Jump to content

Durew

Honorary Members
  • Posts

    290
  • Joined

  • Last visited

Everything posted by Durew

  1. Hi Cabizzi, Could you post the list of steps they ask you to take so we can talk you through it? Regards, Durew
  2. Hi DeGraff and anyone looking into this, On my computer (windows 10 Pro) the registry key value of the key mentioned before is C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe So on my computer the slashes seem to be correct. How bad it is that the quotation marks are not there I do not know. I hope this helps anyone (probably staff) to get this bug/issue resolved. Regards, Durew
  3. Hi Peter2150, MBAM2 is not fool proof. see this test report: https://www.mrg-effitas.com/wp-content/uploads/2016/11/MRG-Effitas-360-Assessment-Q3-2016.pdf As such, most people prefer to have mutliple layers so the failure of one does not mean getting infected. MBAM3 provides (some of) these layers. I hope this clearifies. Regards, Durew
  4. Hi mbam4ever, Though I agree that EMET is older and thus more time tested i'm not really sure wether it stood the test of time that well. A simple search for "EMET 5.5 bypass" should clarify what I mean. But this is personal preference and in the end everyone one has his/her own preference. Finding test for anti-exploit systems is not easy so we just have to deduce what is best from what we know and hope we are right. Good luck with playing with MalwareBytes anti-exploit settings! Could you post you findings so that others may benefit from them? Regards, Durew
  5. Hi mbam4ever, Glad to know you already knew that. Again, see this forumthread. It has screenshots in the first post showing with what setting EMET and 3.0EP run together. Set those settings to EMET and they should run together without conflicts. Experiences form other uses can also befound in this thread, it should provide you with all the information you need. Malwarebytes anti-exploit was later implemented in MalwareBytes and forms the current 3.0EP. As I still use both EMET and 3.0EP together I'm quite sure the info is still relevant. 3.0EP has some more setting than on and off but nowhere near EMET levels. As far as I know nobody has messed with the settings of 3.0EP to get it working with EMET. I hope this helps. If you have any questions, please ask. Regards, Durew
  6. Hi mbam4ever, Wether it is the best can be debated but, with the correct settings in EMET, 3.0EP and EMET can run together. ). You just need to know what protection features for what process needs to be disabled. A long time ago a few forum members figured it out in this topic. If you have to choose between the two I'd go for 3.0EP as it offers a more layered approach then EMET. In the past we had a discussion about this here. Just for the record: neither EMET nor 3.0EP use signatures. I hope this helps. If you have any questions, please ask. Regards, Durew
  7. Hi Saurabhdua, Out of curiosity, as the behavior you proposed is what I would expect from the free version, (I use the premium version) is there a chance that when you upgraded to 3.0 that it started a new trial version? If so, you suggestion should be implemented in a couple of days (as the trail expires). I hope this helps. If you have any questions, please ask. Regards, Durew
  8. Hi unknownguy, Yes there is. In the setting under the first tab "application" (I believe) there is a toggle you can use for turning off the notifications. This should stop the pop-ups. In the user manual (https://www.malwarebytes.com/support/guides/mbam/) you can look up how to disable notifications as well. I hope this helps and if you have any questions, please ask. Regards, Durew
  9. Hi Klauwkikker, To be brief: no. On my computer Malwarebytes displays the version number correctly and show a higher version number in the "info"-tab, Could you try the following?. 1. go to "instellingen" and choose the tab "Toepassing" 2. Click on "Toepassingsupdate installeren" With a bit of luck malwarebytes will now update itself to the latest version. Could you let me know if it worked? I hope this helps and if you have any questions, please ask. Regards, Durew
  10. Hi stealthsub2, (Home user here, not staff) As far as I know the Anti-exploit features of Kaspersky and Malwarebytes are clashing. disabling one of the two fixes it. As you described. I think pauzing KIS doesn't turn off it's anti-exploit feature (this feature generally doesn't give false positives and hardly uses any resources). At https://support.kaspersky.com/12729#block2 is described how to turn off the Anti-exploit feature of KIS, this would be preferable to completely disabling KIS. This you can use to test if it is the anti-exploit feature of KIS that clashes with MalwareBytes anti-exploit as I expect. I do not know which product provides the best exploit protection. Since MBAM seems to offer finer control I would experiment with how many options can be left active without causing the protected software to crash. If you don't feel like doing this I would advise to just pick one and turn the other one off. As for your final question: whose fix it is. I personally, and I do not represent Malwarebytes (nor Kaspersky), feel like it is Malwarebytes fix as they claim their software runs with the major anti-virus products and Kaspersky doesn't exert any claim like that. That said, the little experience I have with Kaspersky is that it doesn't work well with other security related software as well (so I kicked Kaspersky out), then again, Kaspersky never said it would. So the solution may lay at Kasperskys end. I hope this helps. Regards, Durew
  11. Hi rcw1962, As far as I know windows defender is free, so I have some difficulty underdstanding the 'on offer' of your post. Since MBAM should work well with windows defender and windows defender is freeware, I see no reason (except reducing system load) to uninstall either. That said, according to what I read you should be fine without windows defender as well. In short, you don't need it, but I see no reason to remove it either. If you have any questions, please feel free to ask. Regards, Durew
  12. Hi inkoalawetrust, On my PC MBAM is using even more recources (CPU, RAM) than on your machine. Yet I don't experience any slowdown. (Considering the recources looked at in this topic I'm not that surprised.) My best guess would that Kingsoft and MBAM are clashing. For example Kingsoft and MBAM could be checking each other the entire time, racking up the queue for the HDD/SSD. I don't know what files need to be excluded/whitelisted at both MBAM and Kingsoft to get them to play nice but you start experimenting with that and see if it helps. On my computer Emisoft is told not to monitor any executable in the mbam progam folder and the mbam.sys driver (C:\windows\system23/drivers/mbam.sys) and MBAM told to ignore just 'n about every executable belonging to EAM. Could you fiddle with that and see if it solves your system slowdown? In addition, could you take a look at what programs are trying to acces the hard drive and/or SSD? Maybe (another) program is adding to the queue when it shouldn't. I don't consider myself an expert but this the best advice I can offer at this time. If you have any questions, feel free to ask. Regards, Durew
  13. Hi Xauma95, If you can open iptest.malwarebytes.org/ than your webshield is not working. As for your other questions/problems: I don't know how to solve those. Regards, Durew
  14. Dear DanZ, Could you update MBAM and check whether it is still blocked? I have no problem visisting the site Edit: the website blocker of MBAM was failing on my machine, the website is now blocked for me as well. Regards, Durew
  15. Hi robvr, I think you'll have better luck on bleeping computers finding feedback as this forum is aimed at malwarebytes software and not competing software (malwarebytes anti-ransomeware is already in beta). I'll leave this up to the moderators. Though I like the general idea, I cannot make an assesment of the validity of the 'solution' as I fail to find any further elaboration than using 'not-heuristics' and a simple 'look it works' video. In addition I have little clue as to what features are planned for the future. As such I cannot make an accurate judgement of it's functioning and potential. If you are afraid your idea might get stolen, look into patenting options. I would advise you to run a spellcheck over your kickstarter. Regards, Durew
  16. Dear Austin, If you click on a log, a window opens that offers the option to export the log, choose to export it as a .txt file and you should be able to upload it. (Considering your education my guess is that this brief explanation should help, if you still have any questions, please let me know.) I'm not capable of giving an in-depth explanation. I'll leave that to the more knowledgeable people here. If you need more help uploading the logs, please let me know. Regards, Durew
  17. Hi JenniferMartin, As this is the malwarebytes forum we try not to express a preference for an anti-virus-softwarepackage. Thus I recommend that you eiter look at sites like av-test.org and av-comperatives.org or ask help on another forum where no official stance towards antivirussoftware exists, like bleepingcomputers and wildersecurity (or both). Of course we recommend using malwarebytes anti-malware and malwarebytes anti-exploit with whatever anti-virussoftware you choose. I hope this helps, if you have any questions, feel free to ask Regards, Durew
  18. Hi Trunge, I must say that I have never seen MBAM flag a cookie, neither as malware nor as non-malware. I did get some PUP/PUA flags, are those the ones you are reffering to? If so, in the settings you can change how PUPs and PUMs are treated (Ignore, alert only, treat as malware). In addition you can turn off notifications all together though that may be a bit extreme as malware will not trigger a flag either. If this did not help, could you attach a screen shot so I/we have a better understanding of what feedback you are trying to give? Regards, Durew
  19. Dear ArievW, I have experienced similar problems in the past. What worked for me was to use an account with administrator rights when installing MBAM (or adding sheduled scans). My normal approach, using a standard user account and using 'run as administrator', gives these kinds of problems. I hope this helps. If you have any questions please let me know. Regards, Durew
  20. To whom ever is concerned, For no reason in particular I decided to give the acces policies of MBAM a try. So I created a policy added a simple password and denied password-free access to just and about everything (only looking at logs and the history settings were spared). I can still change all my settings (AFAIK), except one set. I cannot edit or remove my only access policy account nor can I add one. This is how far I get when I try to edit (or remove) the access policy I created. If I press "OK" at this point the window freezes. A little while later (and after changing focus to the MBAM main screen) I get the message "Malwarebytes Anti-malware stopped working". After letting windows close the program I opened up the taskmanager. "mbam.exe" is still running according to the processes tab. The services "MBAMScheduler" and "MBAMService" seem to be running as well. Regardless, the MBAM Icon disappears from the system tray after every crash. Thus forcing me to open the MBAM GUI via the startmenu which triggers the UAC. (But this seems to be normal for opening via the start menu). Once the GUI is open the MBAM icon returns and I can open the GUI via the icon without UAC. With or without acces, MBAM continuous to pass the ip-test so I don't think the protection is down. I presume I can get rid of my access policy with a clean reinstall. So I'll try it as soon as the policy bothers me enough (or if requested for diagnostic purposed). This post is more intended so Malwarebytes can find and remove the bug. Attached are some logs that might help. If there is any information you require or have any questions, please ask. Regards and happy Easter, Durew CheckResults with icon.txt CheckResults without icon.txt
  21. I'd like to confirm dont_touch_my_buffer's finding for what firefox is concerned. Disabling these three mitigations was sufficient. (windows 7, 32-bit, EMET 5.2, firefox 37.0) For Word however I could not enable ever mitigation as the screenshot stated. I had to disable SimExecFlow to prevent word from termination by EMET. ASR I could not properly configure so that one remains untested. I'd like to add that everything running sandboxed by sandboxie is only protected by EMET and not by MBEA. (I thought that was I known issue but I don't see it listed.)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.