Malwarebytes Anti-Rootkit Driver Error Code 20026 message

Martin Brinkmann
Mar 28, 2014
Antivirus, Tutorials
|
8

I have updated the Malwarebytes Anti-Malware installation to version 2.0 during the beta trial that the company ran, and upgraded to the final version using my own license once it was released.

So far I have been more than satisfied with the new program version and the capabilities that Malwarebytes added to it.

There is however one slight issue that I have experienced from day one of using the new version of the popular security software: the anti-rootkit component is not working.

Whenever I try to run a scan, I get an error message shortly thereafter that informs me that the anti-rootkit driver could not be loaded.

I can then select to run the scan without anti-rootkit detection, or cancel it completely.

The full error message:

malwarebytes anti malware rootkit driver error

Error: Malwarebytes was unable to load the Anti-Rootkit Driver. Error code: 20026

Do you want to continue the scan without anti-rootkit support?

Before you can select yes or no here, a second error message pops up.

scanner failed error code 20026

Scanner Failed with Error Code: 20026

I'm not the only user of the program who gets these error messages. If you check out the Malwarebytes forum, you notice that quite a few users get the same error message when they start a scan.

Some even get it on system start, which I do not thankfully.

The reason for this is that Malwarebyte's Anti-Rootkit driver does not support encrypted volumes. The only exception here is TrueCrypt which is supported, but if you are running a different encryption software such as Microsoft BitLocker or DiskCryptor (which I use) then you will run into the error message when Malwarebytes Anti-Malware tries to launch the Anti-Rootkit scanner.

To the best of my knowledge, like MBAR, MBAM 2.0's rootkit scanning has limited support for TrueCrypt encrypted volumes only. No other disk encryption software is supported. I will be speaking to the Developers and will update this information as needed.

Workaround

There is not much that you can do at the moment to resolve the situation on your end. The only option would be to switch to TrueCrypt encrypted volumes, but that is not really something that most users may want to do as it involves quite the operation (turn off the current encryption, run True Crypt, use it to encrypt the volumes).

The best option currently is to disable the scan for rootkits in Malwarebytes Anti-Malware. This is done in the following way:

  1. Open the program on your system and bring the window of it to the front.
  2. Click on Settings > Detection and Protection.
  3. Disable "Scan for rootkits".

This takes care of the error message that you get during scans. It is recommended to use other anti-rootkit software for the time being.

Programs like TDSSKiller, Avast's aswMBR or Gmer are all on-demand scanners that you can use for the time being.

It is not clear if Malwarebytes will resolve the issue and make the anti-rootkit module compatible with other encryption programs.

Advertisement

Previous Post: «
Next Post: «

Comments

  1. Joe C said on December 27, 2014 at 7:54 pm
    Reply

    I’m getting the same ‘can not load Rootkit driver (error 20025) on a 13 year old Win XP system after an upgrading to 2.0) yes, I know I need a new PC and am accepting donations HAHA) I’m running the stock program configuration because I haven’t figured out how to change anything (I’m visually impaired and the current UI makes this difficult) OR amake this error go away. I have no encrypted drives that I know of. I WANT to do a rootkit scan so the prompt to run the scan without it is useless. I’m running Zonealarm and Avast, AAV’s scan completes with no issues. In spite of these I’m pretty sure I have a rootkit and am trying a Shotgun approach, most AntiRootkit tools find no issues. Please, guys, I’m going bald from tearing my hair out over this one. Perhaps MWBAM is choking on an older stsyem? The other AntiRootkit utilities (RootkitBuster, Kapersky, Combofix, et.al.) can’t find that much but run just fine. I’m NOT running in Safe Mode, I’ll try that later. If that’s the fix, maybe MWB will include specific instructions to that effect — or write a truly automatic program. Now that Microsoft has cut us adrift we are at the mercy of wind and weather, we have no other course to chart. Thanks for any bearings, Joe C

  2. chesscanoe said on March 31, 2014 at 3:54 pm
    Reply

    https://www.malwarebytes.org/support/guides/ has a MalwareBytes User Guide you can click on to read in your Chrome Browser (at least). You then can get directions to exclude files and folders individually. Wouldn’t this circumvent the encrypted files problem? ( I don’t have any to test).

    1. Martin Brinkmann said on March 31, 2014 at 3:57 pm
      Reply

      It is not a problem of encrypted files, but of encrypted hard drives and partitions.

  3. dwight.stegall@gmail.com said on March 30, 2014 at 4:19 pm
    Reply

    Scanning your hard drive for Adware Tracking Cookies is unnecessary. It will wear out your hard drive sooner and wastes your time. Keep the following folder in Windows Explorer emptied out. I check mine once a day. Add the folder to your Windows Explorer Favorites.

    %userprofile%\AppData\Roaming\Microsoft\Windows\Cookies

  4. Declan said on March 30, 2014 at 5:46 am
    Reply

    Thanks, Martin. I’ll give it a try.

  5. PhoneyVirus said on March 30, 2014 at 3:18 am
    Reply

    Had to remove the beta, because I having problems with Real-time protection. I did like the layout, but everything was pretty much the same. Looking forward to the stable version when it releases, when ever that maybe. Also like the ideal of them supporting TrueCrypt because I use it. There’s one thing that I hate about Malwarebytes and that is, it never remembers the last window size when closing it. Kinda annoyance when using it on a smaller screen, say like a Netbook.

  6. Declan said on March 29, 2014 at 2:21 pm
    Reply

    Martin, Thanks for that explanation, that was happeneing to me as well.
    And forgive me if I’m piggy-backing here … but do you or any of your readers know of an encryption app where you can encrypt just a singular file? The applications you mentioned above will create a virtual drive or volume to encrypt it, or maybe a virtual folder, but I’d love to be able to encrypt just a file and park it anywhere on my hard drive or thumb drive and know it’s secure.
    Thanks again for your great website.
    Declan

    1. Martin Brinkmann said on March 29, 2014 at 2:25 pm
      Reply

      You can use a program like Datalocker for that, or zip software such as 7-Zip.

      https://www.ghacks.net/2012/02/23/datalocker-file-encryption-for-windows-mac-ios/

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.