Jump to content

Various issues with MBAM 2.2.0.1024 on Win 10 Pro x64


Recommended Posts

Hello,

 

I'm currently running latest version 2.2.0.1024 (Premium) on Win10 Pro x64. I made a clean install of Win10 (meaning not through the upgrade proposed by Windows Update), thus also of MBAM.

Be advised that I never encountered these issues on Win 8.1.1.

 

Hereby the issues :

  • sometimes it happens that, after a reboot, MBAM has not started correctly (systray icon not present at start up). A solution (in my case) is to execute "Malwarebytes Anti-Malware Notifications" from the Start Menu and the icon appears after the UAC prompt. Be advised that this happens only after reboots.
  • self-protection does not stay activated all the time (in Advanced Settings, I checked the option "Enable self-protection module" when I installed MBAM; from time to time I notice that the box is suddenly unchecked)
  • the date of the next scheduled scan is not following the configured settings; this issue appears after each scheduled scan. As it can be seen in the attached screenshots, I have a weekly scheduled scan; after the task has been executed, the date for the next scheduled scan is set for + 2 weeks instead of just 1 week. As mentioned before, this is the case every week (I rectify it manually to 1 week)

I attached the diagnostic logs, as per your FAQ's request. BTW, I noticed that some infos in the CheckResults are not correct (OS and License).

 

Thank you for your assistance !   :)

 

 

Edit : added latest Scan log.

post-43330-0-22217700-1446516854_thumb.j

post-43330-0-12414600-1446516870_thumb.j

CheckResults.txt

FRST.txt

Addition.txt

Scan log.txt

Link to post
Share on other sites

Hi:

Until a staff member has a chance to weigh in...
 

Hello,
 
I'm currently running latest version 2.2.0.1024 (Premium) on Win10 Pro x64. I made a clean install of Win10 (meaning not through the upgrade proposed by Windows Update), thus also of MBAM.
Be advised that I never encountered these issues on Win 8.1.1.


I could be wrong, but I thought users upgrading to Win10 must first perform the "upgrade" from 7/8/8.1, and THEN (if they wish) perform a clean reinstall of 10?

 

Hereby the issues :

sometimes it happens that, after a reboot, MBAM has not started correctly (systray icon not present at start up). A solution (in my case) is to execute "Malwarebytes Anti-Malware Notifications" from the Start Menu and the icon appears after the UAC prompt. Be advised that this happens only after reboots.


AFAIK That is not normal behavior.

 

self-protection does not stay activated all the time (in Advanced Settings, I checked the option "Enable self-protection module" when I installed MBAM; from time to time I notice that the box is suddenly unchecked)


That is not normal behavior, either.
 

the date of the next scheduled scan is not following the configured settings; this issue appears after each scheduled scan. As it can be seen in the attached screenshots, I have a weekly scheduled scan; after the task has been executed, the date for the next scheduled scan is set for + 2 weeks instead of just 1 week. As mentioned before, this is the case every week (I rectify it manually to 1 week)


That issue has been reported to the devs/QA team.
 

I attached the diagnostic logs, as per your FAQ's request. BTW, I noticed that some infos in the CheckResults are not correct (OS and License).


OS version reporting of Win10 in CheckResults.txt is a known issue that will be fixed.
The license problem, though, is not normal or expected behavior - mbam-check should log Premium if you have a properly installed and activated MBAM Premium license.

Your scan log does show a proper Premium license.
 
Your logs also show that MBAM was installed on 10/07/2015, but they suggest that it was not activated until today?
And we don't know exactly what procedure you followed with the Win10 install, or whether you tried a clean reinstall of MBAM after installing Win10.
 
So, unless a staff member sees something else obvious in your logs, for starters, I would suggest the following:

  • Please follow all the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - MBAM Clean Removal Process 2x
  • If that does not correct the issue, then please read the following and attach to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt) -- we would need a fresh set of all 3 logs, if you get to this point, please.
  • NOTE: More info about v2.2.0 HERE; User Guide ONLINE; User Guide PDF; FAQ: Common Questions, Issues, and their Solutions

Please let us know how it goes.

Thanks,

Link to post
Share on other sites

Hi,

 

Thank you for the reply.

 

"I could be wrong, but I thought users upgrading to Win10 must first perform the "upgrade" from 7/8/8.1, and THEN (if they wish) perform a clean reinstall of 10?"

 

There exists a method allowing to make a clean installation without performing the upgrade first. But at the moment I switched to Win 10 (09/29/2015), there was no guarantee (AFAIK, there still isn't) that the activation through this workaround would be maintained even after 07/29/2016 (end of the free upgrade period); that's why I did it on the regular way : upgrade first through Windows Update (to have my actual license key stored on Microsoft's servers) and immediately afterwoods a clean installation of Windows 10 (with a DVD created through the Media Creation Tool proposed on the MS site).

Anyway, this all will be kind of "history" with the upcoming big November Patch (through Windows Update, now announced for 11/12 - sorry, in German) as after that the users will have the possibility to clean install Win 10 directly with their Win 7/8/8.1 Key (no need to upgrade !).

 

 

"That issue has been reported to the devs/QA team"

 

That's excellent news; until a fix is released, I'll continue to modify it manually after each weekly scan ...

 

 

"The license problem, though, is not normal or expected behavior - mbam-check should log Premium if you have a properly installed and activated MBAM Premium license" 

 

Solved (see new attached CheckResults) by following your suggestion and instructions for a new clean install.

 

 

"And we don't know exactly what procedure you followed with the Win10 install, or whether you tried a clean reinstall of MBAM after installing Win10."

 

In fact, when I installed MBAM the first time, my ID and Key were not accepted (first time since I bought this lifetime license in January 2009). I contacted immediately your support (reading on the forum that a lot of other users had the same issue) and got a reply on 10/07/2015. That's the date where I could eventually activate MBAM again. (Just for my own info : where did you see in the logs that it was not activated until today (in fact now yesterday, 11/03/2015 ? I couldn't find it. Thanks ). At the same date, I decided to make a (new) clean installation of MBAM, using Revo Uninstaller Pro which worked perfectly (strictly no left overs : I checked my "C" and the registry). However, 2 points I didn't do correctly is to disable the program self-protection before uninstalling and to temporarily shutdown my security suite (I only suspended it).    :blush:

 

Today, I uninstalled and installed MBAM again but this time following to the point your instructions.    :)

As already mentioned, CheckResults shows now the correct type of license (Premium); I can't already have an opinion on the issue with the systray icon and the self-protection not remaining activated but it could also have been solved now ... Attached you'll find the new Diagnostic logs as well as the CheckResults and a fresh Scan log.

 

 

My suggestion, if this is feasible, would be to leave this topic open until the end of this week so I can let you know here how it goes by next monday (11/09) at the latest.

 

Thank you !

 

 

 

CheckResults.txt

FRST.txt

Addition.txt

Scan log.txt

Link to post
Share on other sites

Hello:

 

Thanks for the detailed update.

If I understand everything correctly, the proper clean reinstall seems to have resolved the important issues?

(Yes, our own special removal tool (mbam-clean), rather than Revo, is the recommended method to cleanly uninstall.)

 

The CheckResults.txt log now correctly shows PREMIUM, as does your scan log. :)

 

I did notice this in your log both times:

 

 

Malware Exclusions:
===================
Category: Folder, Exclusion: C:\Program Files\Agnitum
Category: Folder, Exclusion: C:\Program Files\SUPERAntiSpyware
Category: Folder, Exclusion: C:\Users\Utilisateur\Music
Category: Folder, Exclusion: D:\Documents
Category: Folder, Exclusion: D:\Gravures Audio
Category: Folder, Exclusion: D:\Ma musique
Category: Folder, Exclusion: D:\Pictures
Category: Folder, Exclusion: D:\Sauvegardes importantes
Category: Folder, Exclusion: D:\Videos
Category: Folder, Exclusion: D:\Sauvegardes pilotes

Web Exclusions:
================

 

Just curious: Why do you have what appears to be your entire documents folder and other data folders excluded from scanning?

That pretty much defeats the purpose of using MBAM, as anything in those folders would NOT be scanned.

If files in those folders were infected, they would not be detected.

 

The "only" files/folders that **might** need to be excluded -- for some users -- would be their anti-virus and other security applications.

(And even those are not generally needed, though some users prefer to set them.)

It is not recommended to exclude one's data folders.

 

Anyway, yes, we will keep this thread open. :)

 

Please post back and let us know how it goes.

 

Thanks,

Link to post
Share on other sites

throkr:


 


I too get the problem of mbam.exe not being started on re-boot (my system is Windows 7, 32 bit). In fact, it happens more often than not, and has been going on for months. In fact, I believe since version 2 arrived and it has 'survived' a number of clean removal / re-installs. I haven't reported it myself, partly as (not seeing any reports in the Forum before yours) I assumed it was peculiar to my installation and partly because I don't really expect much enthusiasm on the issue from Malwarebytes.


 


Anyway throkr, two tips:


 


First, try Settings -> Advanced Settings -> Delay protection at start-up


30 seconds helped for version 2.1.8.1057 in my installation but 2.2.0.1024 seems to need 60 seconds.


 


If this doesn't help, try patience at logon time!  When giving the password, don't press Enter immediately but wait about 20 seconds. That always seems to do the trick for me.

Link to post
Share on other sites

Thanks for your input, @alan_s:

 

However, each computer is different.

For starters, you and @throkr are on entirely different platforms.

His computer is running Win10, with a 3rd-gen core-i7 processor and 16 GB of RAM.

So, unless there is something amiss with his computer (e.g. MBAM corruption, too many programs in startup folder, software conflicts, bad hardware, or other problem), there ought not to be a delay for MBAM to load with Windows.

(It's also possible that the icon may be "hidden" and that MBAM actually is loading as expected.)

 

Moreover, configuring MBAM to delay its start significantly decreases one's protection.

So it's not a recommended solution for most problems, especially with robust hardware.

 

@throkr's problems appear to be resolved for now, and this is his thread.

So, to minimize confusion for everyone, we respectfully suggest that you might want to please start your own, separate forum topic.

That way, we could better assist both of you with individual advice to get up and running.

 

Thanks very much for your understanding,

Link to post
Share on other sites

Hi:

 

You wrote: 

 

 

Sorry, but I wasn't trying to hijack his thread. And I wasn't seeking assistance for myself - perhaps the wording was misleading. My intent was simply to share a workaround I had discovered that might have been useful for him and for others.  

 

 

Understood, and no harm.

 

 

But, your workaround is NOT a recommended way to resolve startup issues.

As mentioned, delaying the start on MBAM real-time protection reduces one's security.

And it's not "normal" to have to do that.

(That option is really only there as a bit of a "leftover" from the days of XP and older systems with slow processors and little RAM.  Delaying MBAM startup in the settings ought to be unnecessary with a modern system that is working well.)

 

So, it would be preferable to sort out the underlying cause (e.g. system configuration, corrupt MBAM install, hardware issues, software conflict, etc.)

 

If you would like help with this, I suggest that you please either start a new, separate forum topic or please log a ticket at the Help Desk.

We will be happy to assist you. :)

 

Thanks for your understanding.

Link to post
Share on other sites

If I understand everything correctly, the proper clean reinstall seems to have resolved the important issues?

(Yes, our own special removal tool (mbam-clean), rather than Revo, is the recommended method to cleanly uninstall.)

 

The CheckResults.txt log now correctly shows PREMIUM, as does your scan log. :)

 

Just curious: Why do you have what appears to be your entire documents folder and other data folders excluded from scanning?

That pretty much defeats the purpose of using MBAM, as anything in those folders would NOT be scanned.

If files in those folders were infected, they would not be detected.

 

The "only" files/folders that **might** need to be excluded -- for some users -- would be their anti-virus and other security applications.

(And even those are not generally needed, though some users prefer to set them.)

It is not recommended to exclude one's data folders.

 

Anyway, yes, we will keep this thread open. :)

 

Please post back and let us know how it goes.

 

Thanks,

 

Hello,

 

I suppose that this latest proper clean install (and, above all, the fact that, this time, I disabled self-protection before the uninstall and made a shutdown of my security suite) has resolved the issues, but I prefer to test the 2 points (systray icon and self-protection not remaining activated) during a few days to be sure. As mentioned earlier, I'm on Win 10 only since 09/29 and had the systray icon issue only 2 or 3 times up to now. (BTW : should it happen again, I'll firstly check if the 2 concerned MBAM services are launched before "reactivating" the icon). As for the self-protection issue, I only noticed that today because I had a look in the Scan log before attaching it to my first post. 

If it wouldn't be for the scheduled scan issue, I don't open MBAM very often, which is quite normal if everything is running as it should be ...

 

Concerning the exclusions : the "D" partition (which I created) only contains everything related to the programs (latest versions, tweaks, notes, tips) that are installed and related to the Windows installation.

I always maintain its content up to date and therefore never include it when I format the drive (before a clean install of the OS) or if I have to load a previous disk image.

Nothing comes directly from the net.From time to time, I make a manual scan on it, to be safe.

 

All my "real" personal or sensitive data are saved on protected external HDDs, never on the desk/laptop drives ...

 

I'll post back next Monday to let you know how it goes with the systray icon and the self-protection. And let's hope that the scheduler issue will be solved soon in a future release ...

 

 

Thank you a lot for your time !   :)

Link to post
Share on other sites

Hi daledoc1,

 

Well, the clean install and the fact that I followed exactly the uninstall procedure seems to have done the trick : no systray icon issue anymore and self-protection remains enabled.

If the scheduled scans issue is fixed in a not to far future, I'll be happy again using MBAM without any trouble ...    ;)

 

BTW, a question concerning the updates of the program himself : I noticed that keeping self-protection enabled requires a reboot to finish the update whilst disabling it doesn't require a reboot; both ways work (for inside upgrades as well as for updates "over the top"), but is there a recommendation from Malwarebytes for this (I mean disabling / not self-protection before updating the program) ?

 

 

Again, thanks for your time !    :)

Edited by throkr
Link to post
Share on other sites

Hi:
 

BTW, a question concerning the updates of the program himself : I noticed that keeping self-protection enabled requires a reboot to finish the update whilst disabling it doesn't require a reboot; both ways work (for inside upgrades as well as for updates "over the top"), but is there a recommendation from Malwarebytes for this (I mean disabling / not self-protection before updating the program) ?

 
Not sure about that (and not sure what you mean by "inside upgrades").

But the self-protection module is just that -- it prevents (malicious) modification of MBAM files.
I don't use it myself.
And I don't see reports of the issue here in the forum from other users.

>>There is another feature (context menu entry scan) that -- when enabled -- does usually require that the system be rebooted after a program update.
>>So, I would not be surprised if the same were true for the self-protection module. That would seem to be normal behavior.

>>But I don't know specifically if it is advised to disable SP before a program update -- I would think that the update can be performed with or without that module enabled.

>>We'll need to wait for a Malwarebytes staff member or forum expert to weigh in.
 
I'm glad you were able to resolve your issues.
 
Thanks for letting us know,

Link to post
Share on other sites

... (and not sure what you mean by "inside upgrades").

 

Hi,

 

I mean updating through the program himself when a new version is proposed (internal updater) vs updating "over the top" of the previous version using an *.exe file downloaded from the site.

Link to post
Share on other sites

Interesting info; thank you, Firefox.   :)  

 

 

One practical question : is there a possibility to modify the title of this topic (adding "solved"); could certainly be interesting for other forum members / readers ...

Thanks.

Edited by throkr
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.