Jump to content

AV strangeness


Recommended Posts

Don't know how else to title this post - I am running the latest version of MW3 on win 7  and have the constant recurring problem of protection not being enabled. So I manually enable. Then suddenly last week, protection cured itself somehow. For a week it loaded on start up and all fine and dandy. A couple of days ago, Avira AV advised me to run a full system scan as it has noted registry intrusion as I was on the net. So I did just that (with no infection to registry in scan results) and now the protections are disabled on start up again and I have to manually start them. Do you suppose the Avira program is conflicting with MW3?  I am thinking of uninstalling it as I have always wondered if it didn't work with Malwarebytes. Any thoughts would be appreciated. Thanks.

Link to post
Share on other sites

43 minutes ago, Dublin70 said:

Any thoughts would be appreciated. 

43 minutes ago, Dublin70 said:

I am thinking of uninstalling it as I have always wondered if it didn't work with Malwarebytes.

@Dublin70

I hate to suggest an uninstall of an AV without trying to find a solution but I see you have had some issues with Avira before.

Let's try and get some logs first so the team can review them and see if they can tell what may be causing your issues....

  1. FIRST: Create and obtain Farbar Recovery Scan Tool (FRST) logs
  2. Download FRST and save it to your desktop. Tell any program that blocks it to ignore or allow. It IS SAFE. It contains no info that can identify or harm you.
  3. NOTE: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
  4. Double-click to run FRST and when the tool opens click "Yes" to the disclaimer
  5. Press the "Scan" button
  6. This will produce two files in the same location (directory) as FRST: FRST.txt and Addition.txt
    NOTE: These two files will be collected by the MB-Check Tool and added to the zip file for you
  7. NEXT: Create and obtain an mb-check log
  8. Download MB-Check and save to your desktop
  9. Double-click to run MB-Check and within a few second the command window will open, then click "OK"
  10. This will produce one log file on your desktop: mb-check-results.zip
  11. Attach this file to your forum post by clicking on the "Drag files here to attach, or choose files..." or simply drag the file to the attachment area
Edited by Porthos
Link to post
Share on other sites

10 minutes ago, Dublin70 said:

Here are logs. Thanks.

Quote

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe    REG_SZ        ELEVATECREATEPROCESS

 

To start with

Go to the folder C:\Program Files\Malwarebytes\Anti-Malware\
Find the file mbam.exe and right click on it and choose Properties
In the window that pops up click on Compatibility Tab
Remove any changes there that don't match my picture below and click OK

Also, you need to run all of the tools from the ADMIN account. Please get a new set of logs after you fix the below.

596d154caf048_compatibilitytab.jpg.2f0b44f0f5d992528633bfe1440a47af.jpg

Link to post
Share on other sites

22 minutes ago, Dublin70 said:

New logs as admin.

I know in your previous topics/posts you said you have done all the Avira exclusions for MB. Please recheck your exclusions.  Also ad Avira folders to the MB exclusion list.

  • C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
  • C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
  • C:\Windows\system32\Drivers\farflt.sys
  • C:\Windows\System32\drivers\mbae64.sys
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\MBAMChameleon.sys
  • C:\Windows\System32\drivers\MBAMSwissArmy.sys
  • C:\Windows\System32\drivers\mwac.sys

 

Also please exclude the following folders too: (The complete folder)

  • C:\Program Files\Malwarebytes\Anti-Malware
  • C:\ProgramData\Malwarebytes\MBAMService
Link to post
Share on other sites

A couple of things: Tried to d.l. the application update but the link said - this file type may not be supported.?? Also, entered all the MWB exclusions but when I tried the Avira and the Windows exclusions, the files just wanted to open in both cases. I tried right clicking but that didn't work. Don't know what to do now. Thanks.

Link to post
Share on other sites

All working fine until a day ago. Avira had an issue with registry being "attacked" (my word) - since then I find the orange alert about disabled protection when I boot up. I think I will uninstall it and put Avast on. Also, keep in mind that I could not exclude the Avira and Windows folders as mentioned a couple of posts back. Perhaps those exclusions would make it all work but files just want to open when I click on them to copy/paste into MW3 exclusion area.  Thanks.

Link to post
Share on other sites

I decided to uninstall Avira as I thought maybe it was causing a conflict with MW3. Sooo, I disabled Avira, and installed Avast. In the process of installing Avast, the following blocks came up -- FRAUD onclickads.net    and    Malware popcash.net. Would this have happened because Avira was disabled or is Avast  trying to load stuff onto my pc? As I said both were blocked but I am confused as to what's going on. Any thoughts? Thanks.

Link to post
Share on other sites

I believe so. I'll check tho. Will send logs tomorrow. After uninstalling Avira, MW3 seems to load correctly. Again. things seem to work right after different fixes are applied and then a couple of days later, the orange alert comes up. I do think it was the Avira conflict so we'll see. Thanks very much.

Link to post
Share on other sites

Could someone look at these logs as requested. I got a whole bunch of the same ones blocked again in the last couple of days. What is the source of this bad stuff. I noticed that they appeared when I was installing Avast. I sure hope they're not carrying this stuff in their software. Thanks. 

Link to post
Share on other sites

Hi - hate to bug you busy folks but I keep getting blocks for the same two attempts on my desktop. Fortunately, they are being blocked but I'm not sure what to do about them. I wrote on the Avast forum about them and a response was: "where did you d.l. from"? I d.l. from the Avast site so don't know what that info will do to aid in this. Thanks. 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.