived. These keys may have been left behind when the installer initially placed MBEP on the system). I think our SCCM uninstall routine isn't cleanly removing all the things. Support also indicated that the deployment of 3.3.2 has been suspended so no new cases should pop up. -Kevin
  6. @KDawg, Registry archive uploaded. Also I believe I have found an initial workaround. I moved 2 affected systems into an IR only policy and they have stopped prompting to reboot for now.
  7. @KDawg On the affected systems Malwarebytes 3.1.8 has already been uninstalled by the upgrade process. Should I force re-install it? What will stop it from re-attempting the upgrade? Getting the Registry files now.
  8. OK, I am up to 6 affected systems. Looks like the MBAMService is failing to upgrade to version 3.3.2. I know there's an issue regarding this version, however, the issue occurs AFTER it''s installed. On my endpoints it's not getting installed in the first place, just repeatedly failing and rebooting the endpoint. Policy is set to not reboot. 2018-01-15 02:38:02.540 Setup version: Inno Setup version 5.5.8 (u) 2018-01-15 02:38:02.540 Original Setup EXE: C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\instlrupdate\mb3-setup-common- 2018-01-15 02:38:02.540 Setup command line: /SL5="$109000B8,66933770,119296,C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\instlrupdate\mb3-setup-common-" /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /LOG="C:\ProgramData\Malwarebytes Endpoint Agent\Logs\mbaminstall20180115023802.log" 2018-01-15 02:38:02.540 Windows version: 10.0.15063 (NT platform: Yes) 2018-01-15 02:38:02.541 64-bit Windows: Yes 2018-01-15 02:38:02.541 Processor architecture: x64 2018-01-15 02:38:02.541 User privileges: Administrative 2018-01-15 02:38:02.543 64-bit install mode: Yes 2018-01-15 02:38:02.547 Created temporary directory: C:\WINDOWS\TEMP\is-4634A.tmp 2018-01-15 02:38:02.564 Extracting temporary file: C:\WINDOWS\TEMP\is-4634A.tmp\suhlpr.dll 2018-01-15 02:38:02.872 uninstall of MBAM 1.x failed 2018-01-15 02:38:02.923 Copied installer to temp directory C:\WINDOWS\TEMP\mb3-setup-common- 2018-01-15 02:38:02.923 Extracting temporary file: C:\WINDOWS\TEMP\is-4634A.tmp\mb-clean.exe 2018-01-15 02:38:03.137 CurStepChanged raised an exception (fatal). 2018-01-15 02:38:03.137 Deinitializing Setup. 2018-01-15 02:38:03.142 Log closed.
  9. Woke up this am to 2 reports that my clients (Windows 7 and WIndows 10) running Endpoint Protection have been continuously rebooting since 2:30 am Eastern. I can only assume a this point that this is somehow related to the Friday release. Anyone else out there seeing this? Any way I can stop this from rebooting my 1400 servers and endpoints on a Monday morning?
  10. So the web block came back in my environment today. Why is malwarebytes insisting on blocking UDB broadcast traffic?
  11. Is the nested group feature released yesterday only available to new groups? I don't see the option to nest my existing groups. -Kevin
  12. It would be helpful if, when hovering over or right-clicking on the Malwarebytes endpoint tray icon on Windows, it would show the client's DB version.
  13. I included the screenshot of the block.
  14. This block is preventing our access to GoToAssist. It also appears that similar domains were blocked back in October. Why is this block returning again after a month?
  15. I like the new layout. Still really need logged in user info in the asset information area. One suggestion, when you enable a feature that previously wasn't there, don't default it to "On" for the enterprise. My end users were really confused this morning when all of a sudden the endpoint started popping up messages about blocks, etc. At my company we communicate all user-impacting changes before they get enabled. And since we don't get prior knowledge about these releases it is difficult to keep my users in the loop. Still feels like a beta ...
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.