Run: [Malwarebytes Anti-Malware (reboot)]

[jholland1964]

We do have a developer looking at this issue. His first thought is something like TeaTimer preventing the removal. I've given him an RSIT log and a ComboFix log from two different users experiencing this problem (I don't think either of them had TeaTimer though). I can't promise when he'll get it figured out, but he'll do his best to test and see if he can reproduce it.

By the way, none of the HJT logs I have seen this in have had Spybot TeaTimer running at all. Some don't even have Spybot installed. Most do however have Windows Defender

[exile360]

One of the main developers is still looking into this matter to figure out what's going on. I'm sure he'll respond when he figures it out.

[jholland1964]

I am still seeing this show on HJT logs

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

on virtually all machines where we have a new install of MBA-M, scans are done, malware found and cleaned, computer rebooted. We are seeing this even when MBA-M finds nothing on the scans and computers HAVE been rebooted.

Has this ever been resolved?

[AdvancedSetup]

Yes this is a confirmed bug and has been fixed but will not be available until the next release version 1.42 possibly by middle to end of October.

[jholland1964]

Yes this is a confirmed bug and has been fixed but will not be available until the next release version 1.42 possibly by middle to end of October.

Thanks so much. Have had several ask about this but had no answer.

[XTS]

I'm having the same problem , same version of MBAM. 1.41. I had found a malware but am not sure if it's associated with that scan. I have Vista 32 bit Home Premium Edition, sp2. On every bootup Windows Defender informs me it blocked the cleanup script MBAM was trying to run. I'm getting errors in my administrator/event viewer. I'm getting a capi2 issue also, something about a timestamp not matching or not authorized. It seems to still have a problem even today. Something about a auth trusted roots list. Not sure if it's related but could be??

I'm also getting the (what was it?) 4376, 4375, 4385 Event ID.. I've been getting all of those. The one that says something about unable to extract part of a cab file, Aux-jh (etc).. Contact Microsoft, etc. Also getting event ID 170, Scenario Lifecycle (today).. Also, id 3001 (Code Integrity determined an unsigned kernel module \Device\HarddiskVolume1\Windows\System32\drivers\mbamswissarmy.sys is loaded into the system. Check with the publisher to see if a signed version of the kernel module is available.). (that is directly related to this program for sure and I always get something to do with questioning this file for some reason). I get that one for NVidia drivers and the SSHDRV driver also, so it is probably nothing to worry about, I'm thinking.

I can say my McAfee keeps stopping for some reason.. Turning off real time scanners and such.. Disabling itself for some reason but tends to be okay if I re-enable it.. Maybe there's a conflict somewhere? I've seen something about McAfee and AdAware but nothing about MBAM with either. It's ran manually.

Again, not sure if related but all started within the last week or two. The cab one has something to do with windows updates.. The one about the timestamp, I'm not sure.. but I have event viewer alerting me when that happens and it's at startup and right around the time that pops up for MBAM through WinDef.

I'm currently doing a FULL SCAN with MBAM to see if anything comes up. The quick scan showed nothing. The error happens on every bootup. I do not have Teatime or whatever that program was you said. I have AdAware, Windows Defender, McAfee Antivirus (with several other security options like spam protection, etc. I use McAfee firewall, not windows.) I recently had "artema/artemia" or what have you, allegedly in a setup for a game but after setting up the game nothing was found. The artema was only found prior to install in the setup file, not the extracted files. If anyone is curious, it was fishtycoon from www.fishtycoon.com (or www.planttycoon.com but I think it was the fish tycoon. We got them both at the same time). McAfee found that but I think it was a false alert.. I THINK, not sure.. Doubt it's related but with my life, you really never know what causes what.. I've learned the hard way most of my

problems are somewhat eccentric.. lol

Otherwise my system has been up and running 2 years or so.. I try to keep everything updated once a week. I've system restored 2 times I think but it's been a longggg time since I did that.. That shouldn't be related to this. If there are any logs or files you want me to share, let me know.. I don't know what else to mention so from here on out I'll need guidance LOL.

I'm semi pc aware, can do alot but not a pro..

Thanks in advance!

*Xts*

PS I know I've included other software titles and know they are seperate but in order to fully understand sometimes you have to mention the others..

[yardbird]

Welcome to Malwarebytes! It sound like you have several issues! Hardware, AV issues: you have seen this post: http://www.malwarebytes.org/forums/index.php?showtopic=18093

You have your AV & Firewall set to Trust these programs by Malwarebytes:

For Windows Vista or Windows 7:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  
• C:\ProgramData\Malwarebytes' Anti-Malware\rules.ref
  
• C:\Windows\System32\drivers\mbam.sys
  
• C:\Windows\System32\drivers\mbamswissarmy.sys
  

And it might not hurt to un-install - use a clean tool -- and re-install Malwarebytes, instructions below:

please try a clean tool below, remove the program and re-install again

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.

2. Restart your computer (very important).

3. Download and run this utility. http://www.malwarebytes.org/mbam-clean.exe

4. It will ask to restart your computer (please allow it to).

5. After the computer restarts, install the latest version from here. http://www.malwarebytes.org/mbam-download.php

Note: You will need to reactivate the program using the license you were sent

Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.

Restart the computer again and verify that MBAM is in the task tray and run a Quick Scan.

When you complete the above, please report back and give us a report

Keep an eye on this post as you may get some follow up replies.....

[XTS]

I see this last post was for me *blush*.. That's alot of work I must do now! You seem to have found something I've been searching for for quite a bit now.. An answer to this fiasco! I'm glad because my antivirus comes through my cable provider and they get awfully confused on who I'm supposed to talk to about problems with conflictions.. They both say to talk to the other.. lol

Sorry I did not come back sooner, things aside from pc issues are taking up alot of my time lately, demanding every available moment I have left in my day sometimes so please bear with me..

I'll try these tips and I thank you soooo much for taking the time to help! I realised after I'd posted some of what I'd mentioned had already been answered

but I was too tired to re-edit, so I was somewhat embarrassed to see the last few posts before mine after I'd posted. Atleast, amidst my ignorance I must've stated something that got me help with a few additional problems. I suppose that's worth the embarrassment.

Thanks again..

*Xts*

[XTS]

The servies not running belonged to McAfee. I can't figure out why sometimes they run and sometimes they don't. Maybe a confusion with which McAfee I have? I have the 3 user cox security suite (McAfee through Cox) and I'm supposed to be getting pro as of yesterday but it's not registering with the site. I was trying to work it to where I reinstalled mbam and mcafee (the new pro version) all on the same day but I chose to reinstall both today (still can't get the pro, something is messed up with my acct with cox and the code needed, pro is only for premier and up accts) and so far, so good. The virtual technician is with McAfee and it *could* be confused when it comes to this version??? I have no idea but it's the program saying 2 services are not running. There are a few that only run when ran manually (scan of course) but I don't know what it's finding.. I'm tired now. I did call in and get some advice on installing the 2.. They even helped a tiny bit with mbam ideas I've gotta do a scan again with both to be sure my downtime didn't allow anything but I think it's okay. Still getting the issue like others until the update fixes it. The mbam I redownloaded did not fix it. It still wants to clean up scripts and in MSCONFIG it is listed but I don't recall if it was under startup or services.. Startup I could stop if it's not important to "allow" it. Services I won't touch in there, I'd have to go to administrative tools to feel comfortable since I've heard to not mess with servies in msconfig..

Thanks for your tips and the clean uninstall tool was awesome! I wish all programs had that to clean up everything after theirselves.

Now I'll just wait on that update..

Xts*

[XTS]

I mean *services*..

[exile360]

Hello again XTS . If you want the entry removed so you don't get the UAC block each time your computer boots you can download the file in the post here and save it to your desktop then extract the .reg file and double click it to execute it. Click Continue or Allow to the UAC prompt then click Yes when it asks if you want to enter it into the registry and reboot. That should correct it for the time being and you can use that file if the error occurs again until version 1.42 of MBAM is released which will contain the permanent fix for this issue .

[XTS]

Hello again XTS . If you want the entry removed so you don't get the UAC block each time your computer boots you can download the file in the post here and save it to your desktop then extract the .reg file and double click it to execute it. Click Continue or Allow to the UAC prompt then click Yes when it asks if you want to enter it into the registry and reboot. That should correct it for the time being and you can use that file if the error occurs again until version 1.42 of MBAM is released which will contain the permanent fix for this issue .

Wow, no matter what I say you guys have an answer.. A good one. Sure beats alot of the other boards I've browsed through the years!! Thanks for the link.. All the help you guys have given is very appreciated!

*Xts*

[yardbird]

@ XTS

I suppose you have good news for us! Let us know please? ALso note If you have an issue or post, comment whatever, start a New Topic please - if its going to be yours. Like in Post #31 above, has you on the end of another user. see what I mean? regards...

[exile360]

Wow, no matter what I say you guys have an answer.. A good one. Sure beats alot of the other boards I've browsed through the years!! Thanks for the link.. All the help you guys have given is very appreciated!

*Xts*

You're very welcome . I'm glad I could help. If you need anything else just post.