Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. Please try running the special build of Malwarebytes Anti-Rootkit as instructed in this topic (if it doesn't work in normal mode, then please try running it from Safe Mode with Networking). Scan with it and have it remove anything it detects then reboot to complete the removal process if prompted. If any issues still persist, then please try running ADWCleaner and scan with that, again restarting to complete the removal process if any threats are found. If the problem still isn't resolved then please read and follow the instructions in this topic as best you can then create a new topic in the malware removal area including the requested logs and info by clicking here and one of our malware removal specialists will assist you as soon as they are available.
  2. Excellent, I'm glad to be of service If you need anything else just let us know. By the way, in case you guys were curious, whenever you exclude a blocked website in Malwarebytes, that exclusion does not extend to files downloaded from that site, so if they are detected by any of Malwarebytes components then you'll need to either disable the component detecting it (such as Malware Protection in this case), or exclude the file itself from being detected (though as I mentioned before, with installers it can be tricky since they might extract their individual files to other locations during the installation process, so it's generally simpler to just temporarily disable protection, install the software, then re-enable protection and then create any necessary exclusions for the final installed software). Also, if you'd like to learn more about how the individual layers/components in Malwarebytes work at different phases to protect you, then I'd recommend checking out the info on this page as it provides a great overview of how it all works.
  3. You're welcome I'm honestly not sure if it was the new release that caused these FPs or just a signature/database update as the old versions of ADWCleaner certainly should have been fully capable of detecting these kinds of entries before now as they're just simple registry keys.
  4. For installing software, since installers are essentially just scripted archives that frequently extract files to one or more temporary locations during install, excluding them preemptively can be difficult if not impossible so the simplest solution would be to temporarily disable the Malware Protection component in Malwarebytes or temporarily turn off detection for PUPs (Potentially Unwanted Programs), install the software, then perform a Threat scan with Malwarebytes via the Scan Now button located on the Dashboard tab in the main Malwarebytes UI. Once the scan completes, click the checkbox at the top to uncheck all detected items, making certain that all of them belong to ASC (you obviously don't want to accidentally exclude any actual threats) then click Next and once the prompt is displayed asking what to do with the remaining/unchecked items, click Ignore Always and the program's files, folders and registry data will all be excluded from detection in the future, that is assuming your existing exclusions do not already cover the beta installation (a new program version means they might have changed one or more items/locations, so new exclusions may be necessary). In the future, follow the same procedure of temporarily disabling Malware Protection or PUP detection in Malwarebytes whenever you are going to run an installer which is detected as PUP by Malwarebytes. I hope this helps.
  5. Excellent, I'm glad to hear it I heard back from the Developer and he explained that since Java often spawns multiple processes (java.exe, javaw.exe, j2...exe, etc.) and that since the detected process needs to be unloaded/re-loaded for the exclusions to take effect, that could be the cause of it (the Anti-Exploit component works by injecting its DLL into protected/shielded processes, so to apply exclusions the shielded app, in this case Java, needs to be closed and re-launched).
  6. Usually how it is done is they analyze some legit/working keys and use custom software along the same lines of what a hacker would use to figure out passwords and they feed in the legit keys and the software eventually determines an algorithm or pattern to create working keys (i.e. keys that the Malwarebytes product will activate with/recognize as legit). That said, the reason they usually have to sell the old style/format licenses which use both an ID and Key (the MB 1.x/early 2.x format) is because since 3.0 and the creation of the online license activation and management system, every key generated by the company is tracked and accounted for so the company has a copy of and documentation on every single key they issue now, so they know when it was created, who it was created for (i.e. which vendor, reseller or retail box product etc.) and can trace its entire history from when Malwarebytes created it to when it reached a customer after purchase. The older keys weren't like that and were just created using the algorithm I mentioned so back then the software would activate and work with any key fitting the right pattern/algorithm. So these scammers are generally using key generators which is that software tool I mentioned that spits out keys that will activate the software. The trouble is, since Malwarebytes now keeps track of every valid key they create, it's much more difficult for the bad guys to create keys that will actually work long term. They may work temporarily, but as soon as the system does a check on the key to validate it via Malwarebytes online database of known good keys, it has the potential to be flagged as pirated and blacklisted. That said, I don't know if Malwarebytes has every invalid key automatically blacklisted right from the start or if they offer some kind of temporary grace period, though I suspect the latter otherwise the individuals selling these bad keys would probably stop offering them as they wouldn't work at all any more. I also believe that they either automatically or manually flag/blacklist keys that show up more frequently more quickly (i.e. pirated keys that end up being used a ton of times all over the world, which is usually the result of some shady download via something like a Bittorrent client or warez site (a website where things like software cracks/keygens and pirated license keys are found; which often also contain malware of some kind, usually in the form of a Trojan, either in the crack/keygen itself or the special build of the pirated software they provide if such is required for their pirated license to work (i.e. a special cracked build of the pirated software which also includes embedded Trojan functionality to infect the systems it gets installed on with some kind of infection)). Some of them even publish keys on places like YouTube, and because of this, those tend to be rather easy for the company and the automated license tracking system to spot as the more people who access and use a key, the more obvious it becomes that it is pirated. Honestly, Malwarebytes always has been and continues to be far more lenient on piracy than most other vendors, and far more generous than they have to be given the license tracking system they now have in place. The reason I say this is because based on the database I mentioned earlier where the system keeps track of every single key the company creates/issues for sale, they could just automate it so that none of these pirated keys would work to activate the software at all so that as soon as the system goes online, which it must do at some point to fully activate the license, similar to how you have to activate Windows online eventually even after entering a valid key, the system would know that the license being used is a fake/pirated key and could shut down protection and blacklist the key right then and there so that it could never be used to activate the software again. But you don't hear about that sort of thing happening too frequently, and usually, at least based on what I've seen and heard from others, even when a user has a pirated key that they purchased, the company is really good about giving them a chance to go legit by giving them time to keep the paid features so that they can stay protected and then renew their license from a legitimate source to keep their protection after that. Most companies just block all fake/pirated keys right off the bat and offer no such grace periods and expect anyone who uses a pirated copy/license to pay full price immediately if they wish to continue using the paid features. I think that says a lot about where Malwarebytes' priorities are as a company that they're willing to sacrifice money like that and prioritize keeping people protected over trying to force them to pay immediately.
  7. Unfortunately no, there is no single database file for Malwarebytes. It, much like most modern AVs, now uses multiple database files. I don't know offhand what names they go under now as I didn't keep up with all of the changes after version 2.x, but I suspect they are all located somewhere under Malwarebytes ProgramData folder as that is where it stores most of its data and configuration files.
  8. If that app requires that scanners use a single static defs file then Malwarebytes is incompatible as it actually uses several separate databases for various components in the engine and various categories of threats/PUPs/PUMs/rootkits etc. It hasn't used a single comprehensive database file since the Malwarebytes 1.x consumer version days several years ago (back then it was called rules.ref), but since then the entire engine and program has been rewritten from the ground up to use a much more modular structure, including multiple databases for the various modules and purposes I mentioned.
  9. Actually, unlike Spybot Search & Destroy, Spywareblaster doesn't use the Windows HOSTS file at all to block malicious sites. It just uses the restricted sites list for Internet Explorer (located under the various HK**\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zonemap\Domains keys in the registry) as well as the ActiveX Killbit as implemented by Microsoft since XP. It also performs immunization for Firefox, though how it accomplishes that I am not certain, though I suspect it is by a similar means as what is used for Internet Explorer's restricted sites, though likely through some kind of text based config file. As for this FP, it's actually not that big of a deal and is something I've seen several other scanners in the past FP on, so ADWCleaner is far from the first (in fact, the first time I saw this it was being detected by eTrust/CA PestPatrol back in the day long before Malwarebytes or ADWCleaner ever existed). I'm sure they'll either have the issue corrected promptly or will temporarily back out the defs causing the detections until the issue can be resolved by implementing more robust, conditional detection for these kinds of registry entries as I suggested they do above. Either way I will be submitting the details of this issue to the team in my report this Friday so they will hear about it.
  10. Greetings, All lifetime license sales were discontinued around 3 years ago when Malwarebytes switched over to a yearly subscription model so the only way for a vendor to have any lifetime keys would be if they still have copies of the old boxed retail Malwarebytes Anti-Malware product from that time period which at this point is pretty unlikely. With that said, unfortunately there is no way to know for certain if what you are being sold is legitimate or not so the key, if it is pirated, could end up being blacklisted at any time once the Malwarebytes licensing system identifies abuse which is why it frequently occurs that such keys work for a while but then end up failing at some point because the licensing system notices that the key has been activated hundreds or thousands of times all over the world (an obvious sign that it is pirated) which could happen at any time and all depends on how many people they've sold or given that key to, where they got it (as they might be obtaining them from a key generator or from illegal downloads online that include pirated keys to activate them). The only way I might even consider purchasing would be if they were selling sealed boxed retail versions which had the key sealed inside and provided me with the box, tape still intact/not re-sealed (though none of the vendors I've seen selling it do that; they're usually just selling keys meaning the source of the keys is likely not legit). Because it is very likely to be fraudulent, I would highly recommend not purchasing from such vendors as the probability of their keys being legitimate and actually working for life is extremely low. If you already purchased a key and want to check on its status, aside from just activating the software, you may contact Malwarebytes Support via the options on this page and they can lookup the key to see if it appears to likely be pirated or not and maybe just hasn't been blacklisted by the automated system yet (i.e. hasn't been activated enough times/in enough different places simultaneously yet). Also bear in mind that Malwarebytes tends to be very generous when it comes to issues like this. They don't want you to lose out if possible, and while they no longer issue any lifetime licenses, they often will offer at least a free year subscription for Malwarebytes 3 so that you still feel like you got something for the money you spent and don't end up without protection on your system even though they don't get any of the money you paid to the vendor when you bought the pirated lifetime license. If there is anything else we might assist you with please don't hesitate to ask. And just remember, if something sounds too good to be true, it probably is, and this is usually the case with these vendors claiming to still have legitimate lifetime licenses for Malwarebytes after 3 years of not being issued any more. Thanks
  11. I've dealt with issues like this in the past where the blocks created by Spywareblaster and Spybot were flagged as threats. It's usually because some malware a long, long time ago would deliberately add malicious sites to the trusted sites list in the registry (Zone 2) and rather than looking at the actual value data (the number that assigns the zone for that particular site), they would flag any entry for malicious sites contained in their databases because additional logic beyond the scope of basic binary detection (1=malicious site data exists in the registry under the Zonemap\Domains registry key=detect as threat, 2=malicious site data does not exist in the registry=detect nothing) and it would require implementing conditional detection capabilities (if 1 & if value data is not 4 then detect as a threat, if 1 & value data is 4 then do not detect as a threat). It sounds more complicated than it actually is, but for the Developers they will understand what I'm saying and should act upon it accordingly. As for you and I, for now the best thing to do would be to simply check one or two of the detected entries in the registry and if you see the value data set as 4, that means it is safe and was added by Spywareblaster or Spybot because 4 means it is in what Microsoft refers to as the "Restricted Zone" where websites in that zone are the opposite of the "Trusted Zone" so they are not allowed to run scripts on their webpages, are not allowed to execute any ActiveX controls (Flash Player etc.) and many other security restrictions that essentially block them from being able to do harm (pretty much everything short of completely blocking access to those sites, where if that were the goal, they'd add the sites to the HOSTS file as Spybot does for some websites via one aspect of its Immunize function). So if you check the entries detected by ADWCleaner and find that it is as I described (image below) then you should just right-click on it and select Add to Exclusion List (a new feature added in ADWCleaner 7.2.2). I did and here is what my exclusions list now looks like (I added the entire categories to my exclusions list, not each individual detection one by one as I knew they all came from the same FP/source as my system is clean): Once this false positive is corrected, or until these particular defs are pulled from ADWCleaner's database awaiting new engine capabilities to allow them to properly whitelist such entries, I would advise you do the same as I did as the probability that an actual threat would add entries to to Zonemap\Domains registry keys is extremely unlikely, especially since modern malware/adware etc. is far more focused on targeting more popular, modern browsers like Firefox and especially Chrome now that they are used more prominently than Internet Explorer, and since these settings have no impact on those browsers, it is unlikely that the bad guys would bother using them to try and add their sites to the Trusted Sites list in IE (which is why ADWCleaner is detecting them, because it just looks for entries for those sites, assuming they are there with a value data of 2 which would place them in the Trusted Sites list for IE).
  12. Confirmed, I found the same (as well as many of those added by Spybot S&D via its Immunize function/feature which uses the registry restricted sites, the IE ActiveX Killbit implemented by MS as well as the HOSTS file for blocking/restricting access to malicious web content). An exclusion rule/whitelist should be created to not detect such sites when contained in the restricted zone (zone 4) for the Zonemap\Domains registry keys (HKLM/HKU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zonemap\Domains sub-keys) when the value data is set to 4 which denotes the Restricted Zone as documented on the following Microsoft sites: https://support.microsoft.com/en-us/help/182569/internet-explorer-security-zones-registry-entries-for-advanced-users https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/platform-apis/ms537183(v=vs.85) If more detailed info is required such as scan logs etc. please let me know and I will provide them, however be aware that these restricted sites databases are constantly changing so whitelisting specific entries is most likely not a viable long-term solution and instead logic should be developed which can tell the difference between a site being included in the Trusted Zone and the Restricted Zone. The following table is taken directly from Microsoft's own documentation on the various security zones and their equivalent value data for the Zonemap\Domans registry keys:
  13. There's nothing wrong with using any of the software I tested, even those which are deliberately targeted as PUP. The term PUP means Potentially Unwanted Program, meaning it is completely subjective, so if a user installed an application categorized as PUP deliberately and wants to continue using it, that's up to them, it is their system after all. Nothing detected as PUP would do anything truly malicious, as such activity would get it reclassified as actual malware and detection would not be optional so Malwarebytes would flag it as a threat and tag it in red rather than orange. Now, specifically with regards to Windows Slimmer, that is correct, it is not deliberately being targeted. It just got caught in the crossfire via some of the defs being used to target other Auslogics software which are categorized as PUP so you should exclude these detections to prevent detection until the team gets the issue resolved. The new version of ADWCleaner makes this easy. Just run a scan and when it completes, right-click on each listed entry and select Add to Exclusion List and it should no longer be detected in future scans by ADWCleaner.
  14. Greetings, Would each of you please do the following so that we may take a look at what's going on with your Malwarebytes installations and your systems?: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Also, does disabling the Web Protection component allow the software to work? Please provide the requested ZIP file and let me know what happens if you disable Web Protection. Thanks
  15. Greetings, For licensing issues it is best to contact Malwarebytes Support directly. You may do so via the options on this page. If there is anything else we might assist you with please don't hesitate to ask. Thanks
  16. OK, I've done some testing and here are the results. Note: for speed of testing I unchecked any additional software checkboxes during installation, unchecked the option to launch/run the software after installation (which might have created additional entries once launched as some software does in the registry and/or on disk), unchecked the options for any startup items to launch the installing software on boot, and unchecked the option to place a shortcut for the software on the desktop whenever the installer provided these options so it is possible that these additional items/entries may have been flagged by either or both scanners, however I believe the results I did obtain are sufficient to illustrate what is happening with these detections. Malwarebytes 3 detects Auslogics Driver Updater as PUP.Optional.Auslogics It does not detect BoostSpeed, Registry Cleaner or Windows Slimmer Malwarebytes 3 does detect several components of BoostSpeed following installation as PUP.Optional.AuslogicsBoostSpeed and one component as PUP.Optional.AuslogicsDiskDefrag (likely because it is a shared component between the two programs, both of which are detected as PUP by Malwarebytes 3). ADWCleaner 7.2.2 detects the following items from a Windows Slimmer installation: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics C:\Program Files (x86)\Auslogics HKLM\Software\Wow6432Node\Auslogics (in a 32 bit OS this would be HKLM\Software\Auslogics) All 3 items detected by ADWCleaner for Windows Slimmer are detected as PUP.Optional.AuslogicsDriverUpdater meaning my hypothesis was accurate. Windows Slimmer is not being deliberately targeted and these signatures causing these detections were created specifically to target one of Auslogics other programs which does fit the classification of PUP as defined by Malwarebytes: Auslogics Driver Updater (reference this page, this article, these search results from the online threat database, this entry and this entry), although the database items referenced are specific to Malwarebytes 3, they do reflect the overall policy of Malwarebytes as an organization when it comes to the PUP classification. ADWCleaner 7.2.2 detects no components from Auslogics BoostSpeed (likely due to the fact that they are already covered by Malwarebytes 3 and the two tools are designed to overlap as little as possible so that they targed different PUPs). Malwarebytes 3 detected 1 item from Auslogics Registry Cleaner; a single URL shortcut located in the START menu which it flagged as PUP.Optional.AuslogicsBoostSpeed; none of the other entries from Registry Cleaner were detected. ADWCleaner 7.2.2 detects the following components from Auslogics Registry Cleaner: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics C:\Program Files (x86)\Auslogics HKLM\Software\Wow6432Node\Auslogics (in a 32 bit OS this would be HKLM\Software\Auslogics) All 3 items detected by ADWCleaner for Auslogics Registry Cleaner are detected as PUP.Optional.AuslogicsDriverUpdater just as before witht the items detected for Windows Slimmer so my hypothesis is looking good. Malwarebytes 3 detected the following items for Auslogics Driver Updater: C:\Windows\System32\Tasks\Auslogics\Driver Updater\Scan C:\Windows\System32\Tasks\Auslogics\Driver Updater HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Auslogics\Driver Updater\Scan HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{807AE176-7A36-4359-9FE0-B515E74A98E1} HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{807AE176-7A36-4359-9FE0-B515E74A98E1} All items detected by Malwarebytes were classified as PUP.Optional.AuslogicsDriverUpdater Note: the installer for Driver Updater is detected as PUP.Optional.Auslogics by Malwarebytes 3. ADWCleaner 7.2.2 detects the following components from Auslogics Driver Updater: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_is1 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{807AE176-7A36-4359-9FE0-B515E74A98E1} HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{807AE176-7A36-4359-9FE0-B515E74A98E1} HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Auslogics\Driver Updater\Scan C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics C:\Program Files (x86)\Auslogics C:\Windows\System32\Tasks\Auslogics HKLM\Software\Wow6432Node\Auslogics NOTE: the first 4 items listed were detected as PUP.Optional.Auslogics while the last 4 items were detected as PUP.Optional.AuslogicsDriverUpdater which means that ADWCleaner is targeting the entries using separate signatures and classifications which may indicate that the former are being targeted deliberately for more than one program (if, for example, the same entries are created by one of their other programs like Auslogics Disk Defrag which I did not test as a part of this analysis). So I hope this helps clear things up and to summarize, Windows Simmer is NOT being targeted deliberately by ADWCleaner and is being detected due to a collision in the defs being used to target Auslogics Driver Updater so this has nothing to do with any checkboxes or bundled/optional/additional applications in Windows Slimmer's installer or the program itself beyond the fact that it shares several key installation points with another program, Auslogics Driver Updater which is detected/targeted deliberately by ADWCleaner so to rectify this, either the signatures in ADWCleaner must be adjusted to target sub-directories/sub-keys of the parent keys/folders being detected to avoid this and other similar collisions with other Auslogics software, or Auslogics other software needs to somehow be whitelisted if possible so that only the one(s) deliberately being targeted by ADWCleaner will be detected. I hope that this analysis will prove useful.
  17. First, what was checked or unchecked is irrelevant. That's not how detection works for items classified as PUP. Second, if Windows Slimmer is being targeted deliberately that's one thing, but the contents of this discussion lead me to believe that this is not the case which means the most likely reason for those 4 detections is due to a collision in the signatures being used for targeting something else with the most likely culprit being one or both of the other programs I mentioned since they are all from the same vendor (it's a common practice for vendors to often use the same registry and folder paths for their software, especially for storing settings and data), so if that is the case then the Malwarebytes Researchers who manage ADWCleaner must create an exception in the defs for this program so that it isn't detected by mistake any longer, again, assuming that is the case and it isn't being targeted deliberately. By the way, have you tried the recently released version of ADWCleaner, version 7.2.2? It was just published yesterday so it might actually already contain a fix for this. It's worth a shot if you haven't checked it yet. I'm downloading it now along with Windows Slimmer to see what it's detecting, then I'm going to check on a few of Auslogics other programs like BoosSpeed, Registry Cleaner and Driver Updater (the most likely 3 to be classified as PUP by Malwarebytes and/or ADWCleaner) to see what paths they use and discover if my theory is correct about shared paths between them and Windows Slimmer.
  18. They're likely being detected because they are the same as ones installed by one of their other products that is detected as a PUP such as BoostSpeed or Driver Updater (both of which I believe are flagged as PUP) so they might need to adjust the defs accordingly as not to flag them when installed by this app. As for the checkboxes in the installer, that's irrelevant as far as Malwarebytes is concerned. Because most users do not take the time to read installers to uncheck such items when they are checked by default, they end up with additional software that they did not intend to install, so installers that behave this way are categorized as PUP and flagged as bundled installers. With regards to the results from those other scanners, they don't really apply. ADWCleaner isn't a malware scanner, it is specifically focused on adware and PUPs, not malware unlike the other scanners you checked with, none of which are as aggressive against PUPs as Malwarebytes.
  19. You're welcome. If it's any consolation, the Ransomware Protection component is about the least proactive/preventative of all the protection components since, unlike all the others, it must wait for you to actually get infected to become useful since it looks for ransomware activity (i.e. files being encrypted). I usually keep it turned off on my own system for similar reasons, because it does have a tendency to cause more performance issues than the others, likely because of all the constant process activity monitoring it must do to function properly and I'm very confident in the other modules to prevent any threats getting into the system anyway. You can see what I mean by referring to the diagram and information on this page. It explains in a simple way how all the various layers of defense in Malwarebytes 3 work. Ransomware Protection is the Behavior Monitoring layer in the diagram, which you'll notice resides at the very last stage just before the Remediation Engine which is what they're calling the scan component.
  20. OK, thanks,. It was worth a shot. Unfortunately that means that for the time being you'll need to disable Ransomware Protection when playing your game to avoid the issue until the Developers fix it in an upcoming release.
  21. Yes, it is updating the detection signatures/definitions, however it is not necessarily installing the latest program updates as they are not always provided when the software checks for updates on its own due to the gradual release of such updates to users. Please make sure that you have the same versions as I do: If you are already fully updated, then please try restarting your computer to see if that fixes the problem with protection. If it does not fix the problem, then please do the following so that we may take a look at your installation and settings to try to determine what might be causing it: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
  22. OK, thanks. I will inform the Developers of the issue and we will let you know if any additional information is required for them to track down the root cause of the problem so that they can get it fixed in a future release.
  23. Greetings, It sounds as though perhaps the system is suffering from a corrupt registry. This can happen from time to time, especially if the system ever fails to shutdown properly such as during a power loss, and I suspect that suspending it as you've been and loading it back up constantly rather than rebooting it may also be contributing to it as the currently active registry hives would then be saved in memory and if anything went wrong during the suspend or start process that could easily cause such corruption to occur (if I'm right, it's not really your fault, just a problem with Microsoft not being as cautious as they should with their implementation of this feature; it wouldn't be the first time and likely won't be the last unfortunately). To fix this, the simplest way without losing too much of your existing settings and data would be to perform an in-place upgrade also known as a repair installation. Instructions on how to do so may be found here, though you may be able to do so without downloading the ISO and all that if your system includes recovery discs and/or a recovery partition or USB device that you can load Windows from. You'll first want to try it as illustrated in the link, however if it is not resolved afterwards, then you might need to try doing it without having it save your system settings, as that's likely where the registry is being retained which is what needs to be replaced, but try it their way first so you can see if you can keep as much as possible while still fixing the issue.
  24. Greetings, Please open Malwarebytes and go to Settings>Application and click on the Install Application Updates button and allow it to install any available program updates. Once that is complete, restart your system and see if it now works correctly or not. Please let us know if it works properly now or not. Thanks
  25. It does automatically update, however program updates are metered out gradually on a random basis so you won't always receive them right away, however using the Install Application Updates button forces it to check for/download any available program updates. Please try rebooting the system to ensure that the new modules are loaded into memory, then try running OneDriveSetup again to see if it now works. Please let us know how it goes. Thanks
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.