Jump to content

Recommended Posts

Dear Forum,

 

I try to install Malwarebytes Endpoint Protection on our Multipoint Server 2011 system. 

In the first place it has been installing and asking to reboot. After the reboot, I got a failure message that Malwarebytes could not be started.

After later reboots, it continued asking for a reboot. No failure message.

I deinstalled with the MB clean program. But when attempting to reinstall it gives a failure message, stating that MB Endpoint Protection is already installed.

This is the log of the deinstaller:

2018-02-22 05:54:45.919   >>>>>Starting post reboot phase cleanup for Malwarebytes Endpoint Agent <<<<<<<<.
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\MBEndpointAgent does not exist.
2018-02-22 05:54:45.919   Trying to delete path C:\ProgramData\Malwarebytes Endpoint Agent\
2018-02-22 05:54:45.919   Cannot delete path C:\ProgramData\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:45.919   Trying to delete path C:\Program Files\Malwarebytes Endpoint Agent\
2018-02-22 05:54:45.919   Cannot delete path C:\Program Files\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:45.919   >>>>>Starting post reboot phase cleanup for Malwarebytes version 3.x.x.xxxx <<<<<<<<.
2018-02-22 05:54:45.919   Trying to delete REG key: HKCU\SOFTWARE\Malwarebytes
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-02-22 05:54:45.919   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-02-22 05:54:47.214   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMChameleon.sys
2018-02-22 05:54:47.214   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.214   Trying to delete file or folder C:\Windows\system32\drivers\MBAMChameleon.sys on reboot
2018-02-22 05:54:47.214   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.214   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-02-22 05:54:47.214   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-02-22 05:54:47.916   Trying to delete file or folder: C:\Windows\system32\drivers\mbam.sys
2018-02-22 05:54:47.916   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:47.916   Trying to delete file or folder C:\Windows\system32\drivers\mbam.sys on reboot
2018-02-22 05:54:47.916   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMSwissArmy.sys
2018-02-22 05:54:48.946   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   Trying to delete file or folder C:\Windows\system32\drivers\MBAMSwissArmy.sys on reboot
2018-02-22 05:54:48.946   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:48.946   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-02-22 05:54:49.913   Trying to delete file or folder: C:\Windows\system32\drivers\mwac.sys
2018-02-22 05:54:49.913   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:49.929   Trying to delete file or folder C:\Windows\system32\drivers\mwac.sys on reboot
2018-02-22 05:54:49.929   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 05:54:50.693   Trying to delete path C:\ProgramData\Malwarebytes\
2018-02-22 05:54:50.693   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The directory name is invalid.(error=267))
2018-02-22 05:54:50.693   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-02-22 05:54:50.693   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:54:50.693   Trying to delete path C:\Program Files\Malwarebytes Endpoint Agent\
2018-02-22 05:54:50.693   Cannot delete path C:\Program Files\Malwarebytes Endpoint Agent\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 05:56:05.550   --------END OF LOG FILE ----------
2018-02-22 06:09:55.298   mb-clean:3.1.0.1031  @ Malwarebytes. All rights reserved.
2018-02-22 06:09:56.827   No Malwarebytes software installed.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMChameleon.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\MBAMChameleon.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMChameleon.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\mbam.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\mbam.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mbam.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\MBAMSwissArmy.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\MBAMSwissArmy.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\MBAMSwissArmy.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2018-02-22 06:09:59.767   Trying to delete file or folder: C:\Windows\system32\drivers\mwac.sys
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 06:09:59.767   Trying to delete file or folder C:\Windows\system32\drivers\mwac.sys on reboot
2018-02-22 06:09:59.767   Failed to delete C:\Windows\system32\drivers\mwac.sys, reason:(Access is denied.(error=5))
2018-02-22 06:10:00.469   Trying to delete path C:\ProgramData\Malwarebytes\
2018-02-22 06:10:00.469   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The directory name is invalid.(error=267))
2018-02-22 06:10:00.469   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2018-02-22 06:10:00.469   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 06:10:00.469   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2018-02-22 06:10:00.469   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The system cannot find the path specified.(error=3))
2018-02-22 06:10:00.469   --------END OF LOG FILE ----------

Thank you for your help and advice, it would be much appreciated,

Best regards,

Johannes

Link to post
Share on other sites

Sorry, this is the log of the installation:

[1584:06FC][2018-02-22T06:25:01]i001: Burn v3.10.3.3007, Windows v6.1 (Build 7601: Service Pack 1), path: C:\Users\Johannes\AppData\Local\Temp\{E44F8021-30A6-479B-ADD2-16F1C07895E4}\.cr\Setup.MBEndpointAgent.Full.exe
[1584:06FC][2018-02-22T06:25:01]i000: Initializing string variable 'NEBULA_URL' to value 'https://cloud.malwarebytes.com'
[1584:06FC][2018-02-22T06:25:01]i000: Initializing string variable 'NEBULA_ACCOUNTTOKEN' to value '3dbff039-f08a-4f05-9159-3eadbbd59878'
[1584:06FC][2018-02-22T06:25:01]i009: Command Line: '-burn.clean.room=C:\Users\Johannes\Desktop\Downloads\Setup.MBEndpointAgent.Full.exe -burn.filehandle.attached=212 -burn.filehandle.self=220'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\Johannes\Desktop\Downloads\Setup.MBEndpointAgent.Full.exe'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleOriginalSourceFolder' to value 'C:\Users\Johannes\Desktop\Downloads\'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\Johannes\AppData\Local\Temp\Malwarebytes_Endpoint_Agent_20180222062501.log'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'WixBundleManufacturer' to value 'Malwarebytes'
[1584:1884][2018-02-22T06:25:01]i000: Setting numeric variable 'WixStdBALanguageId' to value 1033
[1584:1884][2018-02-22T06:25:01]i000: Setting version variable 'WixBundleFileVersion' to value '1.1.2.0'
[1584:06FC][2018-02-22T06:25:01]i100: Detect begin, 3 packages
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{949D1792-E377-4348-8BC4-6D643EF49B21}'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'EA_INSTALLED' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{949D1792-E377-4348-8BC4-6D643EF49B21}'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'EA_INSTALLED_32' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Registry key not found. Key = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871'
[1584:06FC][2018-02-22T06:25:01]i000: Setting numeric variable 'KB2468871_NET32_INSTALLED' to value 0
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'NETFRAMEWORK40' to value '1'
[1584:06FC][2018-02-22T06:25:01]i000: Setting string variable 'NETFRAMEWORK452' to value '394806'
[1584:06FC][2018-02-22T06:25:01]i052: Condition '(NETFRAMEWORK452 >= 379893)' evaluates to true.
[1584:06FC][2018-02-22T06:25:01]w120: Detected partially cached package: msi86, invalid payload: msi86, reason: 0x80070002
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: NetFx452FullRedist, state: Present, cached: None
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: msi86, state: Absent, cached: Partial
[1584:06FC][2018-02-22T06:25:01]i101: Detected package: msi64, state: Absent, cached: Complete
[1584:06FC][2018-02-22T06:25:01]i052: Condition '(VersionNT >= v6.0)' evaluates to true.
[1584:06FC][2018-02-22T06:25:01]i052: Condition '((NOT EA_INSTALLED) AND (NOT EA_INSTALLED_32) AND (NOT WixBundleInstalled))           OR           (WixBundleAction = 3)' evaluates to false.
[1584:06FC][2018-02-22T06:25:01]e000: Malwarebytes Endpoing Agent is already installed, please go to add/remove programs to remove it, and run the installation package again.
[1584:06FC][2018-02-22T06:25:01]e000: Error 0x81f40001: Bundle condition evaluated to false: ((NOT EA_INSTALLED) AND (NOT EA_INSTALLED_32) AND (NOT WixBundleInstalled))           OR           (WixBundleAction = 3)
[1584:06FC][2018-02-22T06:25:01]i199: Detect complete, result: 0x0
 

Link to post
Share on other sites
  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.