Jump to content

Real-Time Protection layers Turned off - a solution

Recommended Posts

I too suddenly started having problems with MB 3.0.6 and the realtime protection layers showing up as being turned off.  I dont reboot often, but Norton decided it wanted to....  After the reboot, the MB icon had that ugly warning triangle, and my Exploit protection would not turn on. Nice. Fun.  Off to the support forums.

So, after following the main topic instructions to uninstall I got a message saying it couldnt fully uninstall and to do it manually (BUT never said what it couldnt do), I checked the C:\Program Files (x86)\Malwarebytes Anti-Malware  directory, being as it was the only remnant I could see on the file system, and found a couple .tmp files from 2014.  Not a big deal... I renamed the directory and rebooted, and tried a reinstall.

The install balked at me saying that C:\Windows\System32\drivers\mbae64.sys could not be overwritten.  Clearly this was the issue the uninstall had... the file dated Jan 20, 2017 still sat in that directory.  Why it had the issue, I dont know... but it seems that the DLL is still being loaded.

In order to get MB installed, I chose Ignore (not the best option I know) and the install completed with the mismatched DLL.

I was able to fix this by running Microsoft's Process Explorer (one of the SysInternals utilities - download it from here : https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx) to identify which process (it was svchost.dll) was owning the instance of the driver, and then killing off the driver, and doing another uninstall of 3.0.6, and finally reinstalling again.

This time, all the real time protections could be enabled, and MB is running properly again.  It remains to be seen for how long, as other threads seem to indicate the problem is sporatic

It would be nice if the uninstaller was more verbose about the issues it encountered.  It would be even better if the uninstall killed off all instances/threads that used the files it was removing (or tagged them for removal at reboot, and then forcing the reboot as thats the 'new' way of doing things)

Hopefully the MalwareBytes dev team can put this info to good use, and to the others who are also dealing with problems caused by the recent upgrade can use this solution as well.

Link to post
Share on other sites

Patience is a virtue(?).  Katz also experienced the real time protection anomaly. 

Katz PC config:

Windows 7 Professional Service Pack 1 (Last Update: 02/11/2017) ---   Dell Optiplex 9010 ---  CPU: X64

Malawarebytes 3.06.1469  (Last Update: 01/28/2017)

After Shutdown Sleep/Standby MB real time protection would not enable.  Upon Reboot/Restart MB real time protection was flagged but could be enabled.  Several days ago the real time enigma evanesced.  Why?  I don't know why but I accept it on faith.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.