MBAM Pro stalls my PC

[ako]

MBAM Pro stalls my PC (had to reboot and uninstall in safe mode).

My setup win7, Prevx free, Sandboxie, Winpatrol. I use always LUA.

Has anyone else had such a problem?

[Firefox]

Hello and

Please exclude the following files from your Antivirus Software (not sure what version of you are using):

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

For Windows XP:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
  
• C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  
• C:\Windows\System32\drivers\mbam.sys
  
• C:\Windows\System32\drivers\mbamswissarmy.sys
  

For Windows Vista or Windows 7:

• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
  
• C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
  
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  
• C:\Windows\System32\drivers\mbam.sys
  
• C:\Windows\System32\drivers\mbamswissarmy.sys
  

For 64 bit versions of Windows Vista or Windows 7:

• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
  
• C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
  
• C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  
• C:\Windows\System32\drivers\mbam.sys
  
• C:\Windows\SysWoW64\drivers\mbamswissarmy.sys
  

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude MBAM.EXE and MBAMSERVICE.EXE from it as well

Note: Once that's done, please make sure that if either of those programs has any sort of web filter, that you add the following as a trusted site:

data-cdn.mbamupdates.com

The FAQ contains examples of setting file exclusions for some known AV products

Please post back and let us know how it went.

[ako]

I have no antivirus (see also above)

My personal setup for 64-bit Windows 7 desktop:

LUA+TweakUAC

Windows Firewall

Sandboxie Pro $

Prevx free with Safeonline

Winpatrol Plus $

No Autorun

[ako]

I have no antivirus (see also above)

My personal setup for 64-bit Windows 7 desktop:

LUA+TweakUAC

Windows Firewall

Sandboxie Pro $

Prevx free with Safeonline

Winpatrol Plus $

No Autorun

P.S. The PC is not infected.

[ako]

Haloo!!!

What should I do? Do I Ask my money back?

[exile360]

Greetings, please set the exclusions described in this post in PrevX and any other security application that you have on your computer (assuming those other security apps allow exclusions/ignore lists) and add the Program Files folder for PrevX and your other security software to the Ignore List in Malwarebytes' Anti-Malware.

For Malwarebytes' Anti-Malware, you can add a folder to the Ignore List by doing the following:

• Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  
• Click on the Add button and browse to the folder you wish to exclude and click on it once to highlight it then click on OK
  
• Once that is complete, close Malwarebytes' Anti-Malware
  

Once you have all of the exclusions set up, try enabling the Protection Module in Malwarebytes' Anti-Malware once more to see if setting exclusions corrected the issues or not.

Thanks

[exile360]

An additional note, you'll likely need to log into Windows as an administrator in order to set up exclusions.

[ako]

It is the FREE version of Prevx,it has no active shields.

[exile360]

Are you running MBAM inside of Sandboxie? Do you not have any antivirus installed? If you don't have one, you should, Malwarebytes' Anti-Malware is insufficient to be used as your primary protection, it is only designed to detect and remove threats that most antivirus software fails to.

Also, what is "TweakUAC"? Does it alter user profile permissions and UAC default behaviors?

[ako]

Are you running MBAM inside of Sandboxie? Do you not have any antivirus installed? If you don't have one, you should, Malwarebytes' Anti-Malware is insufficient to be used as your primary protection, it is only designed to detect and remove threats that most antivirus software fails to.

Also, what is "TweakUAC"? Does it alter user profile permissions and UAC default behaviors?

Well I'm not running MBAM in Sandboxie (of course). I don't need an AV, my other security measures are more than enough. I know "MBAM is only designed to detect and remove threats that most antivirus software fails to". I have used MBAM to clean many PC:s and bought the paid version to support it.

P.S. I'm the author of Probably the Best Free Security List in the World (815000 visitors so far)

http://www.techsupportalert.com/content/probably-best-free-security-list-world.htm

Yes, TweakUAC makes my user account easy to use, I almost never go to admin account.

[exile360]

Alright, please do the following:

Create an Autoruns Log:

• Please download Sysinternals Autoruns from here and save it to your desktop.
  
  • Note: If using Windows Vista or Windows 7 then you also need to do the following:
    
    1. Right-click on Autoruns.exe and select Properties
       
    2. Click on the Compatibility tab
       
    3. Under Privilege Level check the box next to Run this program as an administrator
       
    4. Click on Apply then click OK
       

  [*]Double-click Autoruns.exe to run it.

  [*]Once it starts, please press the Esc key on your keyboard.

  [*]Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures so that it is now checked

  [*]Click on the Options button again and this time uncheck Hide Windows Entries

  [*]Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.

  [*]When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.

  [*]Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder

  [*]Attach the Autoruns.zip folder you just created to your next reply

Thanks

[ako]

;-)

Thanks!

AutoRuns.zip

[exile360]

Hello again

Please do one of the following (which you choose is up to you):

Option 1:

Disable Autostart Entries Using Autoruns:

Please open Autoruns.exe again and allow it to perform its scan. Once it finishes please proceed with the following:

• Click on the Services tab and click the checkbox on the left side of each of the following so that they are unchecked:
  
  • CSIScanner
    

  [*]Click on the Drivers tab and click the checkbox on the left side of each of the following so that they are unchecked:

  • pxkbf
    
  • pxrts
    
  • pxscan
    

  [*]Once that is complete, restart your computer.

Option 2:

Uninstall PrevX:

• Click on the Start button and select Control Panel
  
• Click on Programs and Features
  
• Uninstall the following if found by right clicking each entry and selecting Remove (if available as an option, otherwise click Change) and follow the instructions to completely remove the software and reboot your computer once uninstallation is complete:
  
  
  
• PrevX CSI
  
  

Once one of the above procedures is complete, enable Malwarebytes' Anti-Malware again and let me know if the issue still occurs or not.

Thanks

[ako]

Have you checked at lab, that Prevx can conflict with MBAM?

[exile360]

Yes, without exclusions set (and sometimes even with exclusions set) it can conflict.

For the moment I'm going through the process of elimination to determine what is causing the issue. You have a lot of programs that launch at boot (as shown in your Autoruns log), so I'm going through them one at a time to see if we can figure out which one is causing the conflict during boot (assuming a conflict is the issue, which it generally is in cases like this where the system locks up on boot with MBAM's protection module enabled).

[ako]

Yes, without exclusions set (and sometimes even with exclusions set) it can conflict.

For the moment I'm going through the process of elimination to determine what is causing the issue. You have a lot of programs that launch at boot (as shown in your Autoruns log), so I'm going through them one at a time to see if we can figure out which one is causing the conflict during boot (assuming a conflict is the issue, which it generally is in cases like this where the system locks up on boot with MBAM's protection module enabled).

Yes, it is Prevx. When will you correct this?

[exile360]

Usually setting exclusions works. Please do the following:

Reinstall or re-enable PrevX (reinstall the program or open Autoruns and check the boxes next to the items I had you uncheck depending on which option you chose) then proceed with the following:

• Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  
• Click on the Add button and browse to C:\Program Files and click on the Prevx folder to highlight it
  
• Click on OK
  
• Do the same for the following files:
  
  • C:\Windows\System32\drivers\pxkbf.sys
    
  • C:\Windows\System32\drivers\pxrts.sys
    
  • C:\Windows\System32\drivers\pxscan.sys
    

I have the following exclusions instructions for PrevX version 3.0, hopefully they apply to the version you're using and will help to resolve the problem:

• Open PrevX
  
• Click on Settings in the list on the left
  
• Select Detection Overrides from the Settings page
  
• Click the blue Add Override button near the lower-right
  
• Using the file selector, navigate to the following folders one at a time and use the Add Override button to add each to the list:
  
  • C:\Program Files\Malwarebytes' Anti-Malware
    
  • C:\ProgramData\Malwarebytes
    
  • C:\Users\<user-name>\AppData\Roaming\Malwarebytes
    

  [*]Answer Yes when prompted

  [*]Click the blue Add Override button again.

  [*]Using the file selector, navigate to the following file and use the Add Override button to add them to the list:

  • C:\Windows\System32\drivers\mbam.sys
    

  [*]In the pop up window, click the drop down menu that says Detect This File select Ignore This File then click Save

  [*]Answer Yes when prompted

Once that is done, try once more to run the two of them together, hopefully that will eliminate the issue.

Please let me know if that corrected the issue or not.

Thanks

[ako]

Option 1 was actually a disaster: My keyboard stopped working (also in safe mode). After trying many things I decided to return to a recently taken image of C-partition. So I dear not to try this. Maype it was due to the Safeonline-part of Prevx? Are you sure all drivers are included above?

[exile360]

Option 1 was actually a disaster: My keyboard stopped working (also in safe mode). After trying many things I decided to return to a recently taken image of C-partition. So I dear not to try this. Maype it was due to the Safeonline-part of Prevx? Are you sure all drivers are included above?

I assume you're referring to Option 1 in my post about disabling PrevX using Autoruns? It shouldn't be necessary now, I thought you already determined that PrevX was the issue.

You should be able to set the exclusions as described in this post and that will hopefully resolve the conflicts.

[ako]

I assume you're referring to Option 1 in my post about disabling PrevX using Autoruns? It shouldn't be necessary now, I thought you already determined that PrevX was the issue.

You should be able to set the exclusions as described in this post and that will hopefully resolve the conflicts.

OK thanks