Jump to content

Recommended Posts

Two questions

1. why does malwarebytes go through the setup process again in order to update to a newer version? I've never experienced this with a program before. My antivirus software, it will just install the update in the user interface and then a restart is required. I'm assuming for mbam pro, it reinstalls and replaces itself. But it still seems kinda weird or improper. Can someone tell me why malwarebytes pro does this?

2. Every time i open MBAM Pro,my windows asks me if i want this program to make changes to my computer. I know this is attributed to the UAC for Win 7 but, why does MBAM Pro require this and not my antivirus software? What changes does MBAM have to make to my system that my antivirus software doesn't?

Link to post
Share on other sites

Two questions

1. why does malwarebytes go through the setup process again in order to update to a newer version? I've never experienced this with a program before. My antivirus software, it will just install the update in the user interface and then a restart is required. I'm assuming for mbam pro, it reinstalls and replaces itself. But it still seems kinda weird or improper. Can someone tell me why malwarebytes pro does this?

2. Every time i open MBAM Pro,my windows asks me if i want this program to make changes to my computer. I know this is attributed to the UAC for Win 7 but, why does MBAM Pro require this and not my antivirus software? What changes does MBAM have to make to my system that my antivirus software doesn't?

Turn off the UAC, it is WORTHLESS and a pain in the @SS!!

here are some other WORTHLESS programs !!! microsoft security essentials,,,windows defender,,,spybot search and destroy,,, norton,,, just to name a few on the top of the list!! lol

I can't begin to count how many computers I have fixed that were INFECTED while running the above programs!!

Just as long as you keep your windows operating system up to date and run a good anti virus program like AVAST and a good real time malware program like MALWAREBYTES and keep all of your programs up to date especially programs like java,adobe reader and flash etc etc you will be fine!! I promise!! ;)

Link to post
Share on other sites

Turn off the UAC, it is WORTHLESS and a pain in the @SS!!

here are some other WORTHLESS programs !!! microsoft security essentials,,,windows defender,,,spybot search and destroy,,, norton,,, just to name a few on the top of the list!! lol

I can't begin to count how many computers I have fixed that were INFECTED while running the above programs!!

Just as long as you keep your windows operating system up to date and run a good anti virus program like AVAST and a good real time malware program like MALWAREBYTES and keep all of your programs up to date especially programs like java,adobe reader and flash etc etc you will be fine!! I promise!! ;)

Thanks for the reply but other than discussing your thoughts on those progs and tips on protecting myself, do you know the answers to my questions? Anyone?

Link to post
Share on other sites

Turn off the UAC, it is WORTHLESS and a pain in the @SS!!

here are some other WORTHLESS programs !!! microsoft security essentials,,,windows defender,,,spybot search and destroy,,, norton,,, just to name a few on the top of the list!! lol

I can't begin to count how many computers I have fixed that were INFECTED while running the above programs!!

Just as long as you keep your windows operating system up to date and run a good anti virus program like AVAST and a good real time malware program like MALWAREBYTES and keep all of your programs up to date especially programs like java,adobe reader and flash etc etc you will be fine!! I promise!! ;)

Um that's not very helpful. UAC should always be kept on. It has been proven to reduce infections such as rootkits and provides extra authenticity for certain system changes.

@kevo

1. Malwarebytes' staff will need to step in on this one as I'm not entirely sure why this is, but I'm sure they have a good reason. :)

2. Malwarebytes' requires administrative privileges in order to be most successful with removal which is why opening the program UAC pops up.

Link to post
Share on other sites

Um that's not very helpful. UAC should always be kept on. It has been proven to reduce infections such as rootkits and provides extra authenticity for certain system changes.

@kevo

1. Malwarebytes' staff will need to step in on this one as I'm not entirely sure why this is, but I'm sure they have a good reason. :)

2. Malwarebytes' requires administrative privileges in order to be most successful with removal which is why opening the program UAC pops up.

Every computer that I have worked on that was INFECTED with or with out even the nastiest ROOTKITS had UAC turned on!! So I beg to differ, but it's all good!!!

Link to post
Share on other sites

Thanks for the reply but other than discussing your thoughts on those progs and tips on protecting myself, do you know the answers to my questions? Anyone?

I really just want to ensure that running the setup for mbam pro is okay to do. Like i stated before, for some odd reason, it seems that i have to reinstall the program and choose the location where i want it installed in order to update the program version of mbam pro. This does not seem right to me as every other program ive used before does not require a reinstallation of itself in order to update the ver..I dont want to do this and have problems down the line. This is my first time using/purchasing mbam pro, ive had it for almost a week and have already discovered 2 reasons not to like it. 1. Receiving a message that MBAM Pro blocks my antivirus service when i visit a potentially dangerous site. 2.This issue with trying to update MBAM Pro.

I received feedback for the first issue. But am disappointed to hear that the message which indicates my antivirus service is being blocked is normal to see. This is no doubt faulty programming. Or at least the pop up verbiage initiated by MBAM needs to be changed and display the true process.

Now i await to get feedback for this issue but expect to be told that this is normal. But again this is not the same behavior for other programs that protect against malware.

Link to post
Share on other sites

I really just want to ensure that running the setup for mbam pro is okay to do. Like i stated before, for some odd reason, it seems that i have to reinstall the program and choose the location where i want it installed in order to update the program version of mbam pro. This does not seem right to me as every other program ive used before does not require a reinstallation of itself in order to update the ver..I dont want to do this and have problems down the line. This is my first time using/purchasing mbam pro, ive had it for almost a week and have already discovered 2 reasons not to like it. 1. Receiving a message that MBAM Pro blocks my antivirus service when i visit a potentially dangerous site. 2.This issue with trying to update MBAM Pro.

I received feedback for the first issue. But am disappointed to hear that the message which indicates my antivirus service is being blocked is normal to see. This is no doubt faulty programming. Or at least the pop up verbiage initiated by MBAM needs to be changed and display the true process.

Now i await to get feedback for this issue but expect to be told that this is normal. But again this is not the same behavior for other programs that protect against malware.

You are over analyzing things!! This is your right!! I gave you a google search to MANY q&a concerning your question about the UAC, try clicking that link I gave you and do some reading. Take a deep breath and try to imagine the glass as half full and have some faith! It's all good REALLY!!!

Link to post
Share on other sites

Every computer that I have worked on that was INFECTED with or with out even the nastiest ROOTKITS had UAC turned on!! So I beg to differ, but it's all good!!!

That's not what they were asking.

@kevo

This is quite normal. Both free and pro reinstall over the existing installation. :)

Your antivirus is not being blocked. This is because your antivirus is intercepting the web blocking protection which is why it shows as the process being blocked by the web blocker. :)

Link to post
Share on other sites

That's not what they were asking.

@kevo

This is quite normal. Both free and pro reinstall over the existing installation. :)

Your antivirus is not being blocked. This is because your antivirus is intercepting the web blocking protection which is why it shows as the process being blocked by the web blocker. :)

okay so assuming a reinstallation/update in this fashion is normal,

what were to happen if i choose a different location for the update and installation then the current one (because it gives an option to reinstall the update to another location). Wouldnt this cause problems with the program in this case because there would be a duplicate path/installation on one system.?

And btw if some MBAM tech support person can read this and elaborate more on why i receive the message that mbam blocks my antivirus and that its normal. Other than saying that my antivirus is intercepting the web blocking protection and that's why it's being blocked. I dont understand that.

Are you saying that my Avast is intercepting its own web protection and that's why malwarebytes is displaying that IT is blocking my avast? Because that makes no sense? Why would malwarebytes indicate that it blocked a service from my antivirus just because it recognizes that there is an instance running? Why not just say "there is an instance of another malware/virus protection service running"?

Please dont respond with a link. Please explain in detail. Feed my ignorance please.

Link to post
Share on other sites

1. why does malwarebytes go through the setup process again in order to update to a newer version? I've never experienced this with a program before. My antivirus software, it will just install the update in the user interface and then a restart is required. I'm assuming for mbam pro, it reinstalls and replaces itself. But it still seems kinda weird or improper. Can someone tell me why malwarebytes pro does this?

I've never seen an AV install a new program version this way, in fact, most don't even offer program version upgrades automatically the way that Malwarebytes does and you often have to check their website, though some will update program modules (individual files/components), but that's different from a new program version.

2. Every time i open MBAM Pro,my windows asks me if i want this program to make changes to my computer. I know this is attributed to the UAC for Win 7 but, why does MBAM Pro require this and not my antivirus software? What changes does MBAM have to make to my system that my antivirus software doesn't?

MBAM requires it because it needs administrative privileges to remove infections from permissions restricted locations such as the Windows folder and Program Files. Your antivirus does not because it runs a service in the background that runs with SYSTEM privileges, which is a higher privilege level than admin. Since MBAM does not run a background service for the scanner (the scanner is a separate component from the protection module which does use a SYSTEM level service), the scanner will prompt for administrative privileges. The only way we could eliminate this would be to run a service in the background constantly even for users of the free version, something we'd like to avoid since the free version is simply an on-demand scanner and many users would not like an on-demand scanner constantly running in the background if they are only using it when they want to scan. Your antivirus runs constantly in the background and is not designed to be just an on-demand scanner, thus they are able to always have such a service running.
Link to post
Share on other sites

what were to happen if i choose a different location for the update and installation then the current one (because it gives an option to reinstall the update to another location). Wouldnt this cause problems with the program in this case because there would be a duplicate path/installation on one system.?

No, but the previously installed version would stop functioning properly while the newly installed version would work fine because it would overwrite any paths in the registry that tell MBAM where its files are.

And btw if some MBAM tech support person can read this and elaborate more on why i receive the message that mbam blocks my antivirus and that its normal. Other than saying that my antivirus is intercepting the web blocking protection and that's why it's being blocked. I dont understand that.

Your antivirus is intercepting all traffic to and from your PC, this makes Windows (and thus Malwarebytes as well) believe that any process connecting to any IP address is actually your antivirus, even if it is your internet browser or any other program. Your antivirus does this so that it can scan all incoming and outgoing traffic for infections. Please refer to Section G of our FAQ for additional info under the section that says Why is Malwarebytes' blocking my antivirus?.
Link to post
Share on other sites

I normally log in to Win 7 with a Limited Account (not Administrator).

With the Limited Account I can Open MBAM, run scans, and look at logs, without any UAC prompts.

When I do log in with my Administrator account, that is when I do get UAC prompts.

With this account I can change MBAM settings, delete logs, etc.

I would like to be able to delete logs from my Limited account, but I can't...(:

This makes sense to me...

A "Non-Admin" account should not be allowed to make "System changes".

An "Admin" account should get UAC prompts.

Using an Admin account in Windows 7 for everyday use is not a "Best security practice" from everything I know...

Is the OP using an Administrator account?

Link to post
Share on other sites

I normally log in to Win 7 with a Limited Account (not Administrator).

With the Limited Account I can Open MBAM, run scans, and look at logs, without any UAC prompts.

When I do log in with my Administrator account, that is when I do get UAC prompts.

With this account I can change MBAM settings, delete logs, etc.

I would like to be able to delete logs from my Limited account, but I can't...(:

This makes sense to me...

A "Non-Admin" account should not be allowed to make "System changes".

An "Admin" account should get UAC prompts.

Using an Admin account in Windows 7 for everyday use is not a "Best security practice" from everything I know...

Is the OP using an Administrator account?

You are quite correct. And the main caveat of scanning with MBAM in a limited user account is that if it finds any infections inside of a permissions restricted location, it will not be able to remove them (though this can be overcome by right-clicking on the Malwarebytes Anti-Malware shortcut and choosing Run as administrator and then doing your scan/removal). You also cannot update MBAM from a non-admin account unless you run the program as admin, though the scheduler will still work for updating as long as the scheduled update is created from your admin account.

It is also correct that it is safer to run in a non-admin account, though many modern infections are using methods to get around UAC, such as deliberately installing to locations that do not require administrative privileges to write to (the fake defragmenter rogues for example have been doing this all along I believe).

Link to post
Share on other sites

thanks exile360, and some questions.

RE: "And the main caveat of scanning with MBAM in a limited user account is that if it finds any infections inside of a permissions restricted location, it will not be able to remove them"

If any of these infections are found (and not removed), will that info be shown in the scan log?

I use (depend on) scheduled scans with "Perform scheduled scans silently from system account".

Should I also run manual scans with "Run as Administrator" for better/more security?

Again, I log in with a limited account.

I don't mean to "Hijack" this thread, so if I should create a new thread for my questions, let me know (OP and MBAM Moderators).

Thanks, David

Link to post
Share on other sites

RE: "And the main caveat of scanning with MBAM in a limited user account is that if it finds any infections inside of a permissions restricted location, it will not be able to remove them"

If any of these infections are found (and not removed), will that info be shown in the scan log?

It marks the item for Delete on Reboot instead of quarantining it on the spot. However, once you reboot, the item won't actually be removed, though it may appear in your quarantine.

If this does occur, you need to perform another scan, but this time when you open Malwarebytes Anti-Malware, do so by right-clicking on the shortcut and choosing Run as administrator.

Also note that sometimes it does make sense to run the scanner normally (i.e., without right-clicking on it and choosing Run as administrator. The reason being, for MBAM to scan the current user's registry (all items under the HKCU registry branch), MBAM needs to be running with the current user's credentials, which it does not run with when executed with administrative privileges in a non-admin user account.

I use (depend on) scheduled scans with "Perform scheduled scans silently from system account".

Should I also run manual scans with "Run as Administrator" for better/more security?

Again, I log in with a limited account.

That should not be necessary, since when a scan runs with SYSTEM privileges (i.e., using the Perform scheduled scan silently from system account.), it has sufficient privileges to scan and remove items in permissions-restricted locations, however, see above regarding HKCU, as the same rule applies here. It will not scan the HKCU registry branch for the limited user account (or any other user account other than the one for SYSTEM) when a scan is set to run from the SYSTEM account.
Link to post
Share on other sites

No, but the previously installed version would stop functioning properly while the newly installed version would work fine because it would overwrite any paths in the registry that tell MBAM where its files are.

Your antivirus is intercepting all traffic to and from your PC, this makes Windows (and thus Malwarebytes as well) believe that any process connecting to any IP address is actually your antivirus, even if it is your internet browser or any other program. Your antivirus does this so that it can scan all incoming and outgoing traffic for infections. Please refer to Section G of our FAQ for additional info under the section that says Why is Malwarebytes' blocking my antivirus?.

Thank you Exile360 very much for the education and information. These forums have proved to be a big help. Something i wish my AV forums were like; helpful!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.