Jump to content

Rootkit scan will not stay on in MBAM3 Premium


Recommended Posts

I am unable to get the Rootkit Scan feature in Premium to stay ticked when I move the slider to ON.  If I exit the program, when I go back, it is OFF again.  Even if I do NOT exit the program and just click on another tab, when I go back to the PROTECTION tab, it is OFF again.  Neither am I am to set STARTUP to delay by 15 seconds.  Again, I turn Delay ON with the slider and enter 15 seconds, but same things happens, when I leave the tab, it turns OFF again.

I have reinstalled this program, and it has NOT corrected the problem.

Thanx for any help.

Link to post
Share on other sites

Hello and Welcome

Let's try and get some logs first so the team can review them and see if they can tell what may be causing your issues....
 

  1. FIRST: Create and obtain Farbar Recovery Scan Tool (FRST) logs
  2. Download FRST and save it to your desktop
    Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
  3. Double-click to run FRST and when the tool opens click "Yes" to the disclaimer
  4. Press the "Scan" button
  5. This will product two files in the same location (directory) as FRST: FRST.txt and Addition.txt
    • Leave the log files in the current location, they will be automatically collected by mb-check once you complete the next set of instructions
  6. NEXT: Create and obtain an mb-check log
  7. Download MB-Check and save to your desktop
  8. Double-click to run MB-Check and within a few second the command window will open, press "Enter" to accept the EULA then click "OK"
  9. This will produce one log file on your desktop: mb-check-results.zip
    • This file will include the FRST logs generated from the previous set of instructions
    • Attach this file to your forum post by clicking on the "Drag files here to attach, or choose files..." or simply drag the file to the attachment area


 

Link to post
Share on other sites

Thanks for the logs, I will have a member of the team review them for you to see if they find what may be causing your issue.

You thing you can try is a clean reinstall to see if it helps.

Let's try this first.... (Malwarebytes clean removal tool will backup your license information and then re-enter the license to the new install)

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-clean tool you will be asked to reboot. Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES (it will download the latest version) or you can download the latest version manually (currently v3.3.1.2183 CU 1.0.262) to re-install from HERE)
  2. NOTE: More info about the latest Malwarebytes 3.2.2 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.


Thank You,

Firefox

Link to post
Share on other sites

25 minutes ago, nigebirch said:

I'll wait for your team's analysis, thank you.  I've already done the uninstall/reinstall and my license info was re-entered.

 

Re sliding/clicking:  I am sliding the button to ON (green).  It stays there until I leave the tab or app.  Thank you.

The sliding of the bar does not work, try clicking on it to turn it on.  Let us know

Link to post
Share on other sites

I'm glad you could help, too.

Although this has been solved, I found another problem.  This has been recurrent and the reason I uninstalled and did a clean install of MBAM about 5 days ago.  I haven't seen this error in Event Viewer until today again:

{Registry Hive Recovered} Registry hive (file): '\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-3104806541-1533417482-1089993493-1002-01192018172735318-ntuser.dat' was corrupted and it has been recovered. Some data might have been lost.

Any idea what's going on here?

Thank you.

Link to post
Share on other sites

Hi, Devin Collins,

Still getting this general kernal error in Event Viewer.  I get it several times a day (usually about four times):

{Registry Hive Recovered} Registry hive (file): '\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-3104806541-1533417482-1089993493-1002-01242018161438260-ntuser.dat' was corrupted and it has been recovered. Some data might have been lost.

Have you had time to investigate this?

Thank you,

NB

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.