Jump to content

oreonutz

Honorary Members
  • Posts

    43
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

987 profile views
  1. So I just double checked for you on 4 different configurations that are in front of me at this time. And as far as I can tell, this issue has not resurfaced. I have 2 PCs running Windows 7, both running MSE(Microsoft Security Essentials) and one is running Malwarebytes Corporate, the other is Running the Normal Pro version of Malwarebytes that is the most common version. Neither of these PCs have been running since the start of the Christmas Break, so they have both been off for almost 3 weeks, meaning both Malwarebytes and MSE needed to be updated on both machines. Neither PCs had any trouble updating MSE while Malwarebytes Ran, which tells me this bug, at least on these configurations, has not returned. I also double checked for definition updates manually, and then watched my firewall to see if it actually reached out to Microsofts server, and it did. So no issues I could find. I also did the exact same test on my other 2 systems, only difference is they are both Windows 10 systems, but otherwise all other variables are the same, one Corporate and One Pro, both had been off for several weeks. However with that being said, 3 systems are fairly newly built Ryzen 2000 Series Builds, and One system was an Older 4th Gen i7 Built system, so that hardly scratches the surface on testing possible hardware configurations, so I don't doubt that you are experiencing a problem. I would want to investigate your situation further before jumping to conclusions, your issue could be caused by a endless number of possibilities. But if you are reasonably certain the problem is in fact Malwarebytes, you asked if there was a way you can turn of Malwarebytes, then Yes there is. Just open Malwarebytes up, turn off all protection, then exit the program. Then Malwarebytes will no longer be on, so if that was the problem, you can proceed with your update of MSE. Once MSE is updated, you can open Malwarebytes back up, and turn all protection back on. I would also make certain you update Malwarebytes all the way too, as having it up to date might fix the problem you are experiencing. I would also make sure to completely Uninstall all other software virus scanners other than Malwarebytes and MSE. You also asked if MSE and Malwarebytes are compatible with each other, yes they are. They are the best to security programs to use together, and all you need in most circumstances. With that being said, Microsoft does not OFFICIALLY support MSE running at the same time as any other anti virus program, but in practice it has ALWAYS played nice with Malwarebytes, except for the one or 2 times bugs were accidently introduced, but both times the bugs were fixed, and they have always gone back to playing nice with each other afterwards! Anyways, I hope that answers all your questions. Just keep both updated and you should be fine, if you still experience issues, look to make sure there isn't some other anti-virus or software firewall installed that is causing the issues for you!
  2. So the problem is I have also gone Thermal Nuclear but have still got the problem of not being able to change the home page in Safari. I have deleted EVERYTHING having to do with Safari and Google in the User Library and even the Library, and of course got rid of the profile in preferences, and it STILL will NOT let me change the home page in Safari. When I reinstalled Google, Google was fine, works great and no weknow nonsense, but I can't get Safari working again. Any help would be greatly appreciated. This Pup has certainly evolved in sophistication, and nothing I have found online or done has helped restore Safari.
  3. Have you found a work around for this? I have been going INSANE!!! I also have a client with the weknow.ac, I successfully got rid of all the malware, but I CAN NOT change Safari back to using a normal home page. Of course I got rid of the THREE Profiles it created in System Preferences, so now I can edit the home page, but the send I press Enter after typing in a new URL in the Homepage, it goes right back to the weknow url. I have DELETED EVERYTHING having to do with Safari in the Users Library Folder and rebooted, and it STILL somehow remains. PLEASE TELL ME you found a solution to this messed up problem David and Treed? Appreciate any help you guys are able to give!
  4. I can't answer that. I went into panic mode as soon as I found out this was a problem a few weeks back, and made it a point to login to every single Win7 workstation running MB Corporate and MSE, and added the exclusions to minimize productivity loss with all clients. That act stopped all out Chaos for my Modest IT Consulting and Support Business. However, my belief that it was not effecting MB Premium (or home) users came back to bite me, as increasingly more and more Workstations are being effected by this conflict as well. And that is where I first thought the same thing you just mentioned; this didn't seem to be effecting ALL users. With MB home users, at first it seems to be completely random, some seem to need the exclusions, others seem to be fine without them. However I have noticed that a lot of my home users tend not to update their MB. MB is supposed to update itself, but when a version update comes out, instead of automatically updating it prompts the client to hit ok and approve of updating the version, and the client never does, and that's when it starts to get really out of date. In those cases those users seem to not be effected until MB is finally updated, and even then the problem doesn't seem to effect them right away. It seems to take hold after they update the version build of MB, then update definitions, then restart, then a MSE scan. They always seem to be effected after all of those conditions have been met, and then a MSE scan is triggered then all hell breaks lose. I was testing on a computer that had not been effected just a few days ago, and it wasn't until after update, restart, and then MSE scan that the lock up started happening, so maybe that's why not all users are experiencing it. Some might need version updates to MB to be installed, and because those version updates have never happened they are behind on their definitions. Others might have theirs updated, but have never restarted since their new MSE definitions have been installed. It seems to take a restart to ensure the problem to kick in. And then some clients have the default of only one MSE scan a week, which is defaulted to Sunday at 2am, so their problems don't seem to be noticed until the Monday Morning after all those conditions had been met and then their scan finally triggered the problem. As a precaution, since it does seem to bite us sooner or later, I would probably take the time to add the exclusions on all of your workstations, even the ones that haven't shown problems yet, because it seems to be inevitable that they will one day have the lockup, I believe it's just a matter or having to meet the right conditions for the problem to take effect.
  5. I really hope that is not the case. Especially since there is no one real time engine that is good enough to catch all threats... And it is so crazy, considering that before the problem crept up on us a few weeks back, we all seemed to run this same combination for years before running into a problem. Now I do run the same managed version or Viper on several other machines. We manage the entire BBB call center and main office out here in Las Vegas, NV, and their entire office of around 50 Workstations and a sever use the Managed Viper and MB Endpoint combination, all on Windows 7 64bit Pro and Server 08, and has No problems whatsoever, so far it is just this one workstation I have seen with the Conflict with Viper, so hopefully it has more to do with the setup on this one workstation, and we don't start seeing another trend arise. I just wish we would find a way to solve the problem within MB and MSE so we can all go back to the combination we are comfortable with and know works. If not, it may be time to come up with a new combination. I personally just don't trust another piece of anti Malware software like I do MB, and their is not another AV software out that works so well and takes so little resources to run like MSE. Hopefully someone can point a few out for us to test that play nice with MB. Just no Symantec or McAfee or Avast or AVG please, lol. I am sick of advertising and resource hogging...
  6. I meant to type that in yesterday, but I guess I never hit submit. Now I can confirm that this is happening with not only MSE. Yesterday I had the same exact lockup issue with a computer that has never had MSE. It ran MBAM and MBAE, and only recently had a managed version of Viper installed, and had conflicts with this as well. I cannot confirm that it was a direct conflict with MB as I didn't have time to run tests. I can confirm that Uninstalling MB completely seemed to help. Ultimately I Uninstaller Viper and reinstalled MB and installed MSE with exclusions, and the workstation was fine. But the initial lockups were exactly like the MSE/MB Lockups, and I seemed to gain control only initially after Uninstalling MB in safe mode. It was weird seeing the same problem without MSE being present. It now makes me wonder if this was a chance initiated by updates to both MSE and MB...
  7. I too have now been seeing lock ups, but only on Servers running 08 and 2012. In 3 cases MSE has had exclusions added, and Malwarebytes Corporate also had the exclusions added. In one case MB wasn't even activated, it was a client I recently took over from another IT company, and apparently they were just using MB Corporate to manually scan. Even in that case the Server would lock up each night when MSE started its scan. After a crazy amount of testing I finally disabled real time protection, and its back to normal. Before disabling MSE real-time protection I completely Uninstalled Malwarebytes and the problem still persisted even after a restart, and there is no other Anti Virus installed on that particular server, so now I am starting to believe that this may be a conflict with more than just MB. The other reason I believe that is the final 2 servers I have been having trouble with, one 2008 and one 2012, have no MB installed on the machines whatsoever, and both have MSE installed as the only means of protection, and both of those servers are locking up when their Nightly scans kick in. I have completely disabled MSE real time protection as a temporary measure while I diagnose and find out with what MSE is conflicting with now, but this is clear to me that MSE is becoming more trouble than it is worth. Also I have noticed several of my home based business clients who chose to run Malwarebytes Premium instead of corporate are starting to run into locking up issues now as well. I have noticed with those I need to add every process in the Chameleon Folder as an exclusion before the computer becomes responsive again. Microsoft has really messed up here, and I doubt it's going to end with just conflicts with MB...
  8. My norm for Servers is to just run Immunet only. It usually does a superb job of keeping servers clean, I recently within the last 6 months started to use MSE and MB, because I had an instance of a nasty piece of ransom ware slip past immunet on a server and distribute itself across the entire network and the only thing that saved me was MB Corporate was installed on every machine on the network and it actively killed the ransom ware on the individual machines and neutralized the source on the server because of a mapped Network Drive on a workstation that I used to remote into the server and run maintenance, so it had full rights and was able to delete the file being spread, long enough for me to bring down the server and do a full clean and restore from backup. Basically, I got lucky. And that's when I decided to use the same combination on Servers that I do on workstations, but now this problem... It's frustrating and I wish Microsoft would just fix their definitions not to attack legitimate software...
  9. I too have now been seeing lock ups, but only on Servers running 08 and 2012. In 3 cases MSE has had exclusions added, and Malwarebytes Corporate also had the exclusions added. In one case MB wasn't even activated, it was a client I recently took over from another IT company, and apparently they were just using MB Corporate to manually scan. Even in that case the Server would lock up each night when MSE started its scan. After a crazy amount of testing I finally disabled real time protection, and its back to normal. Before disabling MSE real-time protection I completely Uninstalled Malwarebytes and the problem still persisted even after a restart, and there is no other Anti Virus installed on that particular server, so now I am starting to believe that this may be a conflict with more than just MB. The other reason I believe that is the final 2 servers I have been having trouble with, one 2008 and one 2012, have no MB installed on the machines whatsoever, and both have MSE installed as the only means of protection, and both of those servers are locking up when their Nightly scans kick in. I have completely disabled MSE real time protection as a temporary measure while I diagnose and find out with what MSE is conflicting with now, but this is clear to me that MSE is becoming more trouble than it is worth. Also I have noticed several of my home based business clients who chose to run Malwarebytes Premium instead of corporate are starting to run into locking up issues now as well. I have noticed with those I need to add every process in the Chameleon Folder as an exclusion before the computer becomes responsive again. Microsoft has really messed up here, and I doubt it's going to end with just conflicts with MB...
  10. Sorry to double post, I forgot to quote in the first one, and figured I could delete my first post, but it seems, at least at first glance, that there is no option to delete the post.
  11. So Malwarebytes Corporate uses The ', Malwarebytes Home Doesn't. You can change it to take out the apostrophe when installing it, but the default install path inside program files includes the apostrophe, and once it's installed with the apostrophe, yes it is needed. However you can Uninstall it, and then reinstall it with the new path, and rename it to not have the apostrophe included, and then you will not need it.
  12. That may work, but it's not really a solution, most of us use Malwarebytes because we see the other Anti Virus just isn't enough. It's messed up that Microsoft is trying to force us, and in some cases succeeding, to get rid of Malwarebytes altogether. Let's not forget it was a Microsoft Definition update that caused this problem to begin with. I guess if temporarily lowering your security is ok with you, then this solution would work, I would opt for getting rid of Microsofts anti virus, but I know MB doesn't catch everything on its own either, so we are left in a tough position. At the end of the day, as IT Administrators it's up to us to come up with a solution our environments can work with, but if security must be lowered, I strongly believe it is Microsoft who should take the hit, not Malwarebytes, and we should be letting Microsoft know it.
  13. Good Luck My Friend. And also remember it won't hurt to add multiple paths for the same process. So for instance if we are talking about MBAM.exe, I don't know the short name for that process off the top of my head but for a minute let's presume it's "c:\Program~1\Mbam.exe". Then since that ~1 might not work for another computer, another computers short name might be "c:\Program~2\Mbam.exe". So to save yourself the trouble you should add both paths to your exclusions list, and do this for all possible short names on all of MBAM and MBAE's processes. This will be a long exclusion list, but it will only apply to the path that the individual computer recognizes, so all the extra exclusions won't hurt, it just makes it so you can have one policy for all workstations on your networks, no matter what short name MB's might use. I am not always good at explaining things, but I hope that makes sense and helps. Let us know how it works out.
  14. So I just re-read your post before last, and realized that must be the difference. Going through all the posts I have read on this thread of people still having problems, it looks like what you all have in common is you all run MSCE or another managed version of Microsofts Security Essentials. That has to be it. I use the Managed and Unmanaged Enterprise Malwarebytes depending on the client, but every single one of my clients uses the regular unmanaged version of MSE. From my understanding the managed versions of MSE won't allow you to add the ' in the exclusion list so you have to use the short name, I am willing to bet that the problem is with that short name. I wonder if you could test on a single computer that is still having the issue to go on that computer and manually add the exclusions, turn back on real-time protection in both MSE and MB, and see if the problem is fixed. As I do not use MSCE I am not familiar with it, so I am not sure if you can add exclusions to a single computer, but if you can, I would try it, and see if the problems persist. If they are fixed after that, maybe it's possible to create a policy based on that machine. I know from your prior post a few days back that you believe you had gotten the short form right, but I would be willing to bet it's still somehow the problem. Either with the short name being wrong on some machines but not others, or just an error with using short names all together. I could be wrong and it could just be that MSCE can't be fixed with exclusions, but something tells me it can. From what I can gather the reason the lockups happen is because MSE is now targeting MB's chameleon, and because chameleon won't allow changes to it, the computer locks up. So if that's true, when a scheduled MBAM scan starts, chameleon or another MB process is again targeted by Microsofts Real Time Protection, and the lock up starts. So if this is all true, then I would place money on the fact that for what ever reason in the case of those still having issues, MSCE's exclusions aren't doing there job. If possible I would pull one machine that is still having issues, and add the exclusions manually and see if it makes a difference. And if it does work, find a way to make your policy reflect the changes. Remember you can add paths in the exclusions list that don't exist. So if you have to add multiple short name versions, one with ~1, ~2, and so on, it your policy it won't hurt, it will simply only apply the exclusion for the short name that applies to the path the machine recognizes.i would be willing to bet that the short name changes per computer, so it might be best to make a list of all possible short names, and add all the processes to your exclusions list. I hope my train of thought helps you on this and isn't completely useless to you. Good Luck.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.