Tigger93

Common Questions, Issues, and their Solutions

18 posts in this topic

Section A

Common Issues, Questions, and their Solutions

B - Command Line Support

C - Error Codes

D - Error Code 732 - Automatically Detect Settings in IE & Note for NetZero Users

E - McAfee VirusScan Enterprise 8.x

F - Trend Internet Security Pro

G - IP Protection Module

H - AVG Anti-Virus

I - Microsoft Security Essentials

J - Norton 360 version 4

K - Avast! 6

L - Malwarebytes Freezes or Crashing During Scans

M - Panda Global Protection 2012

N - PROGRAM_ERROR_UPDATING (11001, 0, Host not found) and (11004, 0, No address found)

O - Scheduler in Malwarebytes Anti-Malware PRO (1.51.x and later versions)

P - How to manually update MBAM while CA Internet Security is installed.

Q - Malwarebytes Anti-Malware won't open on Windows XP but the computer is not infected.

I'm infected - What do I do now?, Please follow these instructions to clean your system

  • ISSUE: Freezing or disappearing program issues with Trend Internet Security Pro

    SOLUTION: Follow the directions posted here - if possible adapt to your version of Trend as needed.

    Further information from Trend on the subject.

  • ISSUE: Freezing or disappearing program issues with McAfee VirusScan Enterprise

    SOLUTION: Follow the directions posted here - if possible adapt to your version of McAfee as needed.

  • ISSUE: I have an Anti-Virus/Internet-Security other than TrendMicro and McAfee

    Here are links to assist with Kaspersky: Kaspersky Internet Security 2009 Kaspersky Internet Security 2010

    SOLUTION: Check your Anti-Virus/Internet-Security application to see if you can add exclusions for specific applications/files to ignore. You may need to contact their technical support or check their support website for instructions. You will need to set your Anti-Virus/Internet-Security to ignore/exclude the following files:

    • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • ISSUE: I need to get the latest database onto a computer that cannot access the Internet.

    SOLUTION: You can manually copy the database from a working computer using a flash drive or CD onto the infected PC. Our database file is stored in the following locations.

    • Windows XP and 2000
    • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    • Windows Vista and Windows 7:
    • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

      Note: Starting with Malwarebytes Anti-Malware 1.60, you must also copy the file database.conf located within the Configuration folder which is in the same folder as rules.ref listed above. This method does not work for MBAM 2.x

    You can also download a manual update from here

    Download and extract the contents of the zip file. Contained within are mbam-rules.exe which is for MBAM 1.x installations, and mbam2-rules.exe which is for MBAM 2.x installations.

    Use the file appropriate to your MBAM installation version.

    Double-click it to begin installation, and follow the prompts. Once it's complete, you can scan with Malwarebytes Anti-Malware.

    NOTE: This manual update will always be way behind in version level compared to updates from within the program.

  • ISSUE: When I try to run Malwarebytes' Anti-Malware, or when I try to install it, nothing happens.

    SOLUTION: Here are a few tutorials you can try to help resolve these issues:

  • ISSUE: I'm not sure how to register Malwarebytes' Anti-Malware

    SOLUTION: Registration is only required when you have purchased a license. If you have purchased a license, please open Malwarebytes' Anti-Malware, click on the 'Protection' tab, click on the 'Activate' button, and then enter the ID and Key that were given to you when you purchased the program.

  • ISSUE: After purchasing, when I enter my ID and Key, I am told that my ID and Key are invalid.

    SOLUTION: Follow these procedures as outlined below.

    • Download and run this utility: mbam-clean
    • It will ask to restart your computer (please allow it to).
    • After the computer restarts, Temporarily disable your Anti-Virus and install the latest version of Malwarebytes Anti-Malware from here

      Note: You will need to reactivate the program using the license you were sent

      Launch the program and set the Protection and activation. Then go to the UPDATE tab if not done during installation and check for updates.

      Restart the computer again and verify that MBAM is in the task tray. Now setup any file exclusions as may be required in your Anti-Virus/Internet-Security/Firewall applications and restart your Anti-Virus/Internet-Security applications.

  • ISSUE: I'm unable to update Malwarebytes' Anti-Malware it either does nothing or I get an error 732

    SOLUTION: Please first try the following and if that does not work then review one of the post for setting exclusions to Malwarebytes' Anti-Malware in your Anti-Virus/Internet-Security/Firewall applications

  • ISSUE: When I try to Start Protection I get an error code 1073

    SOLUTION: Please follow the same instructions for #7 (After purchasing, when I enter my ID and Key, I am told that my ID and Key are invalid.)

  • ISSUE: I've ran a scan with Malwarebytes' Anti-Malware and it says something is infected but I don't think it is

    SOLUTION: Before reporting a false positive, you need to save a log in developer mode. This will allow us to figure out how the false positive came to be. Simply follow these directions.

    • Click the Start Menu
    • Click Run (On Vista/Windows 7 you can type in the search line)
    • Type in "mbam.exe /developer", without the quotes
    • Run the same type of scan you did before and save the logfile and post it in a NEW post here
  • ISSUE: I would like to manually modify Malwarebytes' Anti-Malware settings by Command Line

    SOLUTION: Please review the post here on using the Command Line

  • ISSUE: I'm not sure if I am infected or Malwarebytes' Anti-Malware keeps finding the same infection over and over, what should I do?

    SOLUTION: Please read and follow the directions posted here

  • ISSUE: I'm having other PC issues, are there any other self help articles?

    SOLUTION: Yes, please review the post here

  • ISSUE: The self help articles are nice but I need a little more guidance or support for non Malware related PC issues

    SOLUTION: We have a forum for that as well. Please post questions or answer posts not related to Malware here

  • ISSUE: I'm getting a Runtime error 0 and 440 automation error.

    vbaccelerator-runtim-0.pngruntime-error-440.png

    SOLUTION: Please do the following to see if it fixes the error:

    • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):
      if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\mbamext.dll"if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\ssubtmr6.dll"if exist "%programfiles(x86)%" regsvr32 "%programfiles(x86)%\Malwarebytes' Anti-Malware\vbalsgrid6.ocx"if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\mbamext.dll"if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\ssubtmr6.dll"if not exist "%programfiles(x86)%" regsvr32 "%programfiles%\Malwarebytes' Anti-Malware\vbalsgrid6.ocx"
    • Once you've done that click on File and select Save As...
    • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
    • Name the file MBAM Fix.bat (the .bat extension is very important)
    • Save the file to your desktop and double click it to run it on XP. For Vista please right click on it and choose Run As Admin
    • Click OK to each of the 3 dialog boxes that should show a success message for each file registered
    • If you get an error that REGSVR32 "is not recognized as an internal or external command, operable program or batch file", then ensure that the file REGSVR32.EXE exists in the %WINDIR%\SYSTEM32 folder. If it's not found there you can copy if from another Computer running the same operating system and service pack level.

      If that doesn't fix it then please download and install the Microsoft Visual Basic Common Controls from here to see if it helps.

  • ISSUE: I'm changing computers. How do I Transfer my License to the new computer?

    SOLUTION: Keep a copy of your ID/KEY from the computer you wish to remove it from and you can run the following to remove it from the old computer.

    • Download and run this utility. mbam-clean.exe
    • It will ask to restart your computer (please allow it to).
    • Then install MBAM on the new computer and Activate it with the ID/KEY from the system you just removed it from.
    You should also have an email from Cleverbridge with your ID/KEY purchase information.
  • ISSUE: The Malwarebytes' Anti-Malware tray icon takes a long time to load on Windows Vista or Windows 7

    SOLUTION: This is quite normal and happens because in Vista and 7, Microsoft allows services to startup with a delay. Doing this with the Malwarebytes' Anti-Malware protection module helps to ensure that no conflicts occur during startup with your resident antivirus protection, allowing it to load before Malwarebytes' Anti-Malware does. If you wish to change this behavior, read on, though it is generally not recommended:

    • Click on the Start vista-7-start.png button and type services.msc and press Enter
    • Click Continue at the User Account Control prompt
    • Once the Services window opens, scroll down the list until you find MBAMService and double click on it
    • Click on the drop down menu next to Startup Type and select Automatic instead of Automatic (Delayed Start)
    • Click the Apply button and click on Ok
    • Close the Services control panel and restart your computer, the Malwarebytes' Anti-Malware tray icon should load up much earlier after logging into Windows now
  • ISSUE: I keep getting the following detections, even after allowing Malwarebytes' Anti-Malware to fix them:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S)HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1")
    SOLUTION: Most often when these two items return repeatedly it is due to the presence of an IOLO product such as System Mechanic. System Mechanic and other IOLO security products alter these settings from their Windows defaults. If you do have an IOLO product installed, it is best to simply change the security setting in your IOLO product so that it does not change the settings for .reg files and .scr files or that you simply have Malwarebytes' Anti-Malware ignore these particular detections. These entries are not actual infections, just system settings changes that are not set to their defaults, which is something that some infections will do to prevent .reg files and .scr files from executing, which is why Malwarebytes' Anti-Malware detects these items, since it has no way of knowing if the change was made by the user, an infection, or a legitimate software such as IOLO.
  • ISSUE: Why does Windows always ask to allow Malwarebytes' Anti-Malware to run when I try to open the scanner on Windows Vista and Windows 7?

    SOLUTION: This is quite normal and happens because of a feature in newer Windows versions known as User Account Control. When you receive one of these prompts for Malwarebytes' Anti-Malware, simply click Continue or Allow and the program should be able to run without any issues. On Windows Vista you may also see a tray notification stating that Windows has blocked some startup programs. When you see this, click on the tray icon and if Malwarebytes' Anti-Malware is listed, click to allow it to run.

  • ISSUE: I am receiving the message PROGRAM_ERROR_LOAD_DATABASE when I try to open Malwarebytes' Anti-Malware, what does it mean and how can I fix it?

    SOLUTION: Usually this occurs because your database file has become corrupt. It is usually corrected by following the instructions posted below (choose the instructions that apply to your version of Windows):

    Note: If the issue occurs again after doing this, or happens frequently on your system then it could be due to issues with your internet connection, which happens most often with slower/less stable connections such as satellite and dialup.

    Show Hidden Files and Folders in Windows XP:

    • Click Start and select My Computer
    • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
    • Select Folder Options
    • Click the View tab and make sure Show hidden files and folders is selected under Hidden files and folders
    • Next, uncheck the box next to Hide protected operating system files (Recommended)
    • Then, uncheck the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Then go to C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware and delete rules.ref. Once you've done that, start MBAM and when it shows the error and asks to update, let it do so and see if that corrects it.

    Show Hidden Files and Folders in Windows Vista and Windows 7:

    • Click on the Start vista-7-start.png button and select Computer
    • Press the Alt key on your keyboard and click on Tools
    • Select Folder Options
    • Click the View tab and make sure that Show hidden files and folders is selected under Hidden files and folders
    • Next, uncheck the box next to Hide protected operating system files (Recommended)
    • Then, uncheck the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Then go to C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware and delete rules.ref. Once you've done that, start MBAM and when it shows the error and asks to update, let it do so and see if that corrects it.

    Reset Hidden Files and Folders in Windows XP:

    • Click Start and select My Computer
    • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
    • Select Folder Options
    • Click the View tab and make sure Do not show hidden files and folders is selected under Hidden files and folders
    • Next, check the box next to Hide protected operating system files (Recommended)
    • Then, check the box next to Hide extensions for known filetypes
    • Click Apply then click OK
    Reset Hidden Files and Folders in Windows Vista and Windows 7:
    • Click on the Start vista-7-start.png button and select Computer
    • Press the Alt key on your keyboard and click on Tools
    • Select Folder Options
    • Click the View tab and make sure that Do not show hidden files and folders is selected under Hidden files and folders
    • Next, check the box next to Hide protected operating system files (Recommended)
    • Then, check the box next to Hide extensions for known filetypes
    • Click Apply then click OK
  • ISSUE: I am receiving the message Run-time error '453': Can't find DLL entry point Get Config Parameter in mbamnet when I try to open Malwarebytes' Anti-Malware, what does it mean and how can I fix it?

    SOLUTION: Usually this occurs because you have just run a program update and have not restarted your computer yet. Please restart your computer which should correct the error.

  • ISSUE: When attempting to mount an image using Acronis True Image with Malwarebytes' Anti-Malware PRO running, the system freezes.

    SOLUTION: You may either change the option while mounting a disk image to Read/write mode which is described here or simply update to the latest version of Acronis True Image (currently version 2012) available here.

Share this post


Link to post
Share on other sites

ID: 2   Posted (edited)

Section B

Command Line Parameters:

Malwarebytes' Anti-Malware supports a variety of command line parameters, which can be used from either a command prompt, batch file or script. (Note: some of these parameters are available in the PRO version only.)

mbam.exe <parameters>

(where parameters is one or more of the following)

  • /errorsilent: suppresses all critical errors and writes the last error to <root-drive>\mbam-error.txt where <root-drive> is the hard drive where Windows is installed, also known as the System Drive.
    Example:
    mbam.exe /errorsilent will suppress all errors when the program is running.
  • /proxy <required server> <optional port> <optional username> <optional password>: allows the user to update through a proxy server. Leave blank to remove any proxy settings previously set.
    Examples:
    • mbam.exe /proxy will remove the proxy settings.
    • mbam.exe /proxy proxy.com 80 will use proxy.com on port 80 with no credentials.
    • mbam.exe /proxy proxy.com 80 admin password will use proxy.com with the specified credentials.

    [*]/logtofolder <optional path>: allows the user to save all log files to the specified folder. If this folder does not exist, Malwarebytes' Anti-Malware attempts to create it. If the path is blank, changes are reverted to default settings. These logs do not show up on the Logs tab.

    Example:

    mbam.exe /logtofolder C:\mbam_log_files will save all future log files to the location C:\mbam_log_files.

    Note: Protection logs created by the protection module will always be saved to the same location

    [*]/logtofile <optional path>: allows the user to save all log files to the specified file. If this file does not exist, Malwarebytes' Anti-Malware attempts to create it. Newest entries are appended to top of the file. If the path is blank, changes are reverted to default settings. This log does not show up on the Logs tab.

    Example:

    mbam.exe /logtofile C:\mbam_log_files\mbam-log.txt will save all future log files to the location C:\mbam_log_files\mbam-log.txt.

    Limitations: The path, in the above case C:\mbam_log_files, must exist. This option will not create folders if they don

Edited by exile360
Updated to reflect current commands

Share this post


Link to post
Share on other sites

Section C

Explanation of common Malwarebytes� Anti-Malware error codes

The following error codes apply to the main
Malwarebytes� Anti-Malware
program and not the registered
Protection Module
.

The
Protection Module
(only available in the registered version)
only uses the
Windows System Error codes

It is possible to see just an error 7xx or 7xx (1, 2) The 7xx error code is for the main application only and is not a Microsoft System or VB error code.

Format: 7xx (1, 2)

7xx: MBAM Error codes

Important Note:
All three-digit error codes that start with a 7 (such as 732, 731, etc.) have all been replaced by a more self-explanatory error code system. If you are receiving any of the following
7xx
error codes, then it most likely means that your version of Malwarebytes' Anti-Malware is out of date. Please
click this link
to be forwarded to one of our download mirrors (such as Download.com or MajorGeeks) in order to obtain the latest version of Malwarebytes' Anti-malware.

  • Error 700: Error occurred using the command line. Parameters may be incorrect.
  • Error 701: The database was empty. Please reinstall the application.
  • Error 702: Error occurred expanding variables. Contact support.
  • Error 703: Error occurred expanding variables. Contact support.
  • Error 704: Encryption of files has failed. Contact support.
  • Error 705: Decryption of files has failed. Contact support.
  • Error 706: Error loading the ignore list. Please delete ignore.dat.
  • Error 707: Error during enumeration of languages. Please reinstall the application.
  • Error 708: Error loading selected language. Please reinstall the application.
  • Error 709: Error implementing language. Contact support.
  • Error 710: Error implementing language. Contact support.
  • Error 711: Error implementing language. Contact support.
  • Error 712: Error implementing language. Contact support.
  • Error 713: Error implementing language. Contact support.
  • Error 714: Error translating item. Please reinstall the application.
  • Error 715: Could not find the module handler. Please reinstall the application.
  • Error 716: Could not find the database, user declined to download manually.
  • Error 717: Database failed to download correctly. Please reinstall the application.
  • Error 718: Could not load the MD5 hash generator. Contact support.
  • Error 719: The operating system is not supported.
  • Error 720: An unknown error occurred during the memory scan. Contact support.
  • Error 721: An unknown error occurred during filesystem enumeration. Contact support.
  • Error 722: An unknown error occurred during the memory scan. Contact support.
  • Error 723: Could not find the SwissArmy driver. Please reinstall the application.
  • Error 724: An error occurred loading the quarantine. Contact support.
  • Error 725: Could not restore a quarantined file. The file may be corrupt.
  • Error 726: Error restoring registry value from quarantine.
  • Error 727: An unidentified item was found in the quarantine.
  • Error 728: Unable to load the log file list. Try deleting the Logs folder.
  • Error 729: Error retrieving special folders. Contact support.
  • Error 730: Unable to load the database. Please reinstall the application.
  • Error 731: Adding item to results list failed. Contact support.
  • Error 732: Error updating the database or product. Check Internet connectivity.

1: Microsoft System Error Codes

2: Microsoft Visual Basic Error Codes

Log File Locations

Scan Logs

  • Windows 2000 & Windows XP:

    C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

  • Windows Vista & Win7:

    C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

File Protection and IP Protection Logs

  • Windows 2000 & Windows XP:

    C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

  • Windows Vista & Win7:

    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Understanding File Names, Paths, and Namespaces

Share this post


Link to post
Share on other sites

Section D

Error Code 732 - Automatically Detect Settings in IE & Note for NetZero Users

Please note that error code 732 was retired after version 1.44, and as of version 1.45 we now use a new error code system. If you are receiving error code 732 then it means that your version of Malwarebytes' Anti-Malware is out of date. Please click this link to be forwarded to one of our download mirrors (such as Download.com or MajorGeeks) in order to download and install the latest version of Malwarebytes' Anti-Malware.

Some systems may have an issue where the Automatically detect settings checkbox is not checked in Internet Explorer 8 in the LAN Settings, and thus receive an error code 732.

Here are some quick steps to see if this is what is causing the error for you:

  1. Click the 'Start' button.
  2. Click on "Control Panel".
  3. Double-click on "Internet Options" (you may have to switch the Control Panel to 'Classic' view to find it).
  4. Click on the 'Connections' tab (step 1 in the screenshot below).
  5. Click on the "LAN settings" button (step 2 in the screenshot below).
  6. Put a check mark in the box labeled "Automatically detect settings" (step 3 in the screenshot below).
  7. Click OK.
  8. Click OK.
  9. Try the update again (you may need to close any open Internet Explorer Windows before trying), and if it doesn't work then create a new topic asking for help.

post-1983-1252903614.png

Netzero Users: As this problem is also known with Netzero users, Please turn off the 3G accelerator on Netzero to fix this: Disable NetZero accelerator

Share this post


Link to post
Share on other sites

Section E

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procdures below

Basic procedures to correct freezing or disappearing program issues with McAfee VirusScan Enterprise 8.x

  • Open the VirusScan Console and disable the Access Protection module and then install MBAM
  • After installation, register and update MBAM and then enable the MBAM Protection Module
  • Within the VirusScan Console under Access Protection configure the following rules
      Anti-virus Standard Protection
    • Prevent user rights policies from being altered
      add mbam.exe to the exclusions
      Common Standard Protection
    • Protect Mozilla & FireFox files and settings
      add mbam.exe to the exclusions
    • Protect Internet Explorer settings
      add mbam.exe to the exclusions
    • Prevent installation of Browser Helper Objects and Shell Extensions
      add mbam.exe to the exclusions
    • Protect network settings
      add mbam.exe to the exclusions
      Common Maximum Protection
    • Prevent programs registering to autorun
      add mbam.exe, mbamgui.exe to the exclusions
    • Prevent programs registering as a service
      add mbam.exe, mbam-dor.exe, mbamgui.exe, mbamservice.exe, services.exe to the exclusions

    [*]From within the VirusScan Console re-enable the Access Protection module

    [*]Double click the MBAM icon in the task tray and do a Quick Scan to confirm there are no longer any freezing issues.

Share this post


Link to post
Share on other sites

Section F

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procedures below

Basic procedures to correct freezing or disappearing program issues with Trend Internet Security Pro

Please try this even if you did this with previous versions of MBAM as the new version has new signatures that your Anti-Virus needs to reset to allow again

  1. Install MBAM but DO NOT enable the Registration at this time. If you're already freezing then start in Safe Mode and disable the MBAM Protection Module from loadig.
  2. While logged onto Windows, double click on the Trend icon in the system tray or open the program from the Start Menu
  3. On the left side click on Personal Firewall Controls - on the right side click on the Settings...

    trend03.png


  4. Then click on the Advanced Settings button.

    trend04.png


  5. Then click on the Program Control tab on top and click on the Add button.

    trend05.png


  6. Under description type in: Malwarebytes Anti-Malware
  7. Under Target click on the Browse button and browse to the folder: C:\Program Files\Malwarebytes' Anti-Malware
  8. Choose mbam.exe and click the Open button which will add mbam.exe to the exception list
  9. Under Firewall Response: make sure it is set to Allow and click OK

    trend06.png


  10. Click OK again twice to finish up adding the entry. This will now allow MBAM to access the Internet for updates.
  11. Now let's setup Trend Anti-Virus so that it trusts MBAM files which have new signatures
  12. On the left side click on Virus & Spyware Controls - on the right side click on the Prevent Unauthorized Changes
  13. Click on the Exception List button.

    trend01.png


  14. Click on the Add program button and browse to the folder: C:\Program Files\Malwarebytes' Anti-Malware
  15. You will have to select the files one by one and add them. Please add the following files.
  16. mbam.exe, mbam-dor.exe, mbamgui.exe, mbamservice.exe
  17. By default the Response is set to Block so you need to click the down arrow and select Trust for all of the MBAM files.

    trend07.png


  18. Now let's add the MBAM Driver files to the list of Trusted files.
  19. Click on the Add program button and browse to the folder: C:\Windows\System32\Drivers
  20. NOTE: By default Trend only allows .EXE and .COM files to be added to the list so you will need to type in *.sys or *.* and hit the Enter key on your keyboard to see the .sys file types.

    trend08.png


  21. You will have to select the files one by one and add them. Please add the following files.
  22. mbam.sys, mbamswissarmy.sys
  23. By default the Response is set to Block so you need to click the down arrow and select Trust for all of the MBAM files.
  24. Now let's add the MBAM rules file to the list of Trusted files.
  25. The path is different between 2000/XP and Vista
  26. 2000/XP Path is: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
  27. Vista Path is: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
  28. NOTE: By default Trend only allows .EXE and .COM files to be added to the list so you will need to type in *.ref or *.* and hit the Enter key on your keyboard to see the .ref file types.
  29. Please add the following file
  30. rules.ref

    trend09.png


  31. When done the entries for trusted files should look like the image below

    trend10.png


  32. Click the OK button
  33. If you're using the free version of MBAM you're done and Trend should no longer block MBAM.
  34. If you're using the Registered version then go to the Protection tab in MBAM and enter in your ID and KEY you recieved in the mail by clicking the Activate button
  35. Now click on the Start Protection button. This should place the MBAM icon in the task tray
  36. Double click the MBAM icon in the task tray and do a Quick Scan to confirm there are no longer any freezing issues.

Special thanks to Yardbird for his help and testing to confirm these settings for Trend

Share this post


Link to post
Share on other sites

Section G

Malicious Website Blocking

  • In v1.40, Malwarebytes introduced Malicious Website Blocking into Malwarebytes Anti-Malware, to prevent the user being infected in the first place. The following is information on what this does, and how it works.
  • What does Malicious Website Blocking do?
  • Malicious Website Blocking provides an additional layer of security for your computer, by preventing access to known malicious IP addresses and IP ranges, for example, NetDirekt, which is host to the Internet Service Team.
  • How does it do this?
  • When you ask your browser to connect to a website, Windows uses DNS or the HOSTS file (depending on configuration), to convert that domain name into it's corresponding IP address (e.g. example.com <> 1.2.3.4). Malwarebytes Anti-Malware intercepts the packet communications, to determine whether or not the IP address is known for malicious activity, and if so, blocks the communication.
  • How does it inform you?
  • Malwarebytes Anti-Malware informs you a malicious website has been blocked by presenting a bubble notification at the bottom of the screen (next to the system tray), and it also writes an entry to a log file.
  • I have it set to show the notifications in Malwarebytes Anti-Malware but they do not show up, how can I fix it?
  • Do the following and it should correct the issue:

    Create a Batch File:

    • Please copy and paste the following text exactly as written into notepad (not wordpad or any other text editor):

      @color 48@echo offreg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v EnableBalloonTips /t REG_DWORD /d 1del /f /q %0
      Once you've done that click on File and select Save As...
    • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
    • Name the file TooltipFix.bat (the .bat extension is very important)
    • Save the file to your desktop and double click it to run it.
    • Reboot your PC when done and then visit iptest.malwarebytes.org, our own safe Malicious Website Blocking test page to verify that it is blocked and that you are now receiving the tray tooltip notifications.
  • What does this notification mean?
  • This notification means quite simply, that a malicious website has been blocked. It does NOT necessarily mean you are infected, it simply means a program on your computer (e.g. your browser, IM program, P2P program etc), tried accessing a malicious website contained in our database. If this notice was presented when you were not actually doing anything on the machine, then we suggest having your computer checked for infection, as this could be a sign of some malware, such as a rootkit or Trojan.
  • I got an alert and I wasn't even surfing, how's does that happen?
  • There are many applications on your system which have access to the Net and any of these can trigger an alert with no browser open. Most common offenders are P2P applications and IM clients, usually an ad will trigger an alert. An advanced or premium firewall will be able to give you a list of programs which can access the Net.
  • I received a notification on a safe site, why?
  • If a notification is displayed when visiting a safe site, and the site loads, it is likely the site was loading content that is hosted on a server known for malicious activity. In this case, the site itself will be displayed perfectly fine, with the malicious content being blocked. If however, the site does not load, it is likely the site is also hosted on the same malicious IP address. It is also entirely possible that the site in question, shares it's IP address with other malicious domains. IP's and IP ranges are blocked if they are either dedicated to malicious content, or have a higher proportion of malicious content, than non-malicious. So for example, if 1.2.3.4 contains 1000 sites and over 50% are malicious, then 1.2.3.4 will be blocked (and even then, if we can get the hosting company to take down the malicious sites, then even better as we do not like blocking shared IP's or IP ranges if we don't have to).
  • How do I disable this?
  • We wouldn't recommend disabling it, but if you must, you can do this by right clicking the Malwarebytes Anti-Malware tray icon, and unchecking Website Blocking. You can also use the two options in the Protection tab of Malwarebytes Anti-Malware to disable Malicious Website Blocking from starting when the protection module starts or simply to disable the tooltip balloon notifications when a malicious site is blocked.
  • I got an alert for an IP or website I think is safe, how can I report it?
  • If you find a site being blocked, and either don't know why, or are sure it's safe, please report it to us at the False Positive Forum.

    IMPORTANT: When posting false postive reports, please ensure you post both the IP address affected, and if applicable, the domain name (e.g. example.com).

  • Does Malicious Website Blocking replace my firewall?
  • Absolutely NOT! The Malicious Website Blocking included in Malwarebytes Anti-Malware is NOT a replacement for your firewall.
  • Where do I find the Malicious Website Blocking logs?
  • The protection logs are found in the Logs tab of Malwarebytes Anti-Malware and are stored in the following locations:

    Filesystem and Malicious Website Blocking Logs

    • Windows 2000 & Windows XP:

      C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

    • Windows Vista & Win7:

      C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

  • How can I add an IP so it won't be detected and can access a site I need to?
  • Visit the site and incur an IP block. Then right-click on the Malwarebytes system-tray icon after the block notification appears, and use the Add to Ignore List menu, selecting the IP address in question for the website you wish to exclude from being blocked.
  • Why is Malwarebytes Anti-Malware blocking my antivirus?
  • It isn't, but it may appear so because of the process name shown in the notification belongs to your antivirus. This can happen if you use an antivirus software that intercepts all incoming and outgoing internet traffic to look for infections which makes Windows think it is your antivirus initiating the connection and thus Malwarebytes Anti-Malware thinks the same thing. In the below example you can see that the process name is avp.exe, which belongs to Kaspersky Anti-Virus even though this block was incurred by using Internet Explorer:

    post-2103-0-25485700-1305142950.png

If you are on Windows XP, the Malicious Website blocking module cannot show you what process is attempting to make an outgoing connection from your PC. To determine what process is initiating a connection you may use a tool such as TCPView by Microsoft Sysinternals:

Use TCPView to Determine what Process is Connecting to a Malicious IP Address:

  • Please download TCPView by Microsoft Sysinternals from here and save it to your desktop
  • Double-click on TCPView.exe to run it
  • Click on Options at the top and uncheck Resolve Addresses
  • Look in the Remote Address column for the IP address that Malwarebytes Anti-Malware has been blocking and see what process is listed next to it under the Process column on the left
  • If you suspect that the process is malicious or that the connection attempt may be the result of a browser hijack or other malicious content on your system, then please update and run a scan with Malwarebytes Anti-Malware and if necessary, seek assistance from support to assist you with cleaning your system or follow the instructions posted here to receive free one on one expert assistance here on our forums

Share this post


Link to post
Share on other sites

Section H

If you're having issues with Malwarebytes' Anti-Malware freezing when scanning or when enabling the Protection Module or Updates being blocked then please try the procedures below

Basic procedures to correct freezing or disappearing program issues with AVG Anti-Virus

Please try this even if you did this with previous versions of MBAM as the new version has new signatures that your Anti-Virus needs to reset to allow again

***Note: These exclusions should be applied to any antivirus application you have and your firewall as well***

Step 1: Show Hidden Files and Folders:

Show Hidden Files and Folders in Windows XP:

  • Click Start and select My Computer
  • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
  • Select Folder Options
  • Click the View tab and make sure Show hidden files and folders is selected under Hidden files and folders
  • Next, uncheck the box next to Hide protected operating system files (Recommended)
  • Then, uncheck the box next to Hide extensions for known file types
  • Click Apply then click OK

Show Hidden Files and Folders in Windows Vista and Windows 7:

  • Click on the Start vista-7-start.png button and select Computer
  • Press the Alt key on your keyboard and click on Tools
  • Select Folder Options
  • Click the View tab and make sure that Show hidden files and folders is selected under Hidden files and folders
  • Next, uncheck the box next to Hide protected operating system files (Recommended)
  • Then, uncheck the box next to Hide extensions for known file types
  • Click Apply then click OK

Step 2: Exclude Files and Folders:

To exclude Malwarebytes' from AVG (8.5):

Note: If not AVG, whatever your resident antivirus software is

  • Open AVG and click on Tools and select Advanced Settings
  • Click on Resident Shield
  • Click on Exceptions then click Add Path
  • Exclude the following directories:


  • C:\Program Files\
    Malwarebytes' Anti-Malware

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\
    Malwarebytes' Anti-Malware



  • C:\Documents and Settings\All Users\Application Data\
    Malwarebytes

    Note:
    For Vista and 7 users it would be C:\ProgramData\
    Malwarebytes


    Click on Add List then copy and paste the text inside the CODE box exactly as written into the AVG window. Select the entries appropriate to your version of Windows:
    For Windows XP:

    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\System32\drivers\mbamswissarmy.sys


    For Windows Vista and Windows 7:

    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\System32\drivers\mbamswissarmy.sys


    For 64 bit versions of Windows Vista and Windows 7:

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
    C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
    C:\Windows\System32\drivers\mbam.sys
    C:\Windows\SysWoW64\drivers\mbamswissarmy.sys


Click on OK

To exclude Malwarebytes' from AVG (9):

  • Open AVG and click on Tools and select Advanced Settings
  • Click on Resident Shield
  • Click on Directory Excludes
  • Exclude the following directories:


  • C:\Program Files\
    Malwarebytes' Anti-Malware

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\
    Malwarebytes' Anti-Malware



  • C:\Documents and Settings\All Users\Application Data\
    Malwarebytes

    Note:
    For Vista and 7 users it would be C:\ProgramData\
    Malwarebytes




  • Click on Excluded Files
  • Exclude the following files:


  • C:\Program Files\Malwarebytes' Anti-Malware\
    mbam.exe

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\
    mbam.exe



  • C:\Program Files\Malwarebytes' Anti-Malware\
    mbamgui.exe

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\
    mbamgui.exe



  • C:\Program Files\Malwarebytes' Anti-Malware\
    mbamservice.exe

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\
    mbamservice.exe





  • C:\Program Files\Malwarebytes' Anti-Malware\
    mbam.dll

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\
    mbam.dll



  • C:\Program Files\Malwarebytes' Anti-Malware\
    mbamext.dll

    Note:
    For 64 bit systems it would be C:\Program Files (x86)\Malwarebytes' Anti-Malware\
    mbamext.dll



  • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\
    rules.ref

    Note:
    For Vista and 7 users it would be C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\
    rules.ref



  • C:\Windows\System32\drivers\
    mbam.sys



  • C:\Windows\System32\drivers\
    mbamswissarmy.sys

    Note:
    For 64 bit systems it would be C:\Windows\SysWoW64\drivers\
    mbamswissarmy.sys


Click on OK

Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows XP:

  1. Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield
  2. Click on Tools at the top and select Advanced settings...
  3. Click on Excluded Items under Resident Shield
  4. Click on the Add Path button on the right
  5. Click on the + next to My Computer in the Browse For Folder window
  6. Click on the + next to your system drive (usually C:)
  7. Click on the + next to Program Files
  8. Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK
  9. Click on the Add Path button on the right
  10. Click on the + next to My Computer in the Browse For Folder window
  11. Click on the + next to your system drive (usually C:)
  12. Click on the + next to Documents and Settings
  13. Click on the + next to All Users
  14. Click on the + next to Application Data
  15. Click once on the Malwarebytes folder so that it is highlighted and click on OK
  16. Click on the Add File button on the right and click on My Computer on the left
  17. Double-click on your system drive (usually C:)
  18. Double-click on Windows
  19. Scroll to the right until you find the System32 folder and double-click on it
  20. Double-click on the drivers folder
  21. Scroll to the right until you find mbam.sys and double-click on it
  22. Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it
  23. Click on the Apply button at the bottom of the program window and then click on OK
  24. Close the AVG window

Set Exclusions for Malwarebytes' Anti-Malware in AVG Free 2011 in Windows Vista and Windows 7:

  1. Open AVG and close the pop-up ad that shows up on the bottom of the screen then double-click on Resident Shield
  2. Click on Tools at the top and select Advanced settings...
  3. Click on Excluded Items under Resident Shield
  4. Click on the Add Path button on the right
  5. Click on the + next to Computer in the Browse For Folder window
  6. Click on the + next to your system drive (usually C:)
  7. Click on the + next to Program Files Note: This should be Program Files (x86) for 64 bit Windows versions.
  8. Click once on the Malwarebytes' Anti-Malware folder so that it is highlighted and click on OK
  9. Click on the Add Path button on the right
  10. Click on the + next to Computer in the Browse For Folder window
  11. Click on the + next to your system drive (usually C:)
  12. Click on the + next to ProgramData
  13. Click once on the Malwarebytes folder so that it is highlighted and click on OK
  14. Click on the Add File button on the right and click on Computer on the left
  15. Double-click on your system drive (usually C:)
  16. Double-click on Windows
  17. Scroll to the right until you find the System32 folder and double-click on it
  18. Double-click on the drivers folder
  19. Scroll to the right until you find mbam.sys and double-click on it
  20. Click on the Add File button on the right and scroll to the right until you find mbamswissarmy.sys and double-click on it Note: This will be C:\Windows\SysWOW64\drivers for 64 bit Windows versions.
  21. Click on the Apply button at the bottom of the program window and then click on OK
  22. Close the AVG window

Step 3: Reset Hidden Files and Folders:

Reset Hidden Files and Folders in Windows XP:

  • Click Start and select My Computer
  • Click the Tools item from the menu at the top of the window (if you don't see Tools press the Alt key on your keyboard and it will appear)
  • Select Folder Options
  • Click the View tab and make sure Do not show hidden files and folders is selected under Hidden files and folders
  • Next, check the box next to Hide protected operating system files (Recommended)
  • Then, check the box next to Hide extensions for known filetypes
  • Click Apply then click OK

Reset Hidden Files and Folders in Windows Vista and Windows 7:

  • Click on the Start vista-7-start.png button and select Computer
  • Press the Alt key on your keyboard and click on Tools
  • Select Folder Options
  • Click the View tab and make sure that Do not show hidden files and folders is selected under Hidden files and folders
  • Next, check the box next to Hide protected operating system files (Recommended)
  • Then, check the box next to Hide extensions for known file types
  • Click Apply then click OK

Special thanks to Exile360 and catscomputer for writing up and testing these setttings

Share this post


Link to post
Share on other sites

Section I

We've noticed that Microsoft Security Essentials and Malwarebytes' Anti-Malware both running real-time protection at the same time have a tendency to cause your computer to freeze. Below is detailed a quick solution to any potential freezing issues (performing these steps is a must for Windows XP users).

If you are already experiencing the freezing issue: Restart your computer in Safe Mode (instructions at this link), uninstall Malwarebytes' Anti-Malware and restart your computer normally.

Once you've started back into normal mode, reinstall Malwarebytes' Anti-Malware, but do not enable the protection module yet.

Set Exclusions for Malwarebytes' Anti-Malware in Microsoft Security Essentials:

  1. Open Microsoft Security Essentials and click on Settings at the top
  2. Click on Excluded processes on the left
    post-2103-0-80589200-1301808890.png
  3. Click on the Browse... button
  4. Click on the + next to your primary hard drive (usually C:)
  5. Click on the + next to Program Files Note: for 64 bit Windows versions this will be Program Files (x86)
  6. Click on the + next to Malwarebytes' Anti-Malware
  7. Click once on mbam.exe and click on OK
    post-2103-0-14581800-1301808963.png
  8. Repeat steps 3-7 for the following files:
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

post-2103-0-43880100-1301809048.png

[*]Click on the Add button

[*]Click on Save at the bottom and click Continue if prompted

post-2103-0-41894000-1301809116.png

[*]Close Microsoft Security Essentials

Open Malwarebytes' Anti-Malware and update it then enable the protection module and the issue should be resolved. You may also wish to do the following, as it has been shown to improve system responsiveness/performance:

Set Exclusions for Microsoft Security Essentials 2.x in Malwarebytes' Anti-Malware:

  • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  • Click the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on Microsoft Security Client and click OK
  • Close Malwarebytes' Anti-Malware

Share this post


Link to post
Share on other sites

Section J

For users experiencing issues with Norton 360 version 4 and Malwarebytes' Anti-Malware (such as freezing, general loss of performance, etc), please follow the directions below to add exclusions to Norton 360 in order to aid in compatibility.

Open Norton 360, either from the icon on your desktop, or from the Start Menu, and then proceed to follow the instructions in the screenshots below:

norton_360_v4_001.png

norton_360_v4_002.png

norton_360_v4_003.png

norton_360_v4_004.png

norton_360_v4_005.png

Please add each of the following files to the "Auto-Protect Exclusions" list in Norton 360:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\WINDOWS\system32\drivers\mbam.sys
  • C:\WINDOWS\system32\drivers\mbamswissarmy.sys

Make sure to click 'OK' when done.

***Note***

Users of 64-bit editions of Windows will want to add the following files instead:

  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\WINDOWS\system32\drivers\mbam.sys
  • C:\WINDOWS\SysWOW64\drivers\mbamswissarmy.sys

Make sure to click 'OK' when done.

If you continue to experience problems after adding those exclusions and closing Norton 360, please contact our technical support.

Share this post


Link to post
Share on other sites

Section K

The following instructions show you how to exclude Avast! 6 and Malwarebytes' Anti-Malware from one another to prevent conflicts and improve performance:

Set Exclusions for Malwarebytes' Anti-Malware in Avast! Antivirus 6 (Free, Pro and Internet Security):

  • Open Avast! antivirus and click on REAL-TIME SHIELDS on the left
  • Click on File System Shield on the left and click on Expert Settings
  • Click the Exclusions section
  • Click on Browse next to the blank entry at the bottom of the list (this will be the only entry if no other exclusions have been set yet)
  • In the Select the areas window click on the + next to C:
  • Click the + next to Program Files Note: For 64 bit Windows versions this will be Program Files (x86)
  • Click the box next to Malwarebytes' Anti-Malware and click on OK
  • Click OK again
  • Click on Web Shield on the left and click Expert Settings
  • Click on Exclusions and check the box next to URLs to exclude:
  • Type or copy/paste the following address:
    *.mbamupdates.com
  • Click on OK
    Also, for Avast! Internet Security:
  • Click on Behavior Shield on the left and click Expert Settings
  • Click on Trusted Processes
  • Click on Browse next to the blank entry at the bottom of the list (this will be the only entry if no other exclusions have been set yet)
  • Navigate to C:Program Files\Malwarebytes' Anti-Malware and click once on mbam.exe and click Open Note: For 64 bit Windows versions this will be Program Files (x86)
  • Do the same for the following files:
    • mbamgui.exe
    • mbamservice.exe

    [*]Click on OK

    [*]Close Avast! antivirus

Set Exclusions for Avast! Antivirus Free, Pro and Internet Security in Malwarebytes' Anti-Malware:

  • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
  • Click on the Add button on the lower left
  • In the small browse window that opens, navigate to C:\Program Files and click once on avast software and click on OK
  • Close Malwarebytes' Anti-Malware

Share this post


Link to post
Share on other sites

ID: 12   Posted (edited)

Section L

Sometimes Malwarebytes' Anti-Malware might freeze or crash during a scan. The most common causes can be anything from an infection to a simple corrupt file or sector on your hard drive. Here's a few things you can try to see if they resolve the problem:

Step 1: Scan in Safe Mode

Try Scanning in Safe Mode:

While this may not fix the problem, it can help to narrow down what the cause might be:

Windows XP:

  • Restart your computer.
  • When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with the Windows XP Advanced Options menu.
  • Select the option for Safe Mode using the arrow keys.
  • Then press Enter on your keyboard to boot into Safe Mode.
You should then be presented with the Windows XP Login screen. Log in to Windows and when it prompts you about Safe Mode and asks if you'd like to continue click Yes.

Windows Vista and Windows 7:

  • Restart your computer.
  • When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with the Windows Advanced Boot Options menu.
  • Select the option for Safe Mode using the arrow keys.
  • Then press Enter on your keyboard to boot into Safe Mode.
You should then be presented with the Windows Login screen. Log in to Windows.

Once in Safe Mode, try running a scan with Malwarebytes' Anti-Malware to see if it is now able to complete without freezing or crashing. If the scan does not freeze or crash, the issue may be either related to a piece of software on your system, such as a security program or a driver that does not load in Safe Mode but does in normal mode causing the freeze or crash or it could be the DDA driver used during scans in normal mode by Malwarebytes' Anti-Malware having issues with a corrupt file or sector on your hard drive. Since Malwarebytes' Anti-Malware's DDA driver does not load in Safe Mode, this helps narrow down the issue.

If the issue does still happen, it may still be a corruption issue, but the next steps should help to narrow this down further:

Step 2: Run CHKDSK to attempt to fix file and hard drive sector corruption

Run a Disk Check on your C: drive in Windows XP:

  • Click Start and open My Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • Click on the Start button
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
Run a Disk Check on your C: drive in Windows Vista or Windws 7:
  • Click the Start vista-7-start.png button and select Computer
  • Right-click on C: and select Properties
  • Click on the Tools tab
  • Under Error-checking click the Check Now... button and click Continue at the User Account Control prompt
  • Mark the box next to Automatically fix file system errors and Scan for and attempt recovery of bad sectors
  • Click on the Start button
  • When the message box pops up, click the Schedule disk check button and restart your computer
  • Once your computer restarts it will check the drive, don't press any keys so that it is allowed to do so
Once that is complete, attempt another scan with Malwarebytes' Anti-Malware to see if the issue is now resolved or not. Note: You may need to run CHKDSK more than once in some cases to repair a problem, so if issues are found during the chkdsk scan and the scan with Malwarebytes after that still has the issue, try the above procedure again to see if there are any additional errors that get fixed then try scanning with Malwarebytes again.

Step 3: Defragment your hard drive

Defragment your Hard Drive:

  • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):

    defrag "%systemdrive%"del /f /q %0
  • Once you've done that click on File and select Save As...
  • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
  • Name the file defrag.bat (the .bat extension is very important)
  • Save the file to your desktop and double click it to run it if running Windows XP. If running Windows Vista or Windows 7 you must right-click on the file and choose Run as administrator.
If you are still having freezing/crashing issues during scans, please either contact Support or post in a new topic here describing your issues along with a list of what you've tried to resolve the issue so far and a team member will respond with further instructions to attempt to diagnose and correct the problem. Edited by exile360

Share this post


Link to post
Share on other sites

Section M

Set Exclusions for Malwarebytes' Anti-Malware in Panda Global Protection 2012:

  • Open Panda Globel Protection and make certain that the Status tab is selected
  • Click on Settings near the lower left under Protection
  • In the window that opens click on the Settings button under Threats to Detect and Exclude
  • Click on the Files tab
  • Click the Add button and add the following files which are all located in C:\Program Files\Malwarebytes' Anti-Malware Note: These files will be located in C:\Program Files (x86)\Malwarebytes' Anti-Malware on 64 bit Windows versions
    • mbam.exe
    • mbamgui.exe
    • mbamservice.exe

    [*]Click on OK and then click Apply

    [*]Click on the Firewall tab

    [*]Under Rules, click the Settings button next to You can specify which programs can access the internet and make certain that Malwarebytes' Anti-Malware is listed as being allowed for both Inbound and Outbound, if it is not, then add the 3 above files and click OK

    [*]Close the Panda Global Protection window

Share this post


Link to post
Share on other sites

Section N

For PROGRAM_ERROR_UPDATING (11001, 0, Host not found) and (11004, 0, No address found)

If you are receiving this error while trying to update MBAM, it's very likely that your router DNS settings have been hijacked. (infection)

Please run a quick Scan. If you receive this result:


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Bad: (213.109.65.147) Good: () -> Quarantined and deleted successfully.

Let's try to reset the router to its factory/default configuration.

  1. You will need the user manual for your router. NOTE: You may want to ask your ISP for help ahead of time, in case there are custom settings that need to be maintained.
  2. To reset the router, insert something tiny like a paper clip end or the tip of a pen into a small hole labeled "reset" located on the back of the router.
  3. With the power to the router on, press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10-20 seconds).
  4. After resetting the router, login into the router by following instructions in the user manual. You will need to reconfigure any security settings you had in place prior to the reset.
  5. Then change your admin login and password--make it a strong password. You can get help with that here: Password Help

After you have reset your router. Create a post within Hijack This Logs Topic

You need to start a topic in the Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have from the Hijack

You can follow the directions below and someone will assist you with running scans on your system to see if they can detect anything.

Please print out, read and follow the Directions HERE, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Share this post


Link to post
Share on other sites

Section O

How to use the Scheduler in Malwarebytes Anti-Malware PRO (1.51.x and later versions)

Version 1.51 introduces a new version of the scheduler. This guide is intended to navigate to the scheduler as well as the basic ways to add/edit/delete the items saved within the scheduler.

post-60618-0-48643000-1310078137.png

post-60618-0-09185400-1310078139.png post-60618-0-91824000-1310078142.png

post-60618-0-04949600-1310078145.png

post-60618-0-53206200-1310078147.png post-60618-0-94202300-1310078150.png

post-60618-0-19911900-1310078155.png

post-60618-0-21146500-1310078157.png

Share this post


Link to post
Share on other sites

Section P

How to manually update MBAM while CA Internet Security is installed.

During Manual update of MBAM you receive the prompt: 'You have the latest database version.' Even though you do not and are using CA Internet Security.

Currently CA Internet Security blocks MBAM's manual update request to the update server. MBAM is within CA's Trusted group for monitor and control access for programs.

To manually update MBAM while CA Internet Security is installed:

  1. Within CA Internet Security go to My computer -> Update Settings.
  2. Click Program Access.
  3. Click the (+) sign next to Trusted.
  4. Scroll through the list within Trusted, locate and click mbam.exe.
  5. Click [Modify].
  6. Click the drop-down arrow under 'Define access permissions for this program:' and select 'Define Customized Permissions or Rules'
  7. Uncheck Enable Privacy Protection then click Save.
  8. Close CA Internet Security.

MBAM should manually update correctly.

Share this post


Link to post
Share on other sites

Section Q

Malwarebytes Anti-Malware won't open on Windows XP but the computer is not infected:

Note: This issue only occurs on Windows XP, if you are running Windows Vista or Windows 7 and Malwarebytes Anti-Malware won't open, then the presence of an unseen infection is the most likely cause because those Windows versions do not allow the Windows installation drive letter to be any other than C:.

This issue often occurs because Windows is installed on a hard drive other than C: and C: is being used by a removable drive. This is easily remedied by changing the drive letter of the removable drive marked as C:, changing it to any drive letter other than C: as detailed below:

Instructions below are based on this Microsoft Knowledge Base article.

  • Log on as Administrator or as a member of the Administrators group
  • Click on START and choose Control Panel
  • Click on Performance and Maintenance Note: If you do not see Performance and Maintenance listed, click on Switch to Category View on the left pane of the window.
  • Click on Administrative Tools
  • Double-click on Computer Management
  • Click once on Disk Management under Storage on the left
  • Scroll down the list of drives until you find the removable drive marked as (C:)
  • Right-click on the removable drive marked as (C:) and click on Change Drive Letter and Paths...
  • Click on the Change... button
  • Click on the drop down menu that says C and choose a different letter (it may be any letter you wish as long as it is NOT C)
  • Click on OK and click Yes to the confirmation prompt
  • Restart your computer and try running Malwarebytes Anti-Malware again, it should now open and function normally

Share this post


Link to post
Share on other sites

Resetting the Malwarebytes Anti-Malware schedules from the command line.
 
There is a 15 minute randomized delay in the scheduler for MBAM updates so + or - 15 minutes is normal for updates with the scheduler. Scans will run at the time set for though.

From an elevated admin command prompt please do the following.
How to Open an Elevated Command Prompt in Windows 7

Please type the following and press the Enter key at the end of the line.
You can check here if you're not sure if your computer is 32-bit or 64-bit

On Windows XP and Windows 7 x86
CD "%ProgramFiles%\Malwarebytes' Anti-Malware"

On Windows 7 x64
CD "%ProgramFiles(x86)%\Malwarebytes' Anti-Malware"

Please type the following and press the Enter key at the end of each line. There will not be any feedback normally unless you type it wrong.


mbam.exe /unschedule /all
mbam.exe /schedule /update /silent /hourly /every 4 /starting 10/04/2013 16:15:00 /recover 2
mbam.exe /schedule /scan -quick -log -silent -remove -reboot /silent /daily /every 1 /starting 10/04/2013 17:30:00 /recover 23

Now open the MBAM program and go to the Protection tab and click on the Scheduler button
If completed correctly it should look very similar to the image below.

scheduler_settings_zps5f895d05.png
 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.