smipx013

Members
  • Content count

    50
  • Joined

  • Last visited

About smipx013

  • Rank
    Regular Member
  1. Until someone from Malwarebytes Admins confirms they are all false positives then its best not to assume......... Even though its pretty likely :-)
  2. same for me. Chrome outbound and also svchost outbound to same address and various ports. Is this s bug in the runes or what?? or...... is there some kind of massive zero day attack going on / botnet etc???? Cheers, Paul
  3. RAM usage for mbamservice.exe seems high

    OK that's fair enough - I hadn't fully appreciated that. I guess then that a reboot daily would be a good idea for folk constrained by RAM. I just need to test now to see if a full "restart" brings it back down or if a "shutdown" is sufficient (a.k.a. fast startup / hybrid shutdown). Thanks John. Paul
  4. RAM usage for mbamservice.exe seems high

    OK thanks AdvancedSetup. I still don't really understand why mine is taking (now) 375Mb while some folk only see around the 190Mb mark. It has steadily crept up from 317Mb over the past 24 hours. Its not running a scan. Could it be due to the database not being defragmented or deduplicated when it updates? Thanks Paul
  5. Oh - OK. That's going to cause some issues with my customers for the following reasons: 1. Cost of having to purchase, install and maintain 3 separate tools. Many of these users are pretty clueless when it comes to malware and the cost of at least £50 per year on top of an antivirus will be hard for them to swallow. 2. The specification of computer needs to be quite high to run AV + MBAM + MBAE so good pretection will rely on mid to top end equipment. Many customers have machines that are already "average" in terms of performance. In many cases I already have them take off Trusteer Rapport due to the massive perfomance impact it has on machines for little or no extra protection (so long as they have a good AV and MBAM) I appreciate that for most people on here it will not be an issue but if you look at the population as a whole it really will be. cheers, Paul
  6. Not to labour a point to death but here is another example of a potentially misleading article from the marketeers. It suggests that MBAE protects against a certain threat - I am sure it does and have no gripe with that. It makes no mention of MBAM and therefore one might rightfully conclude that MBAM will not protect you from this threat. A previous comment in this thread told me that if Malwarebytes "knows about it" then both MBAM and MBAE will protect me against a threat. If that is the case then why doesn't the article mention that MBAM and MBAE BOTH protect against the threat?? Article: https://blog.malwarebytes.org/threat-analysis/exploits-threat-analysis/2016/04/malvertising-on-the-pirate-bay-drops-ransomware/
  7. RAM usage for mbamservice.exe seems high

    So there reamins one question that I have never gotten an answer to quote: What I'm really keen to know is what has a direct effect on the amount of memory Mbamservice uses. Why are some machines only 190Mb while others are 400Mb? Its not a criticism I'm just interested to know. Is this something that a Malwarebytes employee is able to share? thanks Paul
  8. RAM usage for mbamservice.exe seems high

    true... but as I mostly use it to troubleshoot processes I prefer to have the admin features from the get go. :-)
  9. RAM usage for mbamservice.exe seems high

    Thanks everyone and thanks AdvancedSetup for the comprehensive overview. What I'm really keen to know is what has a direct effect on the amount of memory Mbamservice uses. Why are some machines only 190Mb while others are 400Mb? Its not a criticism I'm jst interested to know. With regard to my own machine - I guess its a case of "just like Gardeners - who's own gardens look a right mess but the one's they do for money look lovely :-) "You are right that a lot of the tools are throwbacks to older times and also back when I was tweaking and installing (jellybean / EPM / AccessGain). already removed: AccessGainDriver EPM Jellybean The BITS error seemed to be a one off. Not seen it again. The "Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll" seems to be rather common on the forums with no real fix. Ran and SFC and a DISM and no issues found so will monitor this. The 7031 and 7023 errors seem to appear on a good proportion of computers I see through the door. I suspect this is a bug in the Microsoft code and am ever hopeful that they will fix it. I suspect it is to do with permissions on accounts when they are switched from Local to MS accounts and then switched back to local. the other programs like PSP9, HDTach and Diskmon I do need and plan to keep running in compat. mode as they are useful, I use them a lot and work just fine (they simply need to be run as administrator to work with the access rights I want them to have). I thought if you replace the standard task manager with ProcessHacker it needed to be run in admin mode so you don't get a prompt every time you want to look at "all processes" and process threads/tokens but I may well be wrong on that. thanks Paul
  10. RAM usage for mbamservice.exe seems high

    Hi, MBAM clean removal and reinstall now down (properly this time) so its all fresh and the exclusions for Avast re-added. The RAM is hovering around the 313Mb mark. The only other thing I have done is move over from FF to Chrome as my daily browser. I wonder if FF could have been having an impact (more so than Chrome). New MBAM log attached.. thanks Paul CheckResults.txt
  11. RAM usage for mbamservice.exe seems high

    Hi, thanks for that. I don't think I have a malware infection - I clean other peoples machines of malware as part of my job (as well as troubleshoot windows installation and repair hardware)., (I thought) I did an mbam-clean on March 23rd this year but I will do one more today for sure. The malware remnants may have been picked up from a few hard drives I plugged into my righ (in order to back them up) prior to a full clean of their computer with the hard drives in situ on their computers. I also had hiren tools and Falcon4 UBCD tools locally as well as a few remote SSH and telnet tools. I know some of them can produce false positives (like key finders etc.). 99% sure my rig is clean though but if not then I am here to learn what I missed so I can add it to my own knowlegebase, There may well be some more obscure tools on the machine that are causing an incomparability though for sure. Things like Winpcap10 and process hacker, some obscure data recovery tools etc. There are a couple of quarantined opencandy's and passsword revealers from when I was installing some video editing tools and from the copy of Hirens tools I copied en-masse from a the Hiren boot CD but I have since cleaned everything up fully using MBAM, HRT, ADW, RogueKiller, TDSS Killer and a couple of online scanners (Trend Housecall and ESET if I recall). Please note: I do not use this machine or my licensed copy of Malwarebytes to clean other poeples hard drives. I just want that to be ultra clear - If I did I realise I would be looking at a technicians licence :-) cheers, Paul
  12. RAM usage for mbamservice.exe seems high

    :-) no rush at all - its not as though my machine is broken - low priority for this one.
  13. RAM usage for mbamservice.exe seems high

    Hi, Results from testing removing all of the mutual exclusions. I rebooted after taking them all back out and the memory used is still ~305Mb (exactly 309Mb in fact) so I think that might be a red herring. I will put them all back in though as it will ensure no interference going forwards. Thanks Paul
  14. RAM usage for mbamservice.exe seems high

    Hi, Thanks both for the replies. Just to be clear - I should have said "leave it for 24 hours to let Avast and MBAM so several updates etc." My update schedule is hourly. I didn't have the following in my exclusions so have amended them...... C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamdor.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe Im going to do a reboot now to see what the stats look like. I will then remove all of the exclusions, reboot and see if it makes any difference and report back. In the meantime, attached are my logs: CheckResults.txt FRST.txt Addition.txt
  15. RAM usage for mbamservice.exe seems high

    Sleep/resume made no difference. Still at 305Mb. I will report back in 24 hours when MBAM does an automatic update and avast has the chance to do a few updates too.