Jump to content

lmacri

Members
  • Content Count

    255
  • Joined

  • Last visited

About lmacri

  • Rank
    True Member

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Canada

Recent Profile Visitors

6,197 profile views
  1. Hi Davidtoo: The Malwarebytes support article Kaspersky's Rootkit Scan and Malwarebytes for Windows Web Protection Issue that exile360 references states in part: I assume the workaround posted in that support article will stop your "Suspicious action was blocked" messages for MBAMService.exe , but at the end of the day you'll have to decide for yourself if you want to disable both Advanced Disinfection Technology and rootkit scanning in Kaspersky in order to have a working Web Protection module in Malwarebytes. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  2. Hi Davidtoo: Further to exile360's comment, if disabling Kaspersky Safe Money solves the problem, one other test you can try is to leave Kaspersky Safe Money enabled but disable the Web Protection module in Malwarebytes Premium. I've seen Malwarebytes Web Protection cause similar conflicts and server connection problems with my Norton security software - see my thread MB v3.2.2 Web Protection Still Blocks Norton Automatic LiveUpdates. I have a lifetime (perpetual) license for Malwarebytes Premium but I've deactivated my MB Premium license and am currently using Malwarebytes Free as an on-demand manual scanner because of these conflicts. One other possibility is a conflict with Kaspersky's Advanced Disinfection Technology. You might want to look at Malwarebytes employee dcollins' post # 16 in danielfcoelho's September 2018 thread MBAM Issues with Kaspersky. This Kaspersky user was seeing similar blocks for MBAMService.exe (according to Google Translate, the translation for the Portuguese phrase "a ativadade suspeita foi bloqueda / ler memoria de outros processos" is "Suspicious activity was blocked / Read memory from other processes") and dcollins stated: ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  3. Hi Davidtoo: I don't use Kaspersky, but can you view the details of those logged "Suspicious action was blocked" events to see if your Malwarebytes Service (MBAMService.exe) was trying to access your firewall? The exclusions listed in the Malwarebytes support article Malwarebytes for Windows Antivirus Exclusions List notes that MBAMService.exe must be able to contact the domains keystone.mwbsys.com and sirius.mwbsys.com, and I'm wondering if Kaspersky's firewall (or perhaps some sort of built-in web browsing protection) is blocking MBAMService.exe when it tries to access Malwarebytes' backend servers to perform background checks for product updates, etc. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  4. Kudos to AdvancedSetup for pointing out the Preview button on the editor toolbar (don't know why I didn't notice that before!!) but I have to agree that it's very frustrating that "regular" users can't edit their posts in this forum. If users who have safely posted a certain number of posts (e.g., after their first 50 or 100 posts without being reported to Forum Mods) and have had an active account for over one year were given edit privileges, would spammers still try to circumvent that scenario? I suppose there are a few fake tech support companies and other spammers who might create a new account and then leave it dormant for over a year, but on balance I can't imagine there are many spammers who would bother to do this.
  5. Hi exile360: I'm still confused. The Malwarebytes support article Malwarebytes for Windows Antivirus Exclusions List (last updated 14-Feb-2019) you referenced above states that the correct path to the .sys drivers is C:\Windows\Sysnative\drivers\ for 64-bit Windows and C:\Windows\System32\drivers\ for 32-bit Windows. However, the exclusion list in post # 7 (subtitled "Malwarebytes 3.0 Files To Be Added to AV Exclusions List") of the FAQ Malwarebytes 3 - Frequently Asked Questions pinned at the top of this board doesn't make any reference to the path C:\Windows\Sysnative\drivers\ for 64-bit Windows. Is the information in the FAQ pinned at the top of this board (last updated 28-Jul-2017) out-of-date, and if so could you please raise this discrepancy with your contacts at Malwarebytes? I've always directed users to the exclusion list in the FAQ and told them to use C:\Windows\System32\drivers\ as the path to the .sys drivers, regardless of whether they have a 32-bit or 64-bit OS. If that's wrong then I imagine there are many users with 64-bit Windows who are not using the correct path to the .sys drivers in their exclusion list. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  6. Hi AlexSmith: I see an error code 2S328/1 when I try to download the mbst-grab-results.zip file (posted 11-May-2018) I attached in post # 19 of my thread MB v3.2.2 - SystemTray Icon Missing After mbamtray.exe APPCRASH. Sorry, but I couldn't find any newer examples of a mbst-grab-results.zip I posted in one of my own threads in the Malwarebytes 3 Support Forum board where I was the thread's original poster (OP). I had to deactivate my MB Premium v3.5.1 license several months ago because of ongoing conflicts between the MB Web Protection / Self-Protection modules and my Norton real-time protection, and MB v3.5.1 is now in "maintenance mode" for Win XP and Vista (i.e., no further bug fixes for Component Package v1.0.365 are expected), so I rarely request assistance in this forum any more. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  7. Hi AlexSmith: Is this a new policy? I've never had problems downloading .ZIP files from the Malwarebytes 3 Support Forum board until recently, and as I mentioned in post # 3, I can no longer download my own mbst-grab-results.zip files I've attached in older threads where I'm the original poster. Thanks for posting a alternate link to the Malwarebytes_2.1.8_SSE2_Hotfix.zip file, but I don't need that file. I only mentioned this example in 3deal's thread Malwarebytes 3 Not Working with Win XP (No SSE2 Processor) because the Malwarebytes employess and Trusted Advisors posting in that thread had no idea why "standard" user 3deal was getting an error message when they tried to download that .ZIP file. I'm not overly concerned if my .ZIP file download errors are due to an intentional policy change, but many of your own employees don't seem aware that "standard" users can't use the links they're posting for .ZIP files. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8
  8. Just an FYI that user 3deal reported a similar error code: 2S119/1 in their thread Malwarebytes 3 Not Working with Win XP (No SSE2 Processor) when they tried to download the zipped file Malwarebytes_2.1.8_SSE2_Hotfix.zip file attached in separate replies by both Malwarebytes employee Ried and Trusted Advisor Porthos. I tried downloading the same Malwarebytes_2.1.8_SSE2_Hotfix.zip from their links and got my usual error code: 2C171/1 as shown in post # 3. Has anyone confirmed this problem is caused by a restricted user permission for "standard" users? I noticed that 3deal and I both have unsupported operating systems and/or 32-bit browsers, but I don't know why that would be relevant if I can still download .ZIP files attached to replies in this Forum Announcements & Feedback board and only see this error when downloading from the links in the Malwarebytes 3 Support Forum board. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8
  9. Just an aside that I reported a similar error when I try to download any attached .ZIP file in this Malwarebytes 3 Support Forum board - see my 09-Feb-2019 threadCan't Download .ZIP Files Attached to Replies . I'm still waiting for feedback from one of the Malwarebytes employees. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8
  10. Hi exile360: I just tested and the ZIP file I attached <here> in this thread downloads correctly, but I can consistently reproduce the problem in the Malwarebytes 3 Support Forum board. Left-clicking on attached ZIP files in that board throws an error message (see image below). I tested with mbst-grab-results.zip files I posted some of my own threads I started in the Malwarebytes 3 Support Forum board and I can't download those ZIP files either. Here's what I see, for example, when I left-click on the mbst-grab-results.zip attached in post # 3 of Amylopgamy's recent thread Malaware conflictiong with Norton and System shutdwon errors: ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8
  11. When I right-click on links for attached mbst-grab-results.zip in replies and choose "Save Link As..." I download a ~ 55 KB file named attachment.php, and not the usual 1.4 MB mbst-grab-results.zip file. I don't appear to have a problem saving attached images or .txt files. Here's a sample mbst-grab-results.zip I created this morning: mbst-grab-results.zip ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Deluxe v22.15.1.8
  12. Hi Dave-H: Just throwing out a few ideas for you to think about while you're waiting for the Malwarebytes employees to jump into this thread. If you haven't already done so, it wouldn't hurt to run the removal tools for Avast (https://www.avast.com/uninstall-utility) and Panda (https://www.pandasecurity.com/support/card?id=82011) to clean up any orphaned registry entries or files left behind after uninstalling these AVs from Control Panel | Add or Remove Programs. Remnants from previous AV installations can cause all sorts of unexpected glitches when you install a new security program and could be interfering with Malwarebytes. I just noticed in your FRST logs that you have Microsoft's EMET (Enhanced Mitigation Experience Toolkit) v4.1.1 installed and it looks like this security software running in real-time protection mode. EMET has been known to cause conflicts with the Exploit Prevention module in Norton, and I wonder if it's causing a similar problem with Anti-Exploit in Malwarebytes? Microsoft ended support for EMET v4.x on 09-Jun-2015 (I don't think EMET v5.x is compatible with Win XP) and a conflict with an unsupported version of EMET might even explain past problems with your previous Avast and Panda installation. Your FRST Additions.txt file also shows you have multiple Malwarebytes-related errors being logged in your Event log, including: Error: (12/28/2018 01:40:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application mbam.exe, version 3.0.0.1490, faulting module qt5core.dll, version 5.6.3.0, fault address 0x001a51bb. Processing media-specific event for [mbam.exe!ws!] Error: (12/29/2018 02:00:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Malwarebytes Anti-Exploit service failed to start due to the following error: A device attached to the system is not functioning. I have no formal training when it comes to interpreting these FRST logs, but the qt5core.dll v5.6.0.3 (C++ Application Development Framework) for my own MB v3.5.1-1.0.365 installation is located in C:\Program Files\Malwarebytes\Anti-Malware. Someone familiar with the inner workings of Malwarebytes would have to tell you if performing a custom install of Malwarebytes on a D:\ drive with a FAT32 file system and placing drivers like mbamchameleon.sys in D:\WIN-NT\system32\drivers\ instead of C:\Windows\system32\ could be causing issues. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  13. Hi Dave_H: You might need to collect another set of MB Support Tool logs with advanced event logging (Settings | Application | Event Log Data) temporarily enabled as exile360 suggested in post # 12. If the Norton employees can't find any obvious problems in your latest set of MB Support Tool logs, you might want to try disabling any third-party utilities that that load at boot-up (or that have modules that run in the background and monitor your system after the utility is launched) just in case they are interfering with MB Premium's real-time protection. Your FRST logs indicate that MB Premium v3.5.1-1.0.365 is the only security software running in real-time on your system, but I noticed you have many older utilities like Norton Utilities 2002 installed. Is Norton Crash Guard (C:\Utilities\Symantec\Norton CrashGuard\CGMenu.EXE) or any other utility like your Super Doctor III (C:\Utilities\Monitoring\SuperDoctor III\Xitami\xisrv32.exe) configured to load a module at boot-up? Please see jniffen's thread Mbamtray.exe Doesn't Start in Windows. This user found that they could get MB Premium to load correctly at boot-up without disabling MB Self-Protection (Settings | Protection | Startup Options | Enable Self-Protection Module | OFF) after they uninstalled the Lenovo RapidBoot software on their Thinkpad X220 running 64-bit Win 7 SP1. Anything that potentially interferes with the loading of MB services at boot-up (including the FastStartup feature in Win 8.x and Win 10) can cause this type of problem when MB Self-Protection is enabled. If you can't find a utility loading at boot-up that could be interfering with loading of MB services try changing the time that your MB real-time protection and/or Self-Protection starts and see if that helps. For example, go to Settings | Protection | Startup options and test with Delay Real Time Protection When Malwarebytes Starts turned ON (change the default 15 sec to the max 180 sec for your first test), and re-boot a few times ensure the configurations changes have taken effect. If that doesn't help, turn OFF Delay Real Time Protection When Malwarebytes Starts, then turn ON the setting for Enable Self-Protection Early Start, and re-boot a few times. I have Norton Security v22.15.1 installed on my 32-bit Vista SP2 machine for my main real-time antivirus protection, and discovered that I can't run Malwarebytes v3.5.1.-1.0.365 Premium at the same time as my Norton AV (even if I create the recommended scan exclusions in both products) unless I disable the Self-Protection module in Malwarebytes. That's not an acceptable workaround so I currently have my MB Premium license deactivated and only use MB as a free on-demand scanner. Several other users have reported similar problems with MB Premium not loading correctly at boot-up (e.g., crashes of mbamservice.exe, mbamtray.exe, etc.) unless they disable Self-Protection module because of apparent conflicts with their antivirus. See comments in MadDemon's thread Malwarebytes System Tray Icon Missing After Latest Update from post # 96 onward, as well as his newer Oct 2018 thread Malwarebytes System Tray Icon Missing confirming that MB Premium still won't load correctly at boot-up unless MB Self-Protection is disabled. Just an FYI that MadDemon has a 64-bit Win 8.1 OS (with FastStartup disabled) and the latest Norton Internet Security v22.16.x so this issue with MB's Self-Protection and Norton isn't restricted to older 32-bit OSs. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  14. Hi Frk: ...and if you still have concerns about whether Malwarebytes is blocking connections to your excluded web sites after reading exile360's comments in post # 5, please follow the instructions in post # 2 and use the Malwarebytes Support Tool to collect and attach diagnostic logs (mbst-grab-results.zip) in your next reply so the Malwarebytes staff can review details about your current system specs and Malwarebytes configuration. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
  15. Hi Frk: You might want to read through Lock's 02-Sep-2018 thread Firewall Rules. Replies by Malwarebytes employees dcollins, gonzo and AdvancedSetup from post # 33 onward should give you a good idea of Malwarebytes' official stance on this topic. Just FYI, I purchased a lifetime license for Malwarebytes Premium many years ago but I recently deactivated my Premium license and now use Malwarebytes as a free on-demand malware scanner. I made that decision primarily because of unresolved conflicts between Malwarebytes' real-time protection and my Norton Security antivirus, but recent threads about the large amounts of data being gathered by Malwarebytes for "cloud analysis" and pop-up advertising (see Meathead's Marketing Popup) have me very concerned about the direction that Malwarebytes is taking the Premium (paid) version of their product. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Norton Security Premium v22.15.1.8 * MB Free v3.5.1.2522-1.0.365
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.