Jump to content

hake

Honorary Members
  • Posts

    574
  • Joined

  • Last visited

Everything posted by hake

  1. I have installed Browser Guard on Firefox and have full confidence in it because it is produced by Malwarebytes.
  2. Glad to help. It's what is called Enlightened Self Interest. MBARW 428 is performing faultlessly on my several Windows 10 21H1 systems plus an 8.1. Memory consumption is flat.
  3. I am running Windows 7 with the updated MBARW 428 and have noticed the 'double icon' in the System Tray. Initial impressions look good. I will come back this evening (UK time) after I have run some more scans. It seems to me that running intensive scans are what seem to make Malwarebytes Service grab more than its fair share of memory when version 427 of MBARW was in use. P.S. Six hours on from the remarks immediately above, I have run SuperAntiSpyware scans on two Windows 10 21H1 systems, one Windows 8.1 system and one Windows 7 system and the memory consumed by Malwarebytes Service has remained stable, typically at 16 to 18MB. I noticed some CPU activity in Malwarebytes Service while the data for the scan was downloaded and processed prior to the scans and the memory went up to c.23MB for a few seconds before returning to the 16 to 18MB range. The 'double icon' in the System Tray seems only to have happened once with Windows 7 and not at all with Windows 8.1 and 10. Other than that, I cannot see any difference between running MBARW 428 on Windows 7, 8.1 or 10 as regards the excessive memory use problem.
  4. Susan Bradly says "I often come across Windows computer systems that have been severely compromised, and more often than not the entry point for attack is through the Web browser. Sometimes I visit Settings, Apps in Windows and find unexpected programs installed. Often, these programs are malicious at worst, annoying at best. But it’s always a matter of concern that these programs are installed in the first place." https://www.askwoody.com/2021/browsing-your-way-to-more-security/ Isn't this what MalwareBytes Anti-Exploit is intended to prevent the Web Browser from doing?
  5. I am presently enjoying Windows 8.1 endlessly churning away waiting for MS updates. The point of this comment is that Windows 8.1 and 10 are both affected with this when any prolonged task is in progress. The difference is that with Windows 10, Malwarebytes Service grabs a lot more memory than it does with Windows 8.1. The AV scan is just another heavy prolonged process, judging by the process information yioelded by Task Manager. The double System Tray icons have not been seen with Windows 8.1. All my systems are bang up to date. Windows 7 is immune to this as far as I can tell and with which the memory needs of Malwarebytes Service seem to max at 30 to 40MB.
  6. I've been using the latest version of MBARW for several days. The high memory use only seems to occur with intense prolonged activity such as an AV scan. It does seem to stop increasing and then remains steady. The condition does not persist after a system restart. I use Windows 10 21H1 but also observed the problem with 20H2 early today. The reason why I was using 20H2 was because I had to revert to a backup system image. The double icon seems to appear after, say, an AV scan has been running for a while. I have not noticed the issue with previous versions of MBARW or Windows 10 but then I wasn't looking for it.
  7. I use MBARW Beta. When I run an AV scan with either Panda Dome free 20.02.01 or Avast free 21.6, the memory required by the Malwarebytes Service can exceed 750MB with Windows 10 whereas with Windows 8.1 it can reach 150MB but with Windows 7 the memory occupancy is very modest at approx. 20MB. The systems are all 64 bit and operate with mandatory ASLR. I have noticed with Windows 10 that TWO MBARW icons appear in the system notification tray during the AV scans. I mention AV scans but the same issues seem to coincide during Patch Tuesday updates. What mainly catches my attention is the differences between the various versions of Windows, i.e. 7, 8.1 and 10.
  8. Thanks Pedro. That is just what I wanted to read. Does the presence of a custom email shield, e.g. for Thunderbird, override the new shield for email clients? I have left the Thunderbird custom shield in place until I am certain of Thunderbird's status in MBAE since I cannot find a list of email clients catered for by MBAE 1.13.1.400.
  9. Does MBAE implicitly recognise such applications as Thunderbird as email clients? I classify Thunderbird as 'Browser' in its user defined shield and so assume that scripts are already monitored. Is scripting abuse different in email clients compared with web browsers?
  10. The vulnerable driver file seems to be absent for my venerable HP LaserJet 1100, there being no file named SSPORT.SYS in C:\Windows\System32\drivers\ The HP support stuff is completely incomprehensible to both of my brain cells
  11. Borncity on the issue of Serious Vulnerability in Printer Drivers from HP, Xerox and Samsung This recently discovered problem actually goes all the way back to 2005. I doubt that fixes will be forthcoming. The thought occurs to me that MalwareBytes Anti-Exploit might be a means of applying such exploit protection to printer drivers in addtion to the existing protections already enjoyed by its users. Would this be possible?
  12. These files in the Windows \ Temp folder invariably contain the folowing entry:- : Set service name to MB3Service The service name is MB3Service
  13. Evolution has left my XP system behind. This doesn't worry me because it is most definitely not used to sensitive purposes. I have used it like I would drive a classic car since April 2014 and since when I have received MS security updates (POSReady and WEPOS) until August 2018 when Microsoft seemingly dropped pre-SSE2 processor support. POSReady and WEPOS updates never caused any problems. Since my first use of Windows in 1992, I have yet to experience the effects of malware on any of my Windows installations (all internet exposed since 1995) including XP.
  14. Same outcome with MBAE 1.13.1.387 setup as with MBAE 1.13.1.384 setup.
  15. I have found that the first link given to me for the download of the MBAE 1.13.1.384 now tells me that it no longer works. Pedro asked me to try this version of MBAE with XP. I am unable to do this.
  16. I don't know how I managed to download the MBAE 1.13.1.384 setup file first time. I cannot logon to either the Malwarebytes person account or the box.com account. I guess that my Malwarebytes forum credentials are different. I do not have a box.com account.
  17. Hi Pedro. I attempted installation of MBAE 1.13.1.384 but the installer now does a check on the host OS and Windows XP failed it.
  18. I have discovered that MBAE 1.13 causes Windows XP SP3 to hang randomly, very occasionally but without warning. There is no obvious pattern with this behaviour. I regularly use MS Word 2003 on XP but rarely use Excel 2003 so when I recently did need to use it I found that it would immediately crash (as also did MS Publisher 2000). Word 2003 always runs without problems. After some floundering around, I ended up substituting MBAE 1.12.1.90 for the lastest MBAE version and those MS applications then ran properly and XP also stopped hanging. I only mention this as feedback on very good software whose latest incarnations have obviously moved beyond being suitable for use on a very old OS., i.e. Windows XP. I guess that this also applies to equally ancient applications.
  19. Thanks jboursier. The mandatory ASLR issue with AdwCleaner and Windows 8.1/Windows 10 has been resolved and now works fine.
  20. I wondered why this is. A signature for an executable file is some assurance of authenticity. I started this thread because I needed to add an exclusion to OSArmor to allow MBAE to update automatically so that I can prevent unwanted unsigned processes running in Windows temp folder. Not being as bright as I would like to think I am, this took a bit of time to get right but MBAE can at last happily update without OSArmor stopping the process. The OSArmor exclusion rule for MBAE update reads as follows:- [%PROCESS%: C:\Windows\Temp\is-*.tmp\mbae-setup-*.tmp] [%PARENTPROCESS%: C:\Windows\Temp\mbae-setup-*.exe] [%PARENTSIGNER%: Malwarebytes Inc] MBARW seems to be exempt from this fun, both at installation and at update.
  21. The ASLR problem introduced with AdwCleaner 8 was fixed with version 8.0.9.1 but the advent of version 8.1 has revived it.
  22. I originally posted this in the AdwCleaner 8.1 - Beta thread on Wednesday at 07:41am. I apologise for not reporting this earlier. I suspect that mandatory ASLR is to blame for "NTLayer DLL has stopped working". Running under Windows 8.1 at least produces an error message box as just below. AdwCleaner 8.1 runs under Windows 7 with mandatory ASLR without issues. Running AdwCleaber 8.1 under Windows 10 with mandatory ASLR results in no visible effects, not even a UAC. I tried exempting the executable in PC settings->Update & Security->Windows Security->App & browser control but apart from seeing a UAC nothing else happens. I guess that the beta tests were carried out on Windows 10 and Windows 8.1 systems with default ASLR settings. I like to harden mine by making ASLR mandatory and ensuring that bottom-up ASLR is in use for maximum randomisation.
  23. I apologise for not reporting this earlier. I suspect that mandatory ASLR is to blame for "NTLayer DLL has stopped working". Running under Windows 8.1 at least produces an error message box as just below. AdwCleaner 8.1 runs under Windows 7 with mandatory ASLR without issues. Running AdwCleaber 8.1 under Windows 10 with mandatory ASLR results in no visible effects, not even a UAC. I tried exempting the executable in PC settings->Update & Security->Windows Security->App & browser control but apart from seeing a UAC nothing else happens. I guess that the beta tests were carried out on Windows 10 and Windows 8.1 systems with default ASLR settings. I like to harden mine by making ASLR mandatory and ensuring that bottom-up ASLR is in use for maximum randomisation.
  24. AdwCleaner 8.0.9.1 now runs with mandatory ASLR enabled on Windows 8.1 and Windows 10. Thank you for all the hard work done to fix this propblem.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.