I don’t have the energy tonight to post my travails in attempting to install Windows 10 on two of our family systems.
Long story short, I ended having to roll them back to Windows 8.1 and Windows 7 Ultimate. Although it was a “pleasant” upgrade experience at the onset, serious stability and functionality issues arose quickly that rollbacks were required. The rollbacks were successful and also “pleasant” -- all things considered.
Anyway, on the Windows 7 Ultimate upgrade to Windows 10, it lasted one week. The Malwarebytes Anti-Exploit behaved just fine after the upgrade.
However on the Windows 8.1 upgrade to Window 10, MBAE had all kinds of issues from the get-go. Uninstalling/reinstalling it fixed nothing, despite being being Windows 10 supported. Specifically it was displaying a “Anti-Exploit is not started” error message after the upgrade.
In the end -- due to other issues -- I did roll back to Win 8.1 and it began working just fine.
I did find these forum threads that point (at this time) to a beta version of MBAE that should address persistent issues in Win 10 for some users.
- Anti-Exploit not started after upgrade to Windows 10 - Anti-Exploit Product Support - Malwarebytes Forum
The fix above (uninstall/reinstall MBAE) didn’t fix the issue which led to these readings:
- [SOLVED] Not working after upgrade to Windows 10 - Anti-Exploit Product Support - Malwarebytes Forum
- [SOLVED] Not working after upgrade to Windows 10 - Page 6 - Anti-Exploit Product Support - Malwarebytes Forum
That finally hops to this:
- MBAE 1.08 Beta Preview - Experimental MBAE Builds - Malwarebytes Forum
Sadly, I didn’t get a change to try this preview version as my rollback to Win 8.1 (due to more serious Win 10 system issues than MBAE) fixed the issue with MBAE working properly again. However if you do have issues with MBAE after upgrading to Win 10, try that beta version.
In other news, I had been doing some good Samaritan work on a family’s Win 7 netbook that was so infected with toolbars, PUPs, malware, and other “stuff” that it took me the better part of a week’s time (after hours) to get it cleaned up. I’ve got some good cleaning logs collected so maybe that will eventually rate a post of it’s own.
One challenge I had was getting it cleaned up enough to get it on a network. It took multiple passes but thanks to my handy write-protect switched Kanguru USB drive I was finally able to use a combo of manual and automated cleaning techniques to get it restored to an almost pristine and healthy state.
One of the first automated tools I ran against it was Malwarebytes Anti-Malware but while I had the installer on my USB drive, I couldn’t get the netbook on the network to get the def file updates. So I had to do my first round of scanning/cleaning with outdated files.
There does seem to be a semi-regularly updated “DAT file updater” package available like from other vendors, but was only found post response. That need led me to find these tips on where I can get a super-current set of data files from a working system and then copy them over onto the borked one; thereby achieving a manual update. Or keep a semi-updated definition updater package tucked on my USB as well. Of course…having both options may be best!
- Manual database update - Page 3 - Malwarebytes News - Malwarebytes Forum
Via that forum post:
the Windows 7 path to rules.ref is C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\rules.ref
Just copy/paste that address location in your Windows explorer address bar and jump right to it.
This bleepingcomputer post has some additional information about the other Malwarebytes definition files you might also want to copy of the updated computer and over onto your USB drive to drop back in the same location on the impacted one:
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\rules.ref
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\actions.ref
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\swissarmy.ref
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\database.conf
Note: at some point it looks like earlier versions of the application had a patch with an “apostrophe” character “ ‘ “ in the path. That seems to be gone now in the versions I use and I’ve edited it out of these quoted forum references to avoid confusion.
Later I also found this.
- Manual Updating of Database Version - Malwarebytes Anti-Malware - Malwarebytes Forum
From that forum post:
Just very recently available there has been a change were you can now download an offline updater.
There is a new mbam-rules link:
http://downloads.malwarebytes.org/file/mbam_rules
The link is to a download of 1 zip file, where the name is mbam-rules-YYYY-MM-DD.zip
Something to note:
• There are 2 files now:
o Mbam-rules.exe
o Mbam2-rules.exe
•They are specific to the version, so mbam-rules is for any MBAM 1.x installation whereas mbam2-rules is for any MBAM 2.x installation.
•In the future it will have a README included with instructions for users, but for now it is only the executables.
As of tonight (2015-09-27) that download link above is working fine and produces a rules update file dated 2015-09-10 so it is lagging behind a bit from the current def dates found in a “live” Malwarebytes application update.
In either case…the whole point here is to get enough updated files on the system for Malwarebytes to use to get a thorough cleaning and your system back on the network. Once on the network, then you should run the internal update process for Malwarebytes to ensure you have everything updated the way it should be, normally.
Hope this helps in a pinch.
Cheers,
Claus Valca
No comments:
Post a Comment