Jump to content


Photo

Common Questions, Issues, and their Solutions


  • This topic is locked This topic is locked
17 replies to this topic

#1 Tigger93

Tigger93

    Forum Deity

  • Moderators
  • PipPipPipPipPipPip
  • 1,668 posts
  • Gender:Male

Posted 20 January 2009 - 10:33 PM

Section A

Common Issues, Questions, and their Solutions

B - Command Line Support
C - Error Codes
D - Error Code 732 - Automatically Detect Settings in IE & Note for NetZero Users
E - McAfee VirusScan Enterprise 8.x
F - Trend Internet Security Pro
G - IP Protection Module
H - AVG Anti-Virus
I - Microsoft Security Essentials
J - Norton 360 version 4
K - Avast! 6
L - Malwarebytes Freezes or Crashing During Scans
M - Panda Global Protection 2012
N - PROGRAM_ERROR_UPDATING (11001, 0, Host not found) and (11004, 0, No address found)
O - Scheduler in Malwarebytes Anti-Malware PRO (1.51.x and later versions)
P - How to manually update MBAM while CA Internet Security is installed.
Q - Malwarebytes Anti-Malware won't open on Windows XP but the computer is not infected.

I'm infected - What do I do now?, Please follow these instructions to clean your system
  • ISSUE: Freezing or disappearing program issues with Trend Internet Security Pro
    SOLUTION: Follow the directions posted here - if possible adapt to your version of Trend as needed.
    Further information from Trend on the subject.
  • ISSUE: Freezing or disappearing program issues with McAfee VirusScan Enterprise
    SOLUTION: Follow the directions posted here - if possible adapt to your version of McAfee as needed.
  • ISSUE: I have an Anti-Virus/Internet-Security other than TrendMicro and McAfee
    Here are links to assist with Kaspersky: Kaspersky Internet Security 2009 Kaspersky Internet Security 2010
    SOLUTION: Check your Anti-Virus/Internet-Security application to see if you can add exclusions for specific applications/files to ignore. You may need to contact their technical support or check their support website for instructions. You will need to set your Anti-Virus/Internet-Security to ignore/exclude the following files:
    • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • ISSUE: I need to get the latest database onto a computer that cannot access the Internet.
    SOLUTION: You can manually copy the database from a working computer using a flash drive or CD onto the infected PC. Our database file is stored in the following locations.
    • Windows XP and 2000
    • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    • Windows Vista and Windows 7:
    • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

      Note: Starting with Malwarebytes Anti-Malware 1.60, you must also copy the file database.conf located within the Configuration folder which is in the same folder as rules.ref listed above.
    You can also download a manual update from here - NOTE: This manual update will always be way behind in version level compared to updates from within the program.
  • ISSUE: When I try to run Malwarebytes' Anti-Malware, or when I try to install it, nothing happens.
    SOLUTION: Here are a few tutorials you can try to help resolve these issues:
  • ISSUE: I'm not sure how to register Malwarebytes' Anti-Malware
    SOLUTION: Registration is only required when you have purchased a license. If you have purchased a license, please open Malwarebytes' Anti-Malware, click on the 'Protection' tab, click on the 'Activate' button, and then enter the ID and Key that were given to you when you purchased the program.
  • ISSUE: After purchasing, when I enter my ID and Key, I am told that my ID and Key are invalid.
    SOLUTION: Follow these procedures as outlined below.
    • Download and run this utility. mbam-clean.exe
    • It will ask to restart your computer (please allow it to).
    • After the computer restarts, Temporarily disable your Anti-Virus and install the latest version of Malwarebytes' Anti-Malware from here
      Note: You will need to reactivate the program using the license you were sent
      Launch the program and set the Protection and activation. Then go to the UPDATE tab if not done during installation and check for updates.
      Restart the computer again and verify that MBAM is in the task tray. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.
  • ISSUE: I'm unable to update Malwarebytes' Anti-Malware it either does nothing or I get an error 732
    SOLUTION: Please first try the following and if that does not work then review one of the post for setting exclusions to Malwarebytes' Anti-Malware in your Anti-Virus/Internet-Security/Firewall applications
  • ISSUE: When I try to Start Protection I get an error code 1073
    SOLUTION: Please follow the same instructions for #7 (After purchasing, when I enter my ID and Key, I am told that my ID and Key are invalid.)
  • ISSUE: I've ran a scan with Malwarebytes' Anti-Malware and it says something is infected but I don't think it is
    SOLUTION: Before reporting a false positive, you need to save a log in developer mode. This will allow us to figure out how the false positive came to be. Simply follow these directions.
    • Click the Start Menu
    • Click Run (On Vista/Windows 7 you can type in the search line)
    • Type in "mbam.exe /developer", without the quotes
    • Run the same type of scan you did before and save the logfile and post it in a NEW post here
  • ISSUE: I would like to manually modify Malwarebytes' Anti-Malware settings by Command Line
    SOLUTION: Please review the post here on using the Command Line
  • ISSUE: I'm not sure if I am infected or Malwarebytes' Anti-Malware keeps finding the same infection over and over, what should I do?
    SOLUTION: Please read and follow the directions posted here
  • ISSUE: I'm having other PC issues, are there any other self help articles?
    SOLUTION: Yes, please review the post here
  • ISSUE: The self help articles are nice but I need a little more guidance or support for non Malware related PC issues
    SOLUTION: We have a forum for that as well. Please post questions or answer posts not related to Malware here
  • ISSUE: I'm getting a Runtime error 0 and 440 automation error.

    Posted Image Posted Image

    SOLUTION: Please do the following to see if it fixes the error:
    • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):
      if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\mbamext.dll"
      if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\ssubtmr6.dll"
      if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\vbalsgrid6.ocx"
      if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\mbamext.dll"
      if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\ssubtmr6.dll"
      if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\vbalsgrid6.ocx"
    • Once you've done that click on File and select Save As...
    • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
    • Name the file MBAM Fix.bat (the .bat extension is very important)
    • Save the file to your desktop and double click it to run it on XP. For Vista please right click on it and choose Run As Admin
    • Click OK to each of the 3 dialog boxes that should show a success message for each file registered
    • If you get an error that REGSVR32 "is not recognized as an internal or external command, operable program or batch file", then ensure that the file REGSVR32.EXE exists in the %WINDIR%\SYSTEM32 folder. If it's not found there you can copy if from another Computer running the same operating system and service pack level.
      If that doesn't fix it then please download and install the Microsoft Visual Basic Common Controls from here to see if it helps.
  • ISSUE: I'm changing computers. How do I Transfer my License to the new computer?
    SOLUTION: Keep a copy of your ID/KEY from the computer you wish to remove it from and you can run the following to remove it from the old computer.
    • Download and run this utility. mbam-clean.exe
    • It will ask to restart your computer (please allow it to).
    • Then install MBAM on the new computer and Activate it with the ID/KEY from the system you just removed it from.
    You should also have an email from Cleverbridge with your ID/KEY purchase information.
  • ISSUE: The Malwarebytes' Anti-Malware tray icon takes a long time to load on Windows Vista or Windows 7
    SOLUTION: This is quite normal and happens because in Vista and 7, Microsoft allows services to startup with a delay. Doing this with the Malwarebytes' Anti-Malware protection module helps to ensure that no conflicts occur during startup with your resident antivirus protection, allowing it to load before Malwarebytes' Anti-Malware does. If you wish to change this behavior, read on, though it is generally not recommended:
    • Click on the Start Posted Image button and type services.msc and press Enter
    • Click Continue at the User Account Control prompt
    • Once the Services window opens, scroll down the list until you find MBAMService and double click on it
    • Click on the drop down menu next to Startup Type and select Automatic instead of Automatic (Delayed Start)
    • Click the Apply button and click on Ok
    • Close the Services control panel and restart your computer, the Malwarebytes' Anti-Malware tray icon should load up much earlier after logging into Windows now
  • ISSUE: I keep getting the following detections, even after allowing Malwarebytes' Anti-Malware to fix them:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S)
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1")
    SOLUTION: Most often when these two items return repeatedly it is due to the presence of an IOLO product such as System Mechanic. System Mechanic and other IOLO security products alter these settings from their Windows defaults. If you do have an IOLO product installed, it is best to simply change the security setting in your IOLO product so that it does not change the settings for .reg files and .scr files or that you simply have Malwarebytes' Anti-Malware ignore these particular detections. These entries are not actual infections, just system settings changes that are not set to their defaults, which is something that some infections will do to prevent .reg files and .scr files from executing, which is why Malwarebytes' Anti-Malware detects these items, since it has no way of knowing if the change was made by the user, an infection, or a legitimate software such as IOLO.
  • ISSUE: Why does Windows always ask to allow Malwarebytes' Anti-Malware to run when I try to open the scanner on Windows Vista and Windows 7?
    SOLUTION: This is quite normal and happens because of a feature in newer Windows versions known as User Account Control. When you receive one of these prompts for Malwarebytes' Anti-Malware, simply click Continue or Allow and the program should be able to run without any issues. On Windows Vista you may also see a tray notification stating that Windows has blocked some startup programs. When you see this, click on the tray icon and if Malwarebytes' Anti-Malware is listed, click to allow it to run.
  • ISSUE: I am receiving the message PROGRAM_ERROR_LOAD_DATABASE when I try to open Malwarebytes' Anti-Malware, what does it mean and how can I fix it?
    SOLUTION: Usually this occurs because your database file has become corrupt. It is usually corrected by following the instructions posted below (choose the instructions that apply to your version of Windows):

    Note: If the issue occurs again after doing this, or happens frequently on your system then it could be due to issues with your internet connection, which happens most often with slower/less stable connections such as satellite and dialup.

    Show Hidden Files and Folders in Windows XP:
    • Click Start and select My Computer
    • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
    • Select Folder Options
    • Click the View tab and make sure Show hidden files and folders is selected under Hidden files and folders
    • Next, uncheck the box next to Hide protected operating system files (Recommended)
    • Then, uncheck the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Then go to C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware and delete rules.ref. Once you've done that, start MBAM and when it shows the error and asks to update, let it do so and see if that corrects it.

    Show Hidden Files and Folders in Windows Vista and Windows 7:
    • Click on the Start Posted Image button and select Computer
    • Press the Alt key on your keyboard and click on Tools
    • Select Folder Options
    • Click the View tab and make sure that Show hidden files and folders is selected under Hidden files and folders
    • Next, uncheck the box next to Hide protected operating system files (Recommended)
    • Then, uncheck the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Then go to C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware and delete rules.ref. Once you've done that, start MBAM and when it shows the error and asks to update, let it do so and see if that corrects it.


    Reset Hidden Files and Folders in Windows XP:
    • Click Start and select My Computer
    • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
    • Select Folder Options
    • Click the View tab and make sure Do not show hidden files and folders is selected under Hidden files and folders
    • Next, check the box next to Hide protected operating system files (Recommended)
    • Then, check the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Reset Hidden Files and Folders in Windows Vista and Windows 7:
    • Click on the Start Posted Image button and select Computer
    • Press the Alt key on your keyboard and click on Tools
    • Select Folder Options
    • Click the View tab and make sure that Do not show hidden files and folders is selected under Hidden files and folders
    • Next, check the box next to Hide protected operating system files (Recommended)
    • Then, check the box next to Hide extensions for known filetypes
    • Click Apply then click OK
  • ISSUE: I am receiving the message Run-time error '453': Can't find DLL entry point Get Config Parameter in mbamnet when I try to open Malwarebytes' Anti-Malware, what does it mean and how can I fix it?
    SOLUTION: Usually this occurs because you have just run a program update and have not restarted your computer yet. Please restart your computer which should correct the error.
  • ISSUE: When attempting to mount an image using Acronis True Image with Malwarebytes' Anti-Malware PRO running, the system freezes.
    SOLUTION: You may either change the option while mounting a disk image to Read/write mode which is described here or simply update to the latest version of Acronis True Image (currently version 2012) available here.

Edited by exile360, 11 July 2012 - 12:14 PM.
Updated mbam-clean link


#2 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:20 AM

Section B

Command Line Parameters:


Malwarebytes' Anti-Malware supports a variety of command line parameters, which can be used from either a command prompt, batch file or script. (Note: some of these parameters are available in the PRO version only.)

mbam.exe <parameters>

(where parameters is one or more of the following)

  • /errorsilent: suppresses all critical errors and writes the last error to <root-drive>\mbam-error.txt where <root-drive> is the hard drive where Windows is installed, also known as the System Drive.

    Example:

    mbam.exe /errorsilent will suppress all errors when the program is running.
  • /proxy <required server> <optional port> <optional username> <optional password>: allows the user to update through a proxy server. Leave blank to remove any proxy settings previously set.

    Examples:

    • mbam.exe /proxy will remove the proxy settings.
    • mbam.exe /proxy proxy.com 80 will use proxy.com on port 80 with no credentials.
    • mbam.exe /proxy proxy.com 80 admin password will use proxy.com with the specified credentials.
  • /logtofolder <optional path>: allows the user to save all log files to the specified folder. If this folder does not exist, Malwarebytes' Anti-Malware attempts to create it. If the path is blank, changes are reverted to default settings. These logs do not show up on the Logs tab.

    Example:

    mbam.exe /logtofolder C:\mbam_log_files will save all future log files to the location C:\mbam_log_files.

    Note: Protection logs created by the protection module will always be saved to the same location
  • /logtofile <optional path>: allows the user to save all log files to the specified file. If this file does not exist, Malwarebytes' Anti-Malware attempts to create it. Newest entries are appended to top of the file. If the path is blank, changes are reverted to default settings. This log does not show up on the Logs tab.

    Example:

    mbam.exe /logtofile C:\mbam_log_files\mbam-log.txt will save all future log files to the location C:\mbam_log_files\mbam-log.txt.

    Limitations: The path, in the above case C:\mbam_log_files, must exist. This option will not create folders if they don’t exist, only the log file.

    Note: Protection logs created by the protection module will always be saved to the same location
  • /debug <optional -silent>: allows the user to collect information to send as a bug report.

    Examples:

    • mbam.exe /debug will bring up a prompt to save the debug file.
    • mbam.exe /debug -silent will save debug file silently to <root-drive>\mbam-info.txt where <root-drive> is the hard drive where Windows is installed, also known as the System Drive.
  • /register: allows the user to register the program without displaying the main dialog box.

    Examples:

    mbam.exe /register 12345-67890 AAAA-BBBB-CCCC-DDDD will register the product using the license key passed in the parameters.

    Limitations: Protection must be enabled using the program user interface if it is to be enabled before the system restarts.
  • /developer: this command line parameter is used to execute the program in developer mode and will create a log with encrypted information on items detected in a scan. It is used for reporting false positives and allows the researchers to determine why an item is being detected. Example: mbam.exe /developer will start the program with detailed detection information.

    Note: When reporting a false positive, please be sure to use the /developer switch and provide the resulting log to the researchers.
  • /update <optional -silent>: allows the user to update the product and database.

    Examples:

    • mbam.exe /update will attempt to update the database or program, depending on settings.
    • mbam.exe /update -silent will attempt to update the database or program silently.
  • /scan <optional -quick or -full or -flash> <optional -silent> <optional -remove> < optional -terminate> <optional -reboot> <optional -log>: initiates a scan with the selected options.

    Parameters:

    • -quick: initiates a quick scan.
    • -full: initiates a full scan using saved drives in the registry.
    • -flash: initiates a flash scan of memory and heuristics only.
    • -terminate: closes the program after a scan completes and no threats were found (cannot be used with -silent). If an item is detected, the program remains open so that the user can decide whether or not to remove the detected threat(s).
    • -log: overrides the save log checkmark on the settings tab. If the Automatically save log after scan completes option is unchecked, a log file will still be saved when the –log parameter is used.
    • -silent: hides the GUI while scanning (does not need to be used with –terminate).
    • -reboot: reboots the computer if necessary, only valid if -silent is used.
    • -remove: automatically removes threats and saves a log file. Unless -silent is specified, GUI stays open.

    Examples:

    • mbam.exe /scan will run a default scan.
    • mbam.exe /scan -full will run a full scan.
    • mbam.exe /scan -flash -terminate will run a flash scan and terminate if no objects are detected.
    • mbam.exe /scan -quick -log -silent -remove -reboot will run a quick scan silently, save logs, automatically remove threats, and reboot if necessary.

    Limitations:

    • -terminate parameter cannot be used with the -silent parameter since the program will automatically terminate when the -silent parameter is used.
    • -reboot parameter is only valid if used with the -silent parameter.
  • /schedule <optional /update or /scan -quick or /scan -full or /scan –flash> <optional /realtime or /hourly or /daily or /weekly or /monthly or /once or /onreboot or /random>: these items allow the user to choose the frequency for the scheduled update or scan to occur:

    • <optional /starting mm/dd/yyyy hh:mm:ss>: this item allows the user to set the time for the scheduled scan or update to start.
    • For /realtime omit this - the current time is assumed.
    • For /random - this item selects a random time to set the scheduled scan or update to occur. /random may only be used with /hourly or /daily and randomizes the Hour and Minute or Hour and Minute and Second respectively
    • <optional /every X where X is a number for the frequency of the scan or update to occur> <optional /recover X where X is the number of hours for the scan or update to attempt to run again if the computer was unavailable during the scheduled time>
    • <optional /wakefromsleep>: may be used with a scan or an update. Malwarebytes' Anti-Malware will attempt to wake the computer from sleep to perform the scheduled scan or update.


      Limitations: Not supported with /onreboot for scans or /realtime or /onreboot for updates.
    • <optional /flash executes a Flash Scan after a successful update

      Note: only used with /update>

    Examples:

    • /schedule /scan -quick -remove -terminate -log /daily /starting 08/10/2010 23:00:00 /every 1 /silent /wakefromsleep will schedule silent daily Quick Scan starting on August 10th, 2010 at 11:00PM that will repeat every 1 day, remove threats, reboot if necessary, force the creation of a scan log and will attempt to wake the computer from sleep to perform the scan.
    • /schedule /update /flash /realtime /every 5 will schedule an update to occur in real-time once every 5 minutes and set a Flash Scan to occur after each successful update.
  • /unschedule <optional /all or /all –update or /all –scan>.

    Note: You can remove individual scans or updates by not including the /all switch and specifying the exact switches used to create the scan or update

    • /all removes all scheduled scans and updates.
    • /all –update removes all scheduled updates.
    • /all –scan removes all scheduled scans.

    Examples:

    • /unschedule /scan -quick -remove -terminate -log /daily /starting 08/10/2010 23:00:00 /every 1 /silent will delete a scheduled silent daily Quick Scan that was set to start on August 10th, 2010 at 11:00PM that was set to repeat every 1 day, remove threats, reboot if necessary, and force the creation of a scan log.
    • /unschedule /update /flash /realtime /every 5 will delete a scheduled update that was to occur in real-time once every 5 minutes and with a Flash Scan set to occur after each successful update.

Corporate and Technician License customers please contact corporate@malwarebytes.org for any additional support requests with regards to the command line.

Edited by exile360, 02 April 2011 - 11:56 PM.
Updated to reflect current commands

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#3 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:20 AM

Section C

Explanation of common Malwarebytes� Anti-Malware error codes

The following error codes apply to the main Malwarebytes� Anti-Malware program and not the registered Protection Module.
The Protection Module (only available in the registered version) only uses the Windows System Error codes
It is possible to see just an error 7xx or 7xx (1, 2) The 7xx error code is for the main application only and is not a Microsoft System or VB error code.
Format: 7xx (1, 2)

7xx: MBAM Error codes

Important Note: All three-digit error codes that start with a 7 (such as 732, 731, etc.) have all been replaced by a more self-explanatory error code system. If you are receiving any of the following 7xx error codes, then it most likely means that your version of Malwarebytes' Anti-Malware is out of date. Please click this link to be forwarded to one of our download mirrors (such as Download.com or MajorGeeks) in order to obtain the latest version of Malwarebytes' Anti-malware.

  • Error 700: Error occurred using the command line. Parameters may be incorrect.
  • Error 701: The database was empty. Please reinstall the application.
  • Error 702: Error occurred expanding variables. Contact support.
  • Error 703: Error occurred expanding variables. Contact support.
  • Error 704: Encryption of files has failed. Contact support.
  • Error 705: Decryption of files has failed. Contact support.
  • Error 706: Error loading the ignore list. Please delete ignore.dat.
  • Error 707: Error during enumeration of languages. Please reinstall the application.
  • Error 708: Error loading selected language. Please reinstall the application.
  • Error 709: Error implementing language. Contact support.
  • Error 710: Error implementing language. Contact support.
  • Error 711: Error implementing language. Contact support.
  • Error 712: Error implementing language. Contact support.
  • Error 713: Error implementing language. Contact support.
  • Error 714: Error translating item. Please reinstall the application.
  • Error 715: Could not find the module handler. Please reinstall the application.
  • Error 716: Could not find the database, user declined to download manually.
  • Error 717: Database failed to download correctly. Please reinstall the application.
  • Error 718: Could not load the MD5 hash generator. Contact support.
  • Error 719: The operating system is not supported.
  • Error 720: An unknown error occurred during the memory scan. Contact support.
  • Error 721: An unknown error occurred during filesystem enumeration. Contact support.
  • Error 722: An unknown error occurred during the memory scan. Contact support.
  • Error 723: Could not find the SwissArmy driver. Please reinstall the application.
  • Error 724: An error occurred loading the quarantine. Contact support.
  • Error 725: Could not restore a quarantined file. The file may be corrupt.
  • Error 726: Error restoring registry value from quarantine.
  • Error 727: An unidentified item was found in the quarantine.
  • Error 728: Unable to load the log file list. Try deleting the Logs folder.
  • Error 729: Error retrieving special folders. Contact support.
  • Error 730: Unable to load the database. Please reinstall the application.
  • Error 731: Adding item to results list failed. Contact support.
  • Error 732: Error updating the database or product. Check Internet connectivity.
1: Microsoft System Error Codes2: Microsoft Visual Basic Error Codes

Log File Locations


Scan Logs

  • Windows 2000 & Windows XP:
    C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
  • Windows Vista & Win7:
    C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
File Protection and IP Protection Logs
  • Windows 2000 & Windows XP:
    C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
  • Windows Vista & Win7:
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Understanding File Names, Paths, and Namespaces

All file systems supported by Windows use the concept of files and directories to access data stored on a disk or device


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#4 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:21 AM

Section D

Error Code 732 - Automatically Detect Settings in IE & Note for NetZero Users

Please note that error code 732 was retired after version 1.44, and as of version 1.45 we now use a new error code system. If you are receiving error code 732 then it means that your version of Malwarebytes' Anti-Malware is out of date. Please click this link to be forwarded to one of our download mirrors (such as Download.com or MajorGeeks) in order to download and install the latest version of Malwarebytes' Anti-Malware.

Some systems may have an issue where the Automatically detect settings checkbox is not checked in Internet Explorer 8 in the LAN Settings, and thus receive an error code 732.
Here are some quick steps to see if this is what is causing the error for you:
  • Click the 'Start' button.
  • Click on "Control Panel".
  • Double-click on "Internet Options" (you may have to switch the Control Panel to 'Classic' view to find it).
  • Click on the 'Connections' tab (step 1 in the screenshot below).
  • Click on the "LAN settings" button (step 2 in the screenshot below).
  • Put a check mark in the box labeled "Automatically detect settings" (step 3 in the screenshot below).
  • Click OK.
  • Click OK.
  • Try the update again (you may need to close any open Internet Explorer Windows before trying), and if it doesn't work then create a new topic asking for help.
Posted Image
Netzero Users: As this problem is also known with Netzero users, Please turn off the 3G accelerator on Netzero to fix this: Disable NetZero accelerator

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#5 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:21 AM

Section E

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procdures below

Basic procedures to correct freezing or disappearing program issues with McAfee VirusScan Enterprise 8.x
  • Open the VirusScan Console and disable the Access Protection module and then install MBAM
  • After installation, register and update MBAM and then enable the MBAM Protection Module
  • Within the VirusScan Console under Access Protection configure the following rules
    • Anti-virus Standard Protection
    • Prevent user rights policies from being altered
      add mbam.exe to the exclusions
      Common Standard Protection
    • Protect Mozilla & FireFox files and settings
      add mbam.exe to the exclusions
    • Protect Internet Explorer settings
      add mbam.exe to the exclusions
    • Prevent installation of Browser Helper Objects and Shell Extensions
      add mbam.exe to the exclusions
    • Protect network settings
      add mbam.exe to the exclusions
      Common Maximum Protection
    • Prevent programs registering to autorun
      add mbam.exe, mbamgui.exe to the exclusions
    • Prevent programs registering as a service
      add mbam.exe, mbam-dor.exe, mbamgui.exe, mbamservice.exe, services.exe to the exclusions
  • From within the VirusScan Console re-enable the Access Protection module
  • Double click the MBAM icon in the task tray and do a Quick Scan to confirm there are no longer any freezing issues.

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#6 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:21 AM

Section F

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procedures below

Basic procedures to correct freezing or disappearing program issues with Trend Internet Security Pro
Please try this even if you did this with previous versions of MBAM as the new version has new signatures that your Anti-Virus needs to reset to allow again

  • Install MBAM but DO NOT enable the Registration at this time. If you're already freezing then start in Safe Mode and disable the MBAM Protection Module from loadig.
  • While logged onto Windows, double click on the Trend icon in the system tray or open the program from the Start Menu
  • On the left side click on Personal Firewall Controls - on the right side click on the Settings...

    Posted Image

  • Then click on the Advanced Settings button.

    Posted Image

  • Then click on the Program Control tab on top and click on the Add button.

    Posted Image

  • Under description type in: Malwarebytes Anti-Malware
  • Under Target click on the Browse button and browse to the folder: C:\Program Files\Malwarebytes' Anti-Malware
  • Choose mbam.exe and click the Open button which will add mbam.exe to the exception list
  • Under Firewall Response: make sure it is set to Allow and click OK

    Posted Image

  • Click OK again twice to finish up adding the entry. This will now allow MBAM to access the Internet for updates.
  • Now let's setup Trend Anti-Virus so that it trusts MBAM files which have new signatures
  • On the left side click on Virus & Spyware Controls - on the right side click on the Prevent Unauthorized Changes
  • Click on the Exception List button.

    Posted Image

  • Click on the Add program button and browse to the folder: C:\Program Files\Malwarebytes' Anti-Malware
  • You will have to select the files one by one and add them. Please add the following files.
  • mbam.exe, mbam-dor.exe, mbamgui.exe, mbamservice.exe
  • By default the Response is set to Block so you need to click the down arrow and select Trust for all of the MBAM files.

    Posted Image

  • Now let's add the MBAM Driver files to the list of Trusted files.
  • Click on the Add program button and browse to the folder: C:\Windows\System32\Drivers
  • NOTE: By default Trend only allows .EXE and .COM files to be added to the list so you will need to type in *.sys or *.* and hit the Enter key on your keyboard to see the .sys file types.

    Posted Image

  • You will have to select the files one by one and add them. Please add the following files.
  • mbam.sys, mbamswissarmy.sys
  • By default the Response is set to Block so you need to click the down arrow and select Trust for all of the MBAM files.
  • Now let's add the MBAM rules file to the list of Trusted files.
  • The path is different between 2000/XP and Vista
  • 2000/XP Path is: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
  • Vista Path is: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
  • NOTE: By default Trend only allows .EXE and .COM files to be added to the list so you will need to type in *.ref or *.* and hit the Enter key on your keyboard to see the .ref file types.
  • Please add the following file
  • rules.ref

    Posted Image

  • When done the entries for trusted files should look like the image below

    Posted Image

  • Click the OK button
  • If you're using the free version of MBAM you're done and Trend should no longer block MBAM.
  • If you're using the Registered version then go to the Protection tab in MBAM and enter in your ID and KEY you recieved in the mail by clicking the Activate button
  • Now click on the Start Protection button. This should place the MBAM icon in the task tray
  • Double click the MBAM icon in the task tray and do a Quick Scan to confirm there are no longer any freezing issues.
Special thanks to Yardbird for his help and testing to confirm these settings for Trend

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#7 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 25 November 2009 - 02:22 AM

Section G

Malicious Website Blocking
  • In v1.40, Malwarebytes introduced Malicious Website Blocking into Malwarebytes Anti-Malware, to prevent the user being infected in the first place. The following is information on what this does, and how it works.
  • What does Malicious Website Blocking do?
  • Malicious Website Blocking provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges, for example, NetDirekt, which is host to the Internet Service Team.
  • How does it do this?
  • When you ask your browser to connect to a website, Windows uses DNS or the HOSTS file (depending on configuration), to convert that domain name into it's corresponding IP address (e.g. example.com <> 1.2.3.4). Malwarebytes Anti-Malware intercepts the packet communications, to determine whether or not the IP address is known for malicious activity, and if so, blocks the communication.
  • How does it inform you?
  • Malwarebytes Anti-Malware informs you a malicious website has been blocked by presenting a bubble notification at the bottom of the screen (next to the system tray), and it also writes an entry to a log file.
  • I have it set to show the notifications in Malwarebytes Anti-Malware but they do not show up, how can I fix it?
  • Do the following and it should correct the issue:

    Create a Batch File:
    • Please copy and paste the following text exactly as written into notepad (not wordpad or any other text editor):
      @color 48
      @echo off
      reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableBalloonTips /t REG_DWORD /d 1
      del /f /q %0
      Once you've done that click on File and select Save As...
    • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
    • Name the file TooltipFix.bat (the .bat extension is very important)
    • Save the file to your desktop and double click it to run it.
    • Reboot your PC when done and then visit iptest.malwarebytes.org, our own safe Malicious Website Blocking test page to verify that it is blocked and that you are now receiving the tray tooltip notifications.
  • What does this notification mean?
  • This notification means quite simply, that a malicious website has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious website contained in our database. If this notice was presented when you were not actually doing anything on the machine, then we suggest having your computer checked for infection, as this could be a sign of some malware, such as a rootkit or Trojan.
  • I got an alert and I wasn't even surfing, how's does that happen?
  • There are many applications on your system which have access to the Net and any of these can trigger an alert with no browser open. Most common offenders are P2P applications and IM clients, usually an ad will trigger an alert. An advanced or premium firewall will be able to give you a list of programs which can access the Net.
  • I received a notification on a safe site, why?
  • If a notification is displayed when visiting a safe site, and the site loads, it is likely the site was loading content that is hosted on a server known for malicious activity. In this case, the site itself will be displayed perfectly fine, with the malicious content being blocked. If however, the site does not load, it is likely the site is also hosted on the same malicious IP address. It is also entirely possible that the site in question, shares it's IP address with other malicious domains. IP's and IP ranges are blocked if they are either dedicated to malicious content, or have a higher proportion of malicious content, than non-malicious. So for example, if 1.2.3.4 contains 1000 sites and over 50% are malicious, then 1.2.3.4 will be blocked (and even then, if we can get the hosting company to take down the malicious sites, then even better as we do not like blocking shared IP's or IP ranges if we don't have to).
  • How do I disable this?
  • We wouldn't recommend disabling it, but if you must, you can do this by right clicking the Malwarebytes Anti-Malware tray icon, and unchecking Website Blocking. You can also use the two options in the Protection tab of Malwarebytes Anti-Malware to disable Malicious Website Blocking from starting when the protection module starts or simply to disable the tooltip balloon notifications when a malicious site is blocked.
  • I got an alert for an IP or website I think is safe, how can I report it?
  • If you find a site being blocked, and either don't know why, or are sure it's safe, please report it to us at the False Positive Forum.
    IMPORTANT: When posting false postive reports, please ensure you post both the IP address affected, and if applicable, the domain name (e.g. example.com).
  • Does Malicious Website Blocking replace my firewall?
  • Absolutely NOT! The Malicious Website Blocking included in Malwarebytes Anti-Malware is NOT a replacement for your firewall.
  • Where do I find the Malicious Website Blocking logs?
  • The protection logs are found in the Logs tab of Malwarebytes Anti-Malware and are stored in the following locations:
    Filesystem and Malicious Website Blocking Logs
    • Windows 2000 & Windows XP:
      C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
    • Windows Vista & Win7:
      C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
  • How can I add an IP so it won't be detected and can access a site I need to?
  • Visit the site and incur an IP block. Then right-click on the Malwarebytes system-tray icon after the block notification appears, and use the Add to Ignore List menu, selecting the IP address in question for the website you wish to exclude from being blocked.
  • Why is Malwarebytes Anti-Malware blocking my antivirus?
  • It isn't, but it may appear so because of the process name shown in the notification belongs to your antivirus. This can happen if you use an antivirus software that intercepts all incoming and outgoing internet traffic to look for infections which makes Windows think it is your antivirus initiating the connection and thus Malwarebytes Anti-Malware thinks the same thing. In the below example you can see that the process name is avp.exe, which belongs to Kaspersky Anti-Virus even though this block was incurred by using Internet Explorer:
    Kaspersky Block.png
If you are on Windows XP, the Malicious Website blocking module cannot show you what process is attempting to make an outgoing connection from your PC. To determine what process is initiating a connection you may use a tool such as TCPView by Microsoft Sysinternals:

Use TCPView to Determine what Process is Connecting to a Malicious IP Address:
  • Please download TCPView by Microsoft Sysinternals from here and save it to your desktop
  • Double-click on TCPView.exe to run it
  • Click on Options at the top and uncheck Resolve Addresses
  • Look in the Remote Address column for the IP address that Malwarebytes Anti-Malware has been blocking and see what process is listed next to it under the Process column on the left
  • If you suspect that the process is malicious or that the connection attempt may be the result of a browser hijack or other malicious content on your system, then please update and run a scan with Malwarebytes Anti-Malware and if necessary, seek assistance from support to assist you with cleaning your system or follow the instructions posted here to receive free one on one expert assistance here on our forums

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#8 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 07 December 2009 - 04:26 PM

Section H

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procedures below

Basic procedures to correct freezing or disappearing program issues with AVG Anti-Virus
Please try this even if you did this with previous versions of MBAM as the new version has new signatures that your Anti-Virus needs to reset to allow again


***Note: These exclusions should be applied to any antivirus application you have and your firewall as well***

Step 1: Show Hidden Files and Folders:

Show Hidden Files and Folders in Windows XP:
  • Click Start and select My Computer
  • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
  • Select Folder Options
  • Click the View tab and make sure Show hidden files and folders is selected under Hidden files and folders
  • Next, uncheck the box next to Hide protected operating system files (Recommended)
  • Then, uncheck the box next to Hide extensions for known file types
  • Click Apply then click OK

Show Hidden Files and Folders in Windows Vista and Windows 7:
  • Click on the Start Posted Image button and select Computer
  • Press the Alt key on your keyboard and click on Tools
  • Select Folder Options
  • Click the View tab and make sure that Show hidden files and folders is selected under Hidden files and folders
  • Next, uncheck the box next to Hide protected operating system files (Recommended)
  • Then, uncheck the box next to Hide extensions for known file types
  • Click Apply then click OK


Step 2: Exclude Files and Folders:

To exclude Malwarebytes' from AVG (8.5):
Note: If not AVG, whatever your resident antivirus software is

  • Open AVG and click on Tools and select Advanced Settings
  • Click on Resident Shield
  • Click on Exceptions then click Add Path
  • Exclude the following directories:

  • C:\Program Files\Malwarebytes' Anti-Malware
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware

  • C:\Documents and Settings\All Users\Application Data\Malwarebytes
    Note: For Vista and 7 users it would be C:\ProgramData\Malwarebytes

    Click on Add List then copy and paste the text inside the CODE box exactly as written into the AVG window. Select the entries appropriate to your version of Windows:

    For Windows XP:
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\System32\drivers\mbamswissarmy.sys

    For Windows Vista and Windows 7:
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\System32\drivers\mbamswissarmy.sys

    For 64 bit versions of Windows Vista and Windows 7:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Click on OK


To exclude Malwarebytes' from AVG (9):
  • Open AVG and click on Tools and select Advanced Settings
  • Click on Resident Shield
  • Click on Directory Excludes
  • Exclude the following directories:

  • C:\Program Files\Malwarebytes' Anti-Malware
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware

  • C:\Documents and Settings\All Users\Application Data\Malwarebytes
    Note: For Vista and 7 users it would be C:\ProgramData\Malwarebytes


  • Click on Excluded Files
  • Exclude the following files:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe



  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll

  • C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    Note: For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

  • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    Note: For Vista and 7 users it would be C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

  • C:\Windows\System32\drivers\mbam.sys

  • C:\Windows\System32\drivers\mbamswissarmy.sys
    Note: For 64 bit systems it would be C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Click on OK



Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows XP:

  • Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield
  • Click on Tools at the top and select Advanced settings...
  • Click on Excluded Items under Resident Shield
  • Click on the Add Path button on the right
  • Click on the + next to My Computer in the Browse For Folder window
  • Click on the + next to your system drive (usually C:)
  • Click on the + next to Program Files
  • Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK
  • Click on the Add Path button on the right
  • Click on the + next to My Computer in the Browse For Folder window
  • Click on the + next to your system drive (usually C:)
  • Click on the + next to Documents and Settings
  • Click on the + next to All Users
  • Click on the + next to Application Data
  • Click once on the Malwarebytes folder so that it is highlighted and click on OK
  • Click on the Add File button on the right and click on My Computer on the left
  • Double-click on your system drive (usually C:)
  • Double-click on Windows
  • Scroll to the right until you find the System32 folder and double-click on it
  • Double-click on the drivers folder
  • Scroll to the right until you find mbam.sys and double-click on it
  • Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it
  • Click on the Apply button at the bottom of the program window and then click on OK
  • Close the AVG window


Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows Vista and Windows 7:

  • Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield
  • Click on Tools at the top and select Advanced settings...
  • Click on Excluded Items under Resident Shield
  • Click on the Add Path button on the right
  • Click on the + next to Computer in the Browse For Folder window
  • Click on the + next to your system drive (usually C:)
  • Click on the + next to Program Files Note: This should be Program Files (x86) for 64 bit Windows versions.
  • Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK
  • Click on the Add Path button on the right
  • Click on the + next to Computer in the Browse For Folder window
  • Click on the + next to your system drive (usually C:)
  • Click on the + next to ProgramData
  • Click once on the Malwarebytes folder so that it is highlighted and click on OK
  • Click on the Add File button on the right and click on Computer on the left
  • Double-click on your system drive (usually C:)
  • Double-click on Windows
  • Scroll to the right until you find the System32 folder and double-click on it
  • Double-click on the drivers folder
  • Scroll to the right until you find mbam.sys and double-click on it
  • Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it Note: This will be C:\Windows\SysWOW64\drivers for 64 bit Windows versions.
  • Click on the Apply button at the bottom of the program window and then click on OK
  • Close the AVG window


Step 3: Reset Hidden Files and Folders:

Reset Hidden Files and Folders in Windows XP:

  • Click Start and select My Computer
  • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
  • Select Folder Options
  • Click the View tab and make sure Do not show hidden files and folders is selected under Hidden files and folders
  • Next, check the box next to Hide protected operating system files (Recommended)
  • Then, check the box next to Hide extensions for known filetypes
  • Click Apply then click OK

Reset Hidden Files and Folders in Windows Vista and Windows 7:

  • Click on the Start Posted Image button and select Computer
  • Press the Alt key on your keyboard and click on Tools
  • Select Folder Options
  • Click the View tab and make sure that Do not show hidden files and folders is selected under Hidden files and folders
  • Next, check the box next to Hide protected operating system files (Recommended)
  • Then, check the box next to Hide extensions for known file types
  • Click Apply then click OK

Special thanks to Exile360 and catscomputer for writing up and testing these setttings

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#9 GT500

GT500

    Mostly Cantankerous

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 6,250 posts
  • Gender:Male
  • Location:Fortville, IN

Posted 07 January 2010 - 03:46 AM

Section I

We've noticed that Microsoft Security Essentials and Malwarebytes' Anti-Malware both running real-time protection at the same time have a tendency to cause your computer to freeze. Below is detailed a quick solution to any potential freezing issues (performing these steps is a must for Windows XP users).

If you are already experiencing the freezing issue: Restart your computer in Safe Mode (instructions at this link), uninstall Malwarebytes' Anti-Malware and restart your computer normally.

Once you've started back into normal mode, reinstall Malwarebytes' Anti-Malware, but do not enable the protection module yet.

Set Exclusions for Malwarebytes' Anti-Malware in Microsoft Security Essentials:

  • Open Microsoft Security Essentials and click on Settings at the top
  • Click on Excluded processes on the left
    MSE 1.png
  • Click on the Browse... button
  • Click on the + next to your primary hard drive (usually C:)
  • Click on the + next to Program Files Note: for 64 bit Windows versions this will be Program Files (x86)
  • Click on the + next to Malwarebytes' Anti-Malware
  • Click once on mbam.exe and click on OK
    MSE 2.png
  • Repeat steps 3-7 for the following files:

    • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    MSE 3.png
  • Click on the Add button
  • Click on Save at the bottom and click Continue if prompted
    MSE 4.png
  • Close Microsoft Security Essentials

Open Malwarebytes' Anti-Malware and update it then enable the protection module and the issue should be resolved. You may also wish to do the following, as it has been shown to improve system responsiveness/performance:

Set Exclusions for Microsoft Security Essentials 2.x in Malwarebytes' Anti-Malware:

  • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on Microsoft Security Client and click OK
  • Close Malwarebytes' Anti-Malware

For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...


#10 GT500

GT500

    Mostly Cantankerous

  • Trusted Advisors
  • PipPipPipPipPipPip
  • 6,250 posts
  • Gender:Male
  • Location:Fortville, IN

Posted 16 March 2010 - 12:17 AM

Section J

For users experiencing issues with Norton 360 version 4 and Malwarebytes' Anti-Malware (such as freezing, general loss of performance, etc), please follow the directions below to add exclusions to Norton 360 in order to aid in compatibility.

Open Norton 360, either from the icon on your desktop, or from the Start Menu, and then proceed to follow the instructions in the screenshots below:


Posted Image

Posted Image

Posted Image

Posted Image

Posted Image


Please add each of the following files to the "Auto-Protect Exclusions" list in Norton 360:
  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\WINDOWS\system32\drivers\mbam.sys
  • C:\WINDOWS\system32\drivers\mbamswissarmy.sys
Make sure to click 'OK' when done.

***Note***
Users of 64-bit editions of Windows will want to add the following files instead:
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\WINDOWS\system32\drivers\mbam.sys
  • C:\WINDOWS\SysWOW64\drivers\mbamswissarmy.sys
Make sure to click 'OK' when done.

If you continue to experience problems after adding those exclusions and closing Norton 360, please contact our technical support.

For we wrestle not against flesh and blood, but against principalities, against powers, and against the worldly governors, the princes of the darkness of this world...


#11 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,017 posts
  • Gender:Male

Posted 18 April 2011 - 01:30 PM

Section K

The following instructions show you how to exclude Avast! 6 and Malwarebytes' Anti-Malware from one another to prevent conflicts and improve performance:

Set Exclusions for Malwarebytes' Anti-Malware in Avast! Antivirus 6 (Free, Pro and Internet Security):

  • Open Avast! antivirus and click on REAL-TIME SHIELDS on the left
  • Click on File System Shield on the left and click on Expert Settings
  • Click the Exclusions section
  • Click on Browse next to the blank entry at the bottom of the list (this will be the only entry if no other exclusions have been set yet)
  • In the Select the areas window click on the + next to C:
  • Click the + next to Program Files Note: For 64 bit Windows versions this will be Program Files (x86)
  • Click the box next to Malwarebytes' Anti-Malware and click on OK
  • Click OK again
  • Click on Web Shield on the left and click Expert Settings
  • Click on Exclusions and check the box next to URLs to exclude:
  • Type or copy/paste the following address:

    *.mbamupdates.com
  • Click on OK

    Also, for Avast! Internet Security:
  • Click on Behavior Shield on the left and click Expert Settings
  • Click on Trusted Processes
  • Click on Browse next to the blank entry at the bottom of the list (this will be the only entry if no other exclusions have been set yet)
  • Navigate to C:Program Files\Malwarebytes' Anti-Malware and click once on mbam.exe and click Open Note: For 64 bit Windows versions this will be Program Files (x86)
  • Do the same for the following files:

    • mbamgui.exe
    • mbamservice.exe
  • Click on OK
  • Close Avast! antivirus


Set Exclusions for Avast! Antivirus Free, Pro and Internet Security in Malwarebytes' Anti-Malware:

  • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  • Click on the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on avast software and click on OK
  • Close Malwarebytes' Anti-Malware

Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#12 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,017 posts
  • Gender:Male

Posted 18 April 2011 - 05:16 PM

Section L

Sometimes Malwarebytes' Anti-Malware might freeze or crash during a scan. The most common causes can be anything from an infection to a simple corrupt file or sector on your hard drive. Here's a few things you can try to see if they resolve the problem:

Step 1: Scan in Safe Mode


Try Scanning in Safe Mode:

While this may not fix the problem, it can help to narrow down what the cause might be:

Windows XP:
  • Restart your computer.
  • When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with the Windows XP Advanced Options menu.
  • Select the option for Safe Mode using the arrow keys.
  • Then press Enter on your keyboard to boot into Safe Mode.
You should then be presented with the Windows XP Login screen. Log in to Windows and when it prompts you about Safe Mode and asks if you'd like to continue click Yes.


Windows Vista and Windows 7:
  • Restart your computer.
  • When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with the Windows Advanced Boot Options menu.
  • Select the option for Safe Mode using the arrow keys.
  • Then press Enter on your keyboard to boot into Safe Mode.
You should then be presented with the Windows Login screen. Log in to Windows.


Once in Safe Mode, try running a scan with Malwarebytes' Anti-Malware to see if it is now able to complete without freezing or crashing. If the scan does not freeze or crash, the issue may be either related to a piece of software on your system, such as a security program or a driver that does not load in Safe Mode but does in normal mode causing the freeze or crash or it could be the DDA driver used during scans in normal mode by Malwarebytes' Anti-Malware having issues with a corrupt file or sector on your hard drive. Since Malwarebytes' Anti-Malware's DDA driver does not load in Safe Mode, this helps narrow down the issue.

If the issue does still happen, it may still be a corruption issue, but the next steps should help to narrow this down further:


Step 2: Run CHKDSK to attempt to fix file and hard drive sector corruption


Run a Disk Check on your C: drive in Windows XP:
  • Click Start and open My Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • Click on the Start button
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
Run a Disk Check on your C: drive in Windows Vista or Windws 7:
  • Click the Start vista-7-start.png button and select Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • Click on the Start button
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
Once that is complete, attempt another scan with Malwarebytes' Anti-Malware to see if the issue is now resolved or not. Note: You may need to run CHKDSK more than once in some cases to repair a problem, so if issues are found during the chkdsk scan and the scan with Malwarebytes after that still has the issue, try the above procedure again to see if there are any additional errors that get fixed then try scanning with Malwarebytes again.


Step 3: Defragment your hard drive


Defragment your Hard Drive:
  • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):
    defrag "%systemdrive%"
    del /f /q %0
  • Once you've done that click on File and select Save As...
  • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
  • Name the file defrag.bat (the .bat extension is very important)
  • Save the file to your desktop and double click it to run it if running Windows XP. If running Windows Vista or Windows 7 you must right-click on the file and choose Run as administrator.
If you are still having freezing/crashing issues during scans, please either contact Support or post in a new topic here describing your issues along with a list of what you've tried to resolve the issue so far and a team member will respond with further instructions to attempt to diagnose and correct the problem.

Edited by exile360, 17 July 2013 - 03:40 PM.

Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#13 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,017 posts
  • Gender:Male

Posted 09 June 2011 - 02:25 PM

Section M


Set Exclusions for Malwarebytes' Anti-Malware in Panda Global Protection 2012:

  • Open Panda Globel Protection and make certain that the Status tab is selected
  • Click on Settings near the lower left under Protection
  • In the window that opens click on the Settings button under Threats to Detect and Exclude
  • Click on the Files tab
  • Click the Add button and add the following files which are all located in C:\Program Files\Malwarebytes' Anti-Malware Note: These files will be located in C:\Program Files (x86)\Malwarebytes' Anti-Malware on 64 bit Windows versions

    • mbam.exe
    • mbamgui.exe
    • mbamservice.exe
  • Click on OK and then click Apply
  • Click on the Firewall tab
  • Under Rules, click the Settings button next to You can specify which programs can access the internet and make certain that Malwarebytes' Anti-Malware is listed as being allowed for both Inbound and Outbound, if it is not, then add the 3 above files and click OK
  • Close the Panda Global Protection window

Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#14 Mainard

Mainard

    Forum Admin

  • Administrators
  • PipPipPipPipPipPip
  • 1,718 posts
  • Gender:Male
  • Location:San Jose, CA
  • Interests:Ice Hockey
    Guild Wars 2 & League of Legends

Posted 10 June 2011 - 02:21 PM

Section N

For PROGRAM_ERROR_UPDATING (11001, 0, Host not found) and (11004, 0, No address found)

If you are receiving this error while trying to update MBAM, it's very likely that your router DNS settings have been hijacked. (infection)

Please run a quick Scan. If you receive this result:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Bad: (213.109.65.147) Good: () -> Quarantined and deleted successfully.
Let's try to reset the router to its factory/default configuration.

  • You will need the user manual for your router. NOTE: You may want to ask your ISP for help ahead of time, in case there are custom settings that need to be maintained.
  • To reset the router, insert something tiny like a paper clip end or the tip of a pen into a small hole labeled "reset" located on the back of the router.
  • With the power to the router on, press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10-20 seconds).
  • After resetting the router, login into the router by following instructions in the user manual. You will need to reconfigure any security settings you had in place prior to the reset.
  • Then change your admin login and password--make it a strong password. You can get help with that here: Password Help

After you have reset your router. Create a post within Hijack This Logs Topic

You need to start a topic in the Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have from the Hijack

You can follow the directions below and someone will assist you with running scans on your system to see if they can detect anything.

Please print out, read and follow the Directions HERE, skipping any steps you are unable to complete. Then post a NEW topic here.
One of the expert helpers there will give you one-on-one assistance when one becomes available.
After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org
Grant Gardiner
Software Development Engineer in Test

Posted Image

Follow us: Twitter, Become a fan: Facebook

#15 Mainard

Mainard

    Forum Admin

  • Administrators
  • PipPipPipPipPipPip
  • 1,718 posts
  • Gender:Male
  • Location:San Jose, CA
  • Interests:Ice Hockey
    Guild Wars 2 & League of Legends

Posted 07 July 2011 - 05:40 PM

Section O

How to use the Scheduler in Malwarebytes Anti-Malware PRO (1.51.x and later versions)

Version 1.51 introduces a new version of the scheduler. This guide is intended to navigate to the scheduler as well as the basic ways to add/edit/delete the items saved within the scheduler.

1.png

2.png 3.png

4.png

5.png 6.png

7.png

8.png
Grant Gardiner
Software Development Engineer in Test

Posted Image

Follow us: Twitter, Become a fan: Facebook

#16 Mainard

Mainard

    Forum Admin

  • Administrators
  • PipPipPipPipPipPip
  • 1,718 posts
  • Gender:Male
  • Location:San Jose, CA
  • Interests:Ice Hockey
    Guild Wars 2 & League of Legends

Posted 01 November 2011 - 01:36 PM

Section P

How to manually update MBAM while CA Internet Security is installed.

During Manual update of MBAM you receive the prompt: 'You have the latest database version.' Even though you do not and are using CA Internet Security.

Currently CA Internet Security blocks MBAM's manual update request to the update server. MBAM is within CA's Trusted group for monitor and control access for programs.

To manually update MBAM while CA Internet Security is installed:
  • Within CA Internet Security go to My computer -> Update Settings.
  • Click Program Access.
  • Click the (+) sign next to Trusted.
  • Scroll through the list within Trusted, locate and click mbam.exe.
  • Click [Modify].
  • Click the drop-down arrow under 'Define access permissions for this program:' and select 'Define Customized Permissions or Rules'
  • Uncheck Enable Privacy Protection then click Save.
  • Close CA Internet Security.

MBAM should manually update correctly.
Grant Gardiner
Software Development Engineer in Test

Posted Image

Follow us: Twitter, Become a fan: Facebook

#17 exile360

exile360

    exile

  • Administrators
  • PipPipPipPipPipPip
  • 16,017 posts
  • Gender:Male

Posted 23 November 2011 - 09:37 PM

Section Q


Malwarebytes Anti-Malware won't open on Windows XP but the computer is not infected:

Note: This issue only occurs on Windows XP, if you are running Windows Vista or Windows 7 and Malwarebytes Anti-Malware won't open, then the presence of an unseen infection is the most likely cause because those Windows versions do not allow the Windows installation drive letter to be any other than C:.

This issue often occurs because Windows is installed on a hard drive other than C: and C: is being used by a removable drive. This is easily remedied by changing the drive letter of the removable drive marked as C:, changing it to any drive letter other than C: as detailed below:


Instructions below are based on this Microsoft Knowledge Base article.

  • Log on as Administrator or as a member of the Administrators group
  • Click on START and choose Control Panel
  • Click on Performance and Maintenance Note: If you do not see Performance and Maintenance listed, click on Switch to Category View on the left pane of the window.
  • Click on Administrative Tools
  • Double-click on Computer Management
  • Click once on Disk Management under Storage on the left
  • Scroll down the list of drives until you find the removable drive marked as (C:)
  • Right-click on the removable drive marked as (C:) and click on Change Drive Letter and Paths...
  • Click on the Change... button
  • Click on the drop down menu that says C and choose a different letter (it may be any letter you wish as long as it is NOT C)
  • Click on OK and click Yes to the confirmation prompt
  • Restart your computer and try running Malwarebytes Anti-Malware again, it should now open and function normally

Samuel E Lindsey
Product Manager

Posted Image

Follow us: Twitter, Become a fan: Facebook

#18 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 04 October 2013 - 06:50 PM

Resetting the Malwarebytes Anti-Malware schedules from the command line.
 
There is a 15 minute randomized delay in the scheduler for MBAM updates so + or - 15 minutes is normal for updates with the scheduler. Scans will run at the time set for though.

From an elevated admin command prompt please do the following.
How to Open an Elevated Command Prompt in Windows 7

Please type the following and press the Enter key at the end of the line.
You can check here if you're not sure if your computer is 32-bit or 64-bit

On Windows XP and Windows 7 x86
CD "%ProgramFiles%\Malwarebytes' Anti-Malware"

On Windows 7 x64
CD "%ProgramFiles(x86)%\Malwarebytes' Anti-Malware"

Please type the following and press the Enter key at the end of each line. There will not be any feedback normally unless you type it wrong.


mbam.exe /unschedule /all
mbam.exe /schedule /update /silent /hourly /every 4 /starting 10/04/2013 16:15:00 /recover 2
mbam.exe /schedule /scan -quick -log -silent -remove -reboot /silent /daily /every 1 /starting 10/04/2013 17:30:00 /recover 23

Now open the MBAM program and go to the Protection tab and click on the Scheduler button
If completed correctly it should look very similar to the image below.

scheduler_settings_zps5f895d05.png
 


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users