Jump to content

Windows Firewall-Malwarebytes 4.3


Recommended Posts

Since updating to 4.3 I receive a notice from Windows 10 Pro every time I start my system saying I need to turn on Windows Firewall.  When checking Windows Security Center, the three firewall options all show the firewall active.  Hopefully that status is accurate and this is a startup sequence timing issue and not a false report of Firewall status triggered by 4.3. 

One related symptom of 4.3 update which has an easy workaround; the default option for Malwarebytes registering with Windows Security Center changed to being on instead of off.  It does remain off once changed by the user.

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

If you are having technical issues with our Windows product, please do the following:

Malwarebytes Support Tool - Advanced Options

This feature is designed for the following reasons:

  • For use when you are on the forums and need to provide logs for assistance
  • For use when you don't need or want to create a ticket with Malwarebytes
  • For use when you want to perform local troubleshooting on your own

How to use the Advanced Options:

Spoiler
  1. Download Malwarebytes Support Tool
  2. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  3. Place a checkmark next to Accept License Agreement and click Next
  4. Navigate to the Advanced tab
  5. The Advanced menu page contains four categories:
    • Gather Logs: Collects troubleshooting information from the computer. As part of this process, Farbar Recovery Scan Tool (FRST) is run to perform a complete diagnosis. The information is saved to a file on the Desktop named mbst-grab-results.zip and can be added as an email attachment or uploaded to a forum post to assist with troubleshooting the issue at hand.
    • Clean: Performs an automated uninstallation of all Malwarebytes products installed to the computer and prompts to install the latest version of Malwarebytes for Windows afterwards. The Premium license key is backed up and reinstated. All user configurations and other data are removed. This process requires a reboot.
    •  Repair System: Includes various system-related repairs in case a Windows service is not functioning correctly that Malwarebytes for Windows is dependent on. It is not recommended to use any Repair System options unless instructed by a Malwarebytes Support agent.
    • Anonymously help the community by providing usage and threat statistics: Unchecking this option will prevent Malwarebytes Support Tool from sending anonymous telemetry data on usage of the program.
  6. To provide logs for review click the Gather Logs button
  7. Upon completion, click OK
  8. A file named mbst-grab-results.zip will be saved to your Desktop
  9. Please attach the file in your next reply.
  10. To uninstall all Malwarebytes Products, click the Clean button.
  11. Click the Yes button to proceed. 
  12. Save all your work and click OK when you are ready to reboot.
  13. After the reboot, you will have the option to re-install the latest version of Malwarebytes for Windows.
  14. Select Yes to install Malwarebytes.
  15. Malwarebytes for Windows will open once the installation completes successfully.

Screenshots:

Spoiler
 
 
 
 
Spoiler

 

 

01.png

02.png

03.png

04.png

05.png

06.png

 

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Link to post
Share on other sites

  • Staff

Greetings,

This is the first report of this issue I've seen.  If you would, please provide diagnostic logs so that we may take a look, assuming you can still replicate the issue.  Please change the setting back to default and see if the issue still occurs on startup, and if it does, please do the following:

  1. Download and run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply

Once that is done you can change the setting back if needed, though I'd recommend trying a clean install to see if that fixes the problem:

  1. Run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here

Please let us know how it goes and provide the requested logs for analysis.

Thanks

Link to post
Share on other sites

The primary issue is the Firewall, not the default of registering with Windows which was resolved after the first time of turning off the Register switch.

On the Logs side of life and the support tool; I have only been able to get updates completed since 4.0 by using the support tool.  Here is the Results text file only 'mbst-fix-results.txt'.  I have the logs from the update conducted for 4.2.3 attached, I didn't run logs until just now to reply to this email.  I just did it and that file (attached) has no date in the name of the results and is the full zip file.

mbst-fix-results.txt mbst-grab-results-201101.zip mbst-grab-results.zip

Link to post
Share on other sites

Hello?  Thanks for the first quick reply, can you help me with the connection between automatic updates and why that impacts the program causing it to trigger the Windows Firewall notice at startup?  Is there something going on with the selection/option the title doesn't quite tell we users about the process?  Does it cause a sequence problem during Startup?

I don't use it because of all the challenges I've had with each and every update since 4.0, so I have it notify me of updates only.  Then I select a time where I can spend an hour updating the program.  First trying the in-program update process, then shifting to the support tool, gathering logs, etc. process to get the program to update. So I would like to know what is actually happening behind the Option.

Link to post
Share on other sites

  • Staff

My personal suspicion is that it likely has more to do with timing than anything else since fast startup is enabled in Windows (a setting known to cause problems with Malwarebytes and other applications sometimes).  To determine if this is the issue you can disable fast startup as documented here to see if it corrects the issue.

Link to post
Share on other sites

Thank you.  I attempted the change as I agree on the timing factor as the principle trigger.  I turned off the fast startup, only item left (sleep and hibernation were already off).  That made a change, the notice doesn't pop up until at least a minute or two later rather than already flagged upon user login to the system. 

In case the last Win10Pro update modified the Hibernation function I searched for hyberfil.sys, doesn't seem to exist on the system.  Are you aware of any other cache that would keep drivers, etc. stored for the OS that is not typically advertized/communicated to users?  I'm using an SSD for the system drive, Samsung, so I'm now digging into any potential cache config Magician is using that could be a stealth file. 

Given all this digging into Windows, my primary curiosity remains, why did this not exist prior to 4.3?  Not that it has to be a bug in 4.3, could be tightening up sequences, etc. to better comply with MS architecture/structure.  Wouldn't be the first time MS redacts older shortcuts that then create new problems.  😏

Link to post
Share on other sites

  • Staff

I suspect it's just due to the installation of the new version changing the timing of things due to the way Windows 10 works (it can be very inconsistent in how things start up, especially where timing is concerned).  You should also check in services.msc to make sure that the Windows Defender Firewall service is set to Automatic (not Automatic (Delayed Start)) as that too could be the cause of the issue.

As I mentioned previously, you're the first user I'm aware of who has reported this, so I suspect that whatever is causing it, it isn't a common issue.  It could be a problem with Windows itself, or with some other software or component in the system, but given your description of things, timing definitely seems to be the primary factor, so perhaps something is delaying the Windows Defender Firewall service from starting as it normally would for some reason, as that would indeed cause Security Center to report that the firewall is disabled.

Link to post
Share on other sites

Hum, OK.  Checked to validate setting, it's Auto, not delayed.  What is the current toolset being used to see the sequence of Startup?  Been too long that MS has hidden that info and I've not had to dig for it.  Sure would be nice to be able to sequence how things load...

After this I'll close the topic so as not to add too much noise to the forum, and it doesn't appear to be security impacting.  Thanks again for the insights/assist!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.