Jump to content

mabm and vista


Recommended Posts

mbam so far does not auto update in Vista. I looked through the forums and didn't see any stickies about this. I have had several customers complain about this and as such bugs are getting through, which in turn results in calls to me and re-fixing customers computers for free. I have had 6 so far. On my machine it will not auto update, Vista business and yes I have it set to start and yes I have it set to auto update. I have looked at the admin privelages in gpsec and have elevated the permissions. Still no luck. I then went to test mbam and purposely went to some 'sites' to get infected and bingo got hit. NO flags or burps from mbam. It of course removed the threat after the fact and a manual update.

Now aparently mbam in order to be effective it needs to be run as administrator.........

So anybody have any ideas? I am running it on my w7 install install right now and having the same issues. Which ironically even under the compatabilty tool kit doesn't run right.

Link to post
Share on other sites

Firstly, Windows 7 is not on the list of supported operating systems. Don't expect it to work right.

Secondly, there is no security software that does not require administrator privileges. This is why, when you open security software (MBAM included) you get the UAC popup asking you to confirm that you want to allow the application to be granted administrator rights.

Our automatic updater is just a scheduled task using the Windows Task Scheduler, so check and make sure that the Task Scheduler is working, and that other scheduled tasks are running.

Link to post
Share on other sites

What about stuff like AVG then? It runs fine under a standard user... The only time it has prompted me for the admin password is when I want to change options in the program itself. Update works fine, and it runs at startup and detects threats (tested with the EICAR test file). Maybe it's because the file was under my username, but AVG often finds cookies from other users and removes them when I scan from my account. UAC is on and my user doesn't have many altered privileges (I have access to the admin's files and my dad's files from when I needed to transfer somting to their desktops and clicked their folder in the 'users' folder. My account has a strong password and it's only a home pc so I don't think it's a huge security flaw) I can't remember if it's only those account's it finds cookies from, or if it also detects my sister's account. I'll have to test some other time to confirm it.

Link to post
Share on other sites

Our automatic updater is just a scheduled task using the Windows Task Scheduler, so check and make sure that the Task Scheduler is working, and that other scheduled tasks are running.

Hello,

I trigerred the Mbam-updater in the Vista Task Scheduler and everything is working fine.

What i don't find in the setup is "check for update when windows starts" ???

Berny ++

Link to post
Share on other sites

What about stuff like AVG then? It runs fine under a standard user... The only time it has prompted me for the admin password is when I want to change options in the program itself.

AV software typically have a SYSTEM service running that does all the work. This ensures they also function under limited user account.

Link to post
Share on other sites

Wow replies amazing!

First off I am not an idiot, W7 is not supported in anything yet as it isn't an officially released OS. I am very well plugged in with Microsnot and hold numerous certs. I am running the official RC1 build 8001. The reason I mentioned W7 at all is because of its ability to run legacy apps out of the box. W7 and Vista are the exact same OS, their security kernal is the same. The differences between the two is bascially eye candy, I can make Vista behave exactley like W7 or vice versa and have done so in testing.

Now that said, I wil try the windows task scheduler. It would have been to know that before I sold several lisc. for this product. Now I am going to have to go back to my customers AGAIN and tweak their Vista machines. So is this something I missed in the fine print somewhere?

I will report back and see how it works. Now as to AVG, in my opinion it sucks. I have seen it pass many things and then not remove them. On the other hand MBAM doesn't miss much. You MBAM folks need to dial up the interface and put in some Vista switches, so that Vista reconizes MBAM, updates MBAM. It shouldn't be that hard to install those, not knowing your base code and not wanting too I think you all could get this in there!

Link to post
Share on other sites

What about stuff like AVG then? It runs fine under a standard user...

Yes it does. That's because the parts of the program that do the actual work are running as services and have system rights. The parts you see are just user interface. Our protection module works the same way. The main MBAM application, however, does not have a seperate service to do the real work in the background, so it requires admin rights to do pretty much everything it does.

Link to post
Share on other sites

Would you mind following these instructions so I and the other helpers here can have a look at the task setting for MBAM's upater?:

Quoted from SimonDavies at the tek-tip forum

To export a task by using the Windows interface

If Task Scheduler is not open, start Task Scheduler. For more information, see Start Task Scheduler.

Find and click the task folder in the console tree that contains the task you want to export.

In the console window, click the task that you want to export.

In the Actions pane, click Export.... The Save As dialog box will appear.

In the Save As dialog box, browse to the location that you want to save the task, and click the Save button.

Once you've done that, please zip the file it creates and attach it to your next post, thanks :D .

Link to post
Share on other sites

Would you mind following these instructions so I and the other helpers here can have a look at the task setting for MBAM's upater?:

Quoted from SimonDavies at the tek-tip forum

Once you've done that, please zip the file it creates and attach it to your next post, thanks :) .

I have done as requested, although it appears to have 'run' the auto update, I did a manual update three minutes after my machine was booted and there was an update. I have tested this a few times in the last two days. So unless I am mistaken it is not updating. Here is your sign. Thanx

mabam.zip

mabam.zip

Link to post
Share on other sites

OK officially verified MBAM does not update even when told to do so in task scheduler

Hello,

Windows Vista Business Task Scheduler is displaying that scheduled Mbam_updates

are taking place, but when proceeding a manual update i am retrieving new

definitions which makes me hesitate if the scheduled updates are realy working ???

Berny +++

Link to post
Share on other sites

The auto update only takes place once a day, MBAM's defs are updated much more frequently (sometimes 3 or 4 times daily) so it's quite possible that the auto update is working, but that new defs are released after the auto update takes place, but before you've initiated a manual update check. To test it, don't update manually, let the scheduled update run as normal, then open MBAM's interface to see if the definitions version changed. You can check it based on the displayed database version on the update tab.

Link to post
Share on other sites

let the scheduled update run as normal, then open MBAM's interface to see if the definitions version changed. You can check it based on the displayed database version on the update tab.

Hello Exile,

Thank you for your kind reply. I was going to check this out today.

Right now current db information is 04/13/2009 - ver 1983 - fp_loaded 74922.

Will keep you informed :)

Best regards

Berny +++

Link to post
Share on other sites

Cool, thanks a lot Berny :) .

Hello Exile,

Please have a look at this screen_shot.

Update is proceeding fine as set in Windows Taks Scheduler

and i can see that db 1984 & fp 74989 are refreshed :)

I am just curious about the fact that date 04/13/2009 hasn't changed ?

Thank you for your appreciated comments.

Berny ++

post-3176-1239786639_thumb.png

post-3176-1239786639_thumb.png

Link to post
Share on other sites

That's the scheduled task for starting the tray (protection module) mbamgui.exe, not the updater. If it's there, would you please export that one and attach it? The action should be listed as something like mbam.exe /runupdate.

Ok that was the next task on the list, got it found exactley what you were looking for /runupdate switch. I think I have the settings correct, simply run everytime I start windows. So do these look correct to you? If not any suggestions? Thanx

Malwarebytes__Scheduled_Update_for_Macheen.zip

Malwarebytes__Scheduled_Update_for_Macheen.zip

Link to post
Share on other sites

@Berny, yes there appears to be an issue with the time\date stamp on the defs, everyone's seeing it so you're not alone, those are still the latest defs :) .

@bs953, I looked at the task and everything looks ok, but I would recommend altering one thing, on the General tab in the scheduled task's properties set it to Run whether user is logged on or not. You could also change the time that the update occurs just to see if it helps (something like 1pm or something). To do this, go to the Triggers tab and click the line of text in the box that starts with Daily and then click the Edit button on the bottom.

Please let me know if this helps, thanks :D .

Link to post
Share on other sites

@Berny, yes there appears to be an issue with the time\date stamp on the defs, everyone's seeing it so you're not alone, those are still the latest defs :D .

@bs953, I looked at the task and everything looks ok, but I would recommend altering one thing, on the General tab in the scheduled task's properties set it to Run whether user is logged on or not. You could also change the time that the update occurs just to see if it helps (something like 1pm or something). To do this, go to the Triggers tab and click the line of text in the box that starts with Daily and then click the Edit button on the bottom.

Please let me know if this helps, thanks :P .

Tha worked thanx

Link to post
Share on other sites

Excellent :P . I'm glad we finally figured something out. Hopefully the devs will have a look and it will help them assist others with this issue.

Well yeah that would be nice I mean it should be reconized by vista, the customer wants to see it doing something. I am referring to the turn it on and surf types if they dont see 'activity' they call me. I can appreciate the 'background' acitivity myself, but a flag or two would be nice..."like hey I updated" ya know something like that.

Also if they get this right for Vista their already in for W7, same security code in the two.....it would behoove them to tweak this a little bit.

Link to post
Share on other sites

They might, but actually, in past versions MBAM did show it's little update window and a lot of users complained so the devs removed it. As far as Win7 goes, you are correct, and I think that's part of what's driving the devs toward 64 support since MS and OEM's are really pushing (even with Vista now) and even more so the 64 bit versions over the 32 bit ones due to memory limitations and the current cheap cost of ddr2. Perhapse they can change the little tray icon to have an arrow or something on it when updating just to let people know that it's doing it's thing, or a color change (like how it turns grey now) perhaps green for when it's updating or something.

Link to post
Share on other sites

They might, but actually, in past versions MBAM did show it's little update window and a lot of users complained so the devs removed it. As far as Win7 goes, you are correct, and I think that's part of what's driving the devs toward 64 support since MS and OEM's are really pushing (even with Vista now) and even more so the 64 bit versions over the 32 bit ones due to memory limitations and the current cheap cost of ddr2. Perhapse they can change the little tray icon to have an arrow or something on it when updating just to let people know that it's doing it's thing, or a color change (like how it turns grey now) perhaps green for when it's updating or something.

Actually if people sniveld about the update notification then put the option to turn it off or on? the only ones interested in that option would be the tweakers anyways. I would say have the update flag on by default turning it off as an option. 64 bit is coming baby and I am about ready to go there myself.

Link to post
Share on other sites

Yes, that is certainly a good idea (the ability to switch it on/off in the gui). As far as 64bit, as you can see from my sig below, I'm already there and lovin' it :D ! I've been running 64 since Vista was in beta, and once it went final I got myself a license and nuked the XP Pro partition from my drive (I hadn't used it for most of the time I was running Vista in it's beta/RC stages anyway). As long as you KNOW you've got good working drivers for 64, everything else is pretty much cake :P .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.