Interaction problems between F-Secure and Malwarebytes, with solutions
I will share some recent experiences I had with W-7 64-bit PCs running Microsoft Security Essentials and MBAM Pro, F-Secure Anti-Virus and MBAM Pro, and F-Secure Internet Security and MBAM Pro. All systems were configured with the following optional MBAM Advanced Settings selected:
- Enable self-protection module
- Enable self-protection early start
- hourly update
A system with MSE/MBAM booted. I manually updated MBAM. Then I manually updated MSE before MBAM finished. As many of you know, MBAM displays a message "Not Responding" while it is updating. They have a great malware removal system, but the worst update process. In this case, MSE complained, something about that it could not reach the Internet. Task Manager showed a CPU in the 20-30% range. After a reboot, everything was fine.
Systems running AV/MBAM worked fine with the aforementioned settings. However, all of these PCs were recently upgraded to IS.
A system with IS/MBAM booted. I started IE11, but the webpage only half-finished displaying. Action Center told me I had no anti-virus at all. I double-clicked the F-Secure icon, but nothing happened. I opened Control Panel and tried to uninstall IS from "Uninstall or change a program," thinking that the last F-Secure update was poisoned (vendors do this from time to time), but nothing happened (literally, nothing happened after I clicked on Uninstall). I rebooted and this time the system was normal.
Also, something which annoyed me on IS/MBAM PCs is that the cursor would change to the circular cursor every hour or so, signifying that the system is being maxed-out in some respect.
My opinion is that MBAM monopolizes network resources and this confuses the additional processes IS has over AV. I think it is a bad sign that MSE, a Microsoft product which normally operates without a hiccup, has problems with MBAM (too bad MSE has such terrible protection).
I changed all MBAM settings as follows to try to ensure that anti-virus and MBAM are not starting and/or updating at the same time:
- deselect "Enable self-protection module"
- deselect "Enable self-protection early start"
- select "Delay Protection at startup for 60 seconds
I changed the MBAM update schedule to only run once per day around noon. I changed the threat scan schedule to run once per day (including an update) near the end of the day. This insures that MBAM receives three updates per day -- startup, noon, and end of day -- but this does not present a problem because IS provides a real-time shield (the MSE PC is only a lab system).
I have not seen the circular cursor since I made the changes.
I will update this thread if anything new arises.
P.S. Yes, I am aware that F-Secure does not recommend running any other anti-malware packages. I think I have proved that point. And I will never again manually run an antivirus update or scan while MBAM is updating.