Jump to content

Malwarebytes Premium 4.2.1 Not registering in the Windows Security Center??


Go to solution Solved by AdvancedSetup,

Recommended Posts

Hi, so I just happened to go check my Windows security settings, only to realize that for WHATEVER reason, Malwarebytes Premium (which I just bought for the sole purpose of NOT using Windows Defender alongside Malwarebytes Free) is no longer being detected in the Windows Security Center. I have had the option to automatically do it toggled on since I got the Premium version and haven't touched it, yet somehow it's inexplicably broken and not working anymore? I tried toggling the option on and off, and while that temporarily fixed it for a moment once, the fix wasn't permanent and is no longer doing anything at all. I also tried using the "Repair" function in the Malwarebytes Support Tool (which from a quick search, is SUPPOSED to be able to fix the issue), and while it reinstalled successfully and claimed that the repair was complete, my issue was not fixed! While I'm unsure of when this exactly happened, I don't recall seeing Windows Defender operating at all alongside Malwarebytes Premium before today, so it must have somehow just started happening today?

Link to post
Share on other sites

  • Replies 90
  • Created
  • Last Reply

Top Posters In This Topic

7 minutes ago, Molly2925 said:

I just bought for the sole purpose of NOT using Windows Defender alongside Malwarebytes

I highly suggest you keep Malwarebytes and Defender active.

Quote

The reason many of us members are pushing Keeping Defender on is the following.

Malwarebytes does not target script files during a scan... That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

Malwarebytes will detect files like these on execution-only.

And,

Malwarebytes is not designed to function like normal AV scanners and uses a new kind of scan engine that relies mostly on heuristics detection techniques rather than traditional threat signatures.  Malwarebytes is also designed to look in all the locations where malware is known to install itself/hide, so a full or custom scan shouldn't be necessary, especially on any sort of frequent basis (like daily), especially since the default Threat Scan/Quick Scan checks all loading points/startup locations, the registry, all running processes and threads in memory, along with all system folders, program folders, and data folders as well as any installed browsers, caches, and temp locations.  This also means that if a threat were active from a non-standard location because Malwarebytes checks all threads and processes in memory, it should still be detected.  The only threat it *might* miss would be a dormant/inactive threat that is not actively running/installed on a secondary drive, however, if the threat were executed then Malwarebytes should detect it.  Additionally, whenever a new location is discovered to be used by malware the Malwarebytes Research team adds that location dynamically to the outgoing database updates so the locations that are checked by the default Threat/Quick Scan in Malwarebytes can be changed on the fly by Research without requiring any engine or program version updates/upgrades.

An AV will catch the file just by downloading it or just opening a folder with a detected file in it.

For example, you get an email with an infected attachment, Malwarebytes will not even blink until you run it yet Defender will detect it if it is in their database without even actually clicking on it. Remember the list of files Malwarebytes does not target.

Then I will leave you with this.

As good as Malwarebytes is, it is just a layer of protection.

Using a browser that has Ublock Origin and the Malwarebytes Browser guard enabled is also a layer of protection.

Not opening attachments from an email unless you were expecting it from a specific user during a specific time period.

Do not use Torrents. Do not install every free software you find. Do not click links in an unknown email. Go directly to the sit listed in the email.

Having a monthly image of your computer on an external drive that is only connected during the backup is actually better than any protective software ever made. Macrium Reflect free is the program I use and place on every computer I service.

https://www.howtogeek.com/225385/what%e2%80%99s-the-best-antivirus-for-windows-10-is-windows-defender-good-enough/

 

Link to post
Share on other sites

Also, Please do the following so we can see what is going on with the computer.

Can you please collect and upload as an attachment the diagnostic data using our MBST?

  • Download and run the Malwarebytes Support Tool
  • Accept the EULA and click Advanced tab on the left (not Start Repair)
  • Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply
Link to post
Share on other sites

1 hour ago, Porthos said:

Also, Please do the following so we can see what is going on with the computer.

Can you please collect and upload as an attachment the diagnostic data using our MBST?

  • Download and run the Malwarebytes Support Tool
  • Accept the EULA and click Advanced tab on the left (not Start Repair)
  • Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply

Here are the logs, hope it helps resolve the problem!

I mainly wanted Malwarebytes Premium as a replacement for Defender because Defender is REALLY clunky to use and all it's ever really done for me is get annoying false positives on files. I'm already extremely cautious with stuff, so I'm not gonna be randomly downloading any suspicious things or anything (I also already got Ublock Origin on my browser, so I know that oughta help with things too, right?)

Even if it's not recommended to have Malwarebytes completely REPLACING Defender, the fact that this option has suddenly stopped working right is a source of stress to me, so I want it fixed even if it's "recommended" that I turn it off.

 

mbst-grab-results.zip

Link to post
Share on other sites

1 hour ago, Molly2925 said:

all it's ever really done for me is get annoying false positives on files.

The following was not a FP even though it was in the recycle bin.

Quote

Windows Defender:
===================================
Date: 2020-09-25 18:33:02.7810000Z
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DD!ml&threatid=2147757792&enterprise=0
Name: Trojan:Win32/Wacatac.DD!ml
ID: 2147757792
Severity: Severe
Category: Trojan
Path: file:_C:\$Recycle.Bin\S-1-5-21-2453933365-1349883502-3247715106-1001\$RU3K90M.exe

As good as Malwarebytes is, I personally will not use it alone. All of my clients using Malwarebytes premium have never been infected using Both. I would know because they get free cleaning if infected if I can prove the computer has both on.

 

 

Link to post
Share on other sites

1 minute ago, Porthos said:

The following was not a FP even though it was in the recycle bin.

As good as Malwarebytes is, I personally will not use it alone. All of my clients using Malwarebytes premium have never been infected using Both. I would know because they get free cleaning if infected if I can prove the computer has both on.

 

 

I honestly have no idea what that detection even WAS. It doesn't match ANYTHING that I downloaded, unless it was within one of the ASUS application reinstall tools I temporarily used earlier in the week when I was trying to solve a different computer problem. It was only detected as I was deleting everything in the Recycling Bin anyway. Haven't gotten any detections from either Malwarebytes OR Defender since, on their automatic scans this evening, either.

 

Any idea what's going on with the Malwarebytes setting yet? I certainly do hope the issue isn't too severe, and the possible fix isn't too involved. I dunno if I'd be able to stomach the stress and anxiety that would come with things like "reinstall Windows" or something like that....

Link to post
Share on other sites

7 minutes ago, Molly2925 said:

Any idea what's going on with the Malwarebytes setting yet?

Turn the setting in Malwarebytes back to register with security center. Restart the computer. let's see if it sticks.

I have done my personal due diligence in recommending keeping both on so it is your computer so you do as you wish.  (I am not the one offering my service for free cleaning any malware fro your system):D

Link to post
Share on other sites

Just now, Porthos said:

Turn the setting in Malwarebytes back to register with security center. Restart the computer. let's see if it sticks.

I have done my personal due diligence in recommending keeping both on so it is your computer so you do as you wish.  (I am not the one offering my service for free cleaning any malware fro your system):D

Do you mean toggle it off and on again and then restart? Or toggle it off, restart, and then toggle it on after restarting?

I tried the former thing already, and it didn't work, so if the latter is what I have to do, I'll try it now...

(also not sure what you're talking about with that service?)

Link to post
Share on other sites

I tried turning the setting off, restarting, and then turning it back on after the restart, and that didn't work either. Windows Defender is still the only option visible in the Windows Security Center, and Malwarebytes is nowhere to be found in it.

Although Malwarebytes still is starting up when booting up the computer and the rest of its functions appear to be working normally...

 

What else could possibly fix the problem?

Link to post
Share on other sites

1 minute ago, Molly2925 said:

Is there a way to register Malwarebytes manually WITHOUT using the option within Malwarebytes that I am not aware of?

No.

You might have done this already but do it again. Do not do repair...

Please do the following Uninstall and reinstall using the Malwarebytes Support Tool

Please have lots of patience with the tool.  The first phase is a cleanup and does require a Windows Restart.
After the Restart, it may take 2 - 3 - 4 minutes till the Support tool screen shows up.   Please be patient and have faith.  Wait for it, whatever it takes.
The 2nd phase is where it offers to do a new Install.

Link to post
Share on other sites

1 minute ago, Porthos said:

No.

You might have done this already but do it again. Do not do repair...

Please do the following Uninstall and reinstall using the Malwarebytes Support Tool

Please have lots of patience with the tool.  The first phase is a cleanup and does require a Windows Restart.
After the Restart, it may take 2 - 3 - 4 minutes till the Support tool screen shows up.   Please be patient and have faith.  Wait for it, whatever it takes.
The 2nd phase is where it offers to do a new Install.

 

I forgot to mention it before, but I DID actually try doing this before I did the "repair" option in the support tool. I'll try it again, but it didn't work when I tried it earlier...

Link to post
Share on other sites

Just did the reinstall again, and just like last time, the problem is still there. Despite the setting being on, "Always register Malwarebytes in the Windows Security Center" is not working and Windows Security Center is not detecting that it even exists!

 

What other options do I have to fix this at this point?

Link to post
Share on other sites

  • Root Admin

Hello Molly @Molly2925

The Event Logs show that something is preventing or blocking the change. We'll see if we can track it down and get it fixed.

Application errors:
==================
Error: (09/25/2020 08:54:47 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.

 

There are a few other errors as well that we'll try to address if possible

 

System errors:
=============

Error: (09/25/2020 05:54:37 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (09/24/2020 10:15:33 PM) (Source: Netwtw08) (EventID: 5010) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz : The network adapter has returned an invalid value to the driver.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (09/20/2020 12:18:00 AM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz : Has determined that the network adapter is not functioning properly.
5002 - uCode SW error (SysAssert, NMI)

 

Using the FRST program - (Farbar Recovery Scan Tool) please run the following.

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt

Thanks

 

Link to post
Share on other sites

11 minutes ago, AdvancedSetup said:

Hello Molly @Molly2925

The Event Logs show that something is preventing or blocking the change. We'll see if we can track it down and get it fixed.

Application errors:
==================
Error: (09/25/2020 08:54:47 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.

 

There are a few other errors as well that we'll try to address if possible

 

System errors:
=============

Error: (09/25/2020 05:54:37 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service SecurityHealthService with arguments "Unavailable" in order to run the server:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (09/24/2020 10:15:33 PM) (Source: Netwtw08) (EventID: 5010) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz : The network adapter has returned an invalid value to the driver.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (09/20/2020 12:18:00 AM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz : Has determined that the network adapter is not functioning properly.
5002 - uCode SW error (SysAssert, NMI)

 

Using the FRST program - (Farbar Recovery Scan Tool) please run the following.

Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from.
NOTE. It's important that both files, FRST or FRST64, and fixlist.txt are in the same location or the fix will not work.

Please make sure you disable any real time antivirus or security software before running this script. Once completed make sure you re-enable it.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt) or wherever you ran FRST from. Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

NOTE-1:  This fix will run a scan to check that all Microsoft operating system files are valid and not corrupt and attempt to correct any invalid files. It will also run a disk check on the restart to ensure disk integrity. Depending on the speed of your computer this fix may take 30 minutes or more.

NOTE-2: As part of this fix all temporary files will be removed. If you have any open web pages that have not been bookmarked please make sure you bookmark them now as all open applications will be automatically closed. Also, make sure you know the passwords for all websites as cookies will also be removed. The use of an external password manager is highly recommended instead of using your browser to store passwords.

The following directories are emptied:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Important: items are permanently deleted. They are not moved to quarantine. If you have any questions or concerns please ask before running this fix.

The system will be rebooted after the fix has run.

fixlist.txt 1.21 kB · 0 downloads

Thanks

 

Ah, I don't mean to be a bother, but where exactly do I find this "FRST" tool? I don't know where it is or if I have it.

Also I am a bit concerned over some of the files that are lost here. Could I back up my browser files to make sure I keep them after running the fix?

Link to post
Share on other sites

(Sorry for the multiple posts, this forum doesn't seem to have an "edit post" function)

I just noticed this topic was moved to the "Malware removal help & support" section... that kinda worries me tbh. Is it definitive that it's some weird malware that Malwarebytes and Defender can't detect?

Also, it's super late, so I'll be checking back and hopefully attempting that fix(?) in the morning when I get up tomorrow (assuming I get a reply relating to my concerns and questions). Really worried and anxious, I hope it can fix the issues...

Link to post
Share on other sites

Honestly I REALLY hope the problem can be found out and fixed really soon, these long waits for more instructions/information about what's going on are absolutely wrecking me!

I did do some extra searching earlier because I was anxious, and found out that people in the past who had problems with that event log error... ended up having virus problems that "slipped through the cracks" somehow, however those people had experienced other ill effects on their machines. For me, Malwarebytes being unable to be registered in the WSC is literally the only problem I'm facing, everything else appears to be operating just fine, including both MWB AND Defender, so I REALLY hope that the likelihood that an actual proper virus had caused this one minor issue is extremely low...

I really need to know, what am I supposed to do next? And what do the results in my Fixlog.txt say about any possible issues?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.