Jump to content

Malwarebytes 2.0 starts on its own


Recommended Posts

Not sure it this is what your seeing, but you may give it a try....

MBAM 2 *always* starts with Windows

Delete Autostart Entries Using Autoruns:

  • Please download Sysinternals Autoruns from here and save it to your desktop.
    • Note: If using Windows Vista or Windows 7 then you also need to do the following:
      • Right-click on Autoruns.exe and select Properties
      • Click on the Compatibility tab
      • Under Privilege Level check the box next to Run this program as an administrator
      • Click on Apply then click OK
  • Double-click Autoruns.exe to run it.
  • Now, in Autoruns, click on the Logon tab and look for any Malwarebytes Anti-Malware entries. If you find one, right-click on it and select Delete then click Yes when asked to confirm. Once that is done, reboot your computer and see if Malwarebytes Anti-Malware still starts when you've set it not to do so.

    For those curious, this happens because the old startup entry for Malwarebytes Anti-Malware 1.75 is sometimes left behind in the registry after it has been uninstalled. Malwarebytes Anti-Malware 2.0 does not use the registry to start with Windows, but this old entry may cause it to start.

Link to post
Share on other sites

As with the previous versions it silently updates itself (as scheduled) even when the program is closed. Unlike the previous versions, I suspect when version 2.0 does this, it also opens the program afterwards even when not set to start with Windows.

Link to post
Share on other sites

Hopefully a mod will see this and move it if appropriate. Don't really want to duplicate this post. As I said previously, when not set to start with Windows, it does NOT start with Windows. It opens by itself later, sometimes hours later. That why I suspect it's opening after it's updating as I have it set to update once a day in the afternoon.

Link to post
Share on other sites

  • Root Admin

So what are you trying to achieve here?  You have a paid product it looks like but then you don't want to use it?

 

This needs to be removed from the Registy, in theory a reboot of the computer will do that automatically.

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-03-05] (Malwarebytes Corporation)

From an elevated admin command line you should be able to remove the services

 

SC DELETE MBAMScheduler

SC DELETE MBAMService

SC DELETE MBAMProtector

 

Then you'll pretty much have the free version.  Or you can run the MBAM CLEAN procedure but this time make sure you do not license or activate the program.

Link to post
Share on other sites

Of course I want to use the paid version. I was simply asking why when I set Malwarebytes not to start with Windows does it still start after it updates. Previous versions did not do this. It was just a question because the behavior in earlier versions of Malwarebytes is different than 2.0 on this issue.

Link to post
Share on other sites

  • Root Admin

Well not sure what's going on then because your services are not loaded properly. Where are you setting it to not load on restart?

I would highly recommend that you do the clean removal and reinstall and then reboot and post back a new mbam-check log as currently the program just is not running correctly period.

 

MBAM Clean Removal Process 2x

 

Thanks

Link to post
Share on other sites

  • Root Admin

No, these are services that unless you specifically try to stop or prevent from loading they should load.

 

Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)

 

Please try the clean removal procedure and reinstall and then let me know if you're still having the issue or not.  Again, how or where are you setting the program not to load on restart?

Link to post
Share on other sites

  • Root Admin

Let's try this another way.  Please disable the Self Protection module under Advanced Settings

 

Next run the mbam-clean removal again but DO NOT reinstall MBAM.

Then restart your computer 2 more times.

 

Then delete your current frst.txt, addition.txt, and CheckResults.txt files.  Then run the scanners again and post back all 3 new logs.

Link to post
Share on other sites

  • Root Admin

STEP 1

Can you please upload this driver to https://www.virustotal.com and have them scan it and then post back the link to the scan.
I believe its a false positive listing but want to double check on it.  Then if you can zip it up and attach it to your reply as well.
 
E:\Program Files\Unlocker\UnlockerDriver5.sys

 

STEP 2
Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

STEP 3

Create an Autoruns Log:

  • Please download Sysinternals Autoruns from here.
  • Save Autoruns.exe to your desktop and double-click it to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and select Verify Code Signatures
  • Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
  • When it's finished, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.
  • Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
  • Attach the Autoruns.zip folder you just created to your next reply

 

 

STEP 4

Please download the correct version of SystemLook for your computer and save it to your desktop.
You can check here if you're not sure if your computer is 32-bit or 64-bit

SystemLook 32-bit x86 | or | SystemLook 64-bit x64

  • If using Windows XP just double click on SystemLook.exe to run it.
  • For all other versions of Windows, right click over SystemLook.exe or SystemLook_x64.exe and choose Run as administrator to run it
  • Copy the contents of the following code box into the main text field - including the colon characters.
    :filefind*mbam*:folderfind*mbam*:regfindmalwarebytes
  • Click the Look button to start the scan
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop named SystemLook.txt

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.