Real-Time Protection layers Turned off - a solution

[jsbrown]

I too suddenly started having problems with MB 3.0.6 and the realtime protection layers showing up as being turned off.  I dont reboot often, but Norton decided it wanted to....  After the reboot, the MB icon had that ugly warning triangle, and my Exploit protection would not turn on. Nice. Fun.  Off to the support forums.

So, after following the main topic instructions to uninstall I got a message saying it couldnt fully uninstall and to do it manually (BUT never said what it couldnt do), I checked the C:\Program Files (x86)\Malwarebytes Anti-Malware  directory, being as it was the only remnant I could see on the file system, and found a couple .tmp files from 2014.  Not a big deal... I renamed the directory and rebooted, and tried a reinstall.

The install balked at me saying that C:\Windows\System32\drivers\mbae64.sys could not be overwritten.  Clearly this was the issue the uninstall had... the file dated Jan 20, 2017 still sat in that directory.  Why it had the issue, I dont know... but it seems that the DLL is still being loaded.

In order to get MB installed, I chose Ignore (not the best option I know) and the install completed with the mismatched DLL.

I was able to fix this by running Microsoft's Process Explorer (one of the SysInternals utilities - download it from here : https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx) to identify which process (it was svchost.dll) was owning the instance of the driver, and then killing off the driver, and doing another uninstall of 3.0.6, and finally reinstalling again.

This time, all the real time protections could be enabled, and MB is running properly again.  It remains to be seen for how long, as other threads seem to indicate the problem is sporatic

It would be nice if the uninstaller was more verbose about the issues it encountered.  It would be even better if the uninstall killed off all instances/threads that used the files it was removing (or tagged them for removal at reboot, and then forcing the reboot as thats the 'new' way of doing things)

Hopefully the MalwareBytes dev team can put this info to good use, and to the others who are also dealing with problems caused by the recent upgrade can use this solution as well.

[Katzenjammer]

Patience is a virtue(?).  Katz also experienced the real time protection anomaly. 

Katz PC config:

Windows 7 Professional Service Pack 1 (Last Update: 02/11/2017) ---   Dell Optiplex 9010 ---  CPU: X64

Malawarebytes 3.06.1469  (Last Update: 01/28/2017)

After Shutdown Sleep/Standby MB real time protection would not enable.  Upon Reboot/Restart MB real time protection was flagged but could be enabled.  Several days ago the real time enigma evanesced.  Why?  I don't know why but I accept it on faith.

[MogMogMog]

I keep getting the same message although the Real-time layers are all turned on now. The dropped out for the first few times. I don't like this and would like to know when it will be fixed.