Jump to content

Veeam Backup Error with MEP on Windows Server

Recommended Posts

I have a few VMs running Windows server 2012 and 2016 that receive an error (see below) due to a locked file caused by Malewarebytes Endpoint Protection client.  This file is created by Veeam Backup and Recovery during the backup of my VM (C:\Windows\VeeamVssSupport\VeeamGuestHelper.exe) but becomes locked and will not allow Veeam to delete the file when the backup process is completed. Then from that point on all backups fail. rebooting the VM is the only way to get MEP to release the file so I can delete it and, backup will work once again. 

In attempt to fix the issue I logged into my cloud account and attempted to create exclusions to stop MEP from scanning this file but nothing worked.

I tried:

- File by path: *VeeamGuestHelper.exe*

- Folder by Path: C:\Windows\VeeamVssSupport\*

- File by Path: C:\Windows\VeeamVssSupport\VeeamGuestHelper.exe

None of these resolved the issue. I did uninstall MEP on the server instances and Veeam backup worked perfectly after. As soon as I installed MEP again, within a day or two the issue occurred again. Strange part is I have MEP installed on 20 windows servers, all backed up with the same Veeam Backup software. but, I only seem to have issues on 3 servers repeatedly. Which makes it even that much more difficult to troubleshoot.

Any ideas to try? How can I tell if the exclusions are being sent to the host server?



7/28/2020 1:51:15 AM :: Processing GMS Intranet Error: Cannot upload guest agent's files to the administrative share  [\\GMS-INTRANET.GMSMRM.local\ADMIN$].
Cannot copy file. Source file: [C:\Program Files (x86)\Veeam\Backup Transport\GuestInteraction\VSS\VeeamGuestHelpers\VeeamGuestHelper_X64.exe]. Target file: [\\myserver.mydomain.local\ADMIN$\VeeamVssSupport\VeeamGuestHelper.exe].
CopyFile() failed.
Win32 error:Access is denied.
 Code: 5  


Link to post
Share on other sites

  • Staff


I'm sorry you're experiencing trouble with the software, but we will do our best to help.  First, I would just like to make sure that we know which client software you are running on your servers.  Is it the same Endpoint Protection client you run on non-server systems, or is it the version specifically for servers described here?

Additionally, what happens if you disable the Ransomware Protection component, does the issue go away?  If not, does disabling any of the other protection modules alleviate the issue?

Please let us know.


Link to post
Share on other sites


Thank you for your response. I am running endpoint client v. on the servers. At the time of purchase for these licenses I was not aware there was a different protection available specifically for servers. If that is not what I am licensed for then I will want to get them changed over. to answer your question, if I uninstall EP then the problem does go away. With my current setup, I do not see a place where I can disable the Ransomware competent. More to your other point. How can I tell which version of EP (desktop or server) that I currently have?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.