lmacri

Members
  • Content count

    98
  • Joined

  • Last visited

About lmacri

  • Rank
    Regular Member
  • Birthday

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Canada

Recent Profile Visitors

4,152 profile views
  1. Does Malwarebytes currently have a removal tool that will wipe any orphaned files and/or registry entries left behind if Malwarebytes 3.0.6.1469 is uninstalled from the Control Panel? Aura posted on 27-Jan-2017 in the thread 3.0.6.1469 will NOT upgrade over 3.0.6.1458 that "mbam-clean.exe is for Malwarebytes 2.x installs and hasn't been updated for Malwarebytes 3.0 yet". If that statement is correct, I hope Malwarebytes will at least ensure that a removal tool for Malwarebytes 3.x is available before upgrades start rolling out to existing MBAM v2.2.1 users who have Settings | Update Settings | Check for program updates when checking for database updates enabled. ------------- 32-bit Vista Home Premium SP2 * Firefox v51.0.1 * NIS v22.8.1.14 * MBAM Premium v2.2.1.1043
  2. Hi PCAmy: I also found a support article for SEP/SBE titled Client will not install with Malwarebytes Anti-Malware installed (dated 27-Oct-2016) that states "Malwarebytes will need to be removed to successfully install SEP SBE Cloud". ------------- 32-bit Vista Home Premium SP2 * Firefox v50.0 * NIS v.22.8.1.14 * MBAM Premium 2.2.1.1043
  3. Sorry, I can't seem to edit my previous post. I meant to say that the current version of NIS for home users is v22.8.1.14, per the 10-Nov-2016 product update announcement Norton 22.8.1 Product Update available now. ------------- 32-bit Vista Home Premium SP2 * Firefox v50.0 * NIS v.22.8.1.14 * MBAM Premium 2.2.1.1043
  4. Hi PCAmy: Just a heads up that the cloud-managed version of Symantec Endpoint Protection Small Business Edition (SEP/SBE) started using NIS v22.x as the base product on the client computers in January 2016. See the post Symantec Endpoint Protection Small Business Edition Adds Consumer Features That Don’t Serve the Needs of Small Businesses in the Symantec Connect forum. The current version of NIS for home users is v21.8.1.14 (released 10-Nov-2016) but I'm not sure if that update has been rolled out to SEP/SBE users yet or if SEP/SBE users are just receiving the v22.8.0.50 update now. There was a known issue where Norton home users trying to install Norton v22.8.0.50 (or running Norton's AutoFix after v22.8.0.50 was installed) would see a so-called "soft-block" warning users to uninstall MBAM and/or Hitman Pro if either product was installed on the user's system - see Krusty13's image in the thread Norton Security 22.8.0.50 SDS definition error in the Norton forum. A hotfix to remove this soft-block was delivered to Norton v22.8.0.50 home users via LiveUpdate on 03-Oct-2016 - see Symantec employee Gayathri_R's post in that same thread <here>. The product update announcement for the latest NIS v22.8.1.14 (released 17-Nov-2016) at Norton 22.8.1 Product Update available now also notes that the latest NIS v22.8.1.14 for home users now includes a fix that "Removed Soft-block on Malwarebytes & Hitman Pro". Home users were able to simply ignore the MBAM soft-block by closing the pop-up warning and continuing with the installation of NIS v22.8.0.50, but it's possible that Symantec has decided to enforce the removal of MBAM for their small business clients and is refusing to release the 03-Oct-2016 hotfix to SEP/SBE customers. ------------- 32-bit Vista Home Premium SP2 * Firefox v50.0 * NIS v.22.8.1.14 * MBAM Premium 2.2.1.1043
  5. Hi georgi: I believe the answer provided by DaveH in your thread malwarebytes download virus ? from official web site ??? in the Norton forum is correct. Your downloaded installer ends with the extension .partial, which means that the installer was likely corrupted because the download was aborted before the complete installer was saved to your hard drive. If Norton's Download Insight feature checks the SHA-256 hash (digital signature) of the .partial (incomplete) installer and finds that it doesn't match the expected SHA-256 hash of the "normal" installer, it will flag the file as suspicious and remove it. Do as DaveH suggested and try to download another copy of the installer from http://downloads.malwarebytes.org/file/mbam/ . If that installer runs successfully you can change your language to Italian at Settings | General Settings as shown in the support article How do I change the language in Malwarebytes Anti-Malware?. ------------- 32-bit Vista Home Premium SP2 * Firefox v50.0 * NIS v22.8.1.14 * MBAM Premium v2.2.1.1043
  6. Hi miekiemoes: I did as you suggested and ran a Custom full system scan today (malware database v2016.10.14.04) after restoring the registry entry, and you were correct - the scan was clean with no detections. Problem solved, and thank you for your assistance. MBAM Scan Log No Detections 14 Oct 2016.txt
  7. A MBAM v2.2.1 Threat Scan of 25-Sep-2016 (malware database: v2016.09.25.06) quarantined the following registry entry as Trojan.StartPage.E on my 32-bit Vista computer (see attached scan log): Registry Keys: 1 Trojan.StartPage.E, HKU\S-1-5-21-3086198521-800258848-3831315664-1001_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}, Quarantined, [9dbd96e06832d75fc6809466986c1fe1], I noticed that didero's 27-Sep-2016 thread Trojan.Startpage.E in this board reported a similar detection for a registry entry for ....\WOW6432NODE\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} on their Win 10 computer that was confirmed as a false positive. A Google search indicates this CLSID might be associated with the Internet Explorer browser, so I'm not sure if my Trojan.StartPage.E detection is also false positive or a real detection for a browser hijacker. Mozilla Firefox v49.0.1 is my default browser. ------------- 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * IE9 * NIS v22.8.0.50 * MBAM Premium v2.2.1.1043 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS MBAM Scan Log Trojan_StartPage_E 25 Sep 2016.txt
  8. Hi dougbthom: From Symantec employee Gayathri_R's 03-Oct-2016 post in FattiesGoneWild's thread Norton Security 22.8.0.50 SDS definition error: "...Our engineering team has reviewed the need to alert customers about Malwarebytes and HitmanPro.Alert upon install, and after inspecting the latest versions, we have removed these blocking alerts in the latest patch." I tried Norton's AutoFix (Help | Get Support) after Norton's LiveUpdate ran this morning and confirmed that the warning to uninstall MBAM has been removed. ----------- 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  9. Hi dougbthom: For future reference, if you want to test for a conflict between Norton and MBAM you can go to Settings | Advanced Settings in MBAM Premium and disable Start Malwarebytes Anti-Malware with Windows and re-boot. This will prevent MBAM Premium's real-time protection from starting at boot-up and essentially turns MBAM Premium into an on-demand scanner like the free version of MBAM that you can still launch anytime you wish to run manual scans. If you find that Norton runs better with MBAM's real-time protection completely disabled you can selectively disable Malware Protection or Malicious Website Protection as shown below to see which real-time module is causing problems with Norton. ------------ 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  10. Hi dougbthom: Other Norton users have noticed the same issue since Symantec started rolling out the v22.8.0.50 product update on 26-Sep-2016. Norton v22.8 users are even being prompted to uninstall the free version of MBAM - see FattiesGoneWild's thread Norton Security 22.8.0.50 SDS definition error in the Norton forum. Here's what I see when I run Norton's AutoFix (Help | Get Support), and Krusty13 reported in that thread that he is also being prompted to uninstall HitmanPro.Alert 3: Note that Norton users saw similar warnings in 2013 - see the old thread thread Warning NIS 20.3.0.36 NOT compatible with Malwarebytes. That time it took over 9 pages (and 480 posts) of user comments before Symantec finally relented and removed this warning per Symantec employee Tony Weiss' 10-Jun-2013 post <here>. I'm currently monitoring FattiesGoneWild's thread and hope it doesn't take Symantec four months to respond to user complaints this time. ------------ 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  11. Since this thread hasn't been locked yet, I'll just post another status update for Vista users. I was recently required to upgrade from NIS v21.7.0.11 to the latest NIS v22.7.0.76 to patch the vulnerabilities listed in Symantec's security advisory SYM16-010, and the Norton upgrade didn't solve my conflict with MBAM Premium's Malicious Web Protection (MWP). MBAM's MWP still prevents my NIS v22.7.0.76 background Automatic LiveUpdates from running to completion during system idles on my 32-bit Vista machine. This was a clean install of NIS v22.7.0.76. I uninstalled v21.7.0.11 from the Control Panel (selecting "Please remove all user data"), ran the Norton Removal Tool, installed v22.7.0.76 using the latest NIS offline installer from www.norton.com/latestnis, and ran multiple LiveUpdates to ensure v22.7.0.76 was fully patched. Adding mutual scan exclusions for NIS and MBAM executables as instructed <here> made no difference, so I've had to permanently disable MWP again. It's fine if forum mods want to lock this thread. The MBAM Help Desk already looked at my diagnostic logs and trace routes and concluded that a bug fix would be a low priority since this type of problem only occurs for a small number of users. ------------- 32-bit Vista Home Premium SP2 * Firefox v47.0.1 * NIS v.22.7.0.76 * MBAM Premium 2.2.1.1043 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  12. Further to my previous post, I've decided to re-enable the Allow pages to choose their own fonts, instead of my selection above in my Firefox settings because Firefox's default Times New Roman font looks terrible on many other websites I visit that use a Serif font. The text at https://blog.malwarebytes.com/ is back to the washed-out font shown in Corrine's post # 15 but that's better than having several other websites defaulting to the wrong font.
  13. Hi Corrine: Thanks for raising this issue. I also use Firefox as my default browser and could barely read the text at https://blog.malwarebytes.com/. I disabled the setting at Tools | Options | Content | Fonts & Colors | Advanced | Allow pages to choose their own fonts, instead of my selection above and the text is much easier to read now.
  14. I was also told that free utilities like BlueScreenView and WhoCrashed don't have the ability to interpret all the symbols in crash dumps that allow you to look at functions further down the crash stack. The Windows debugging tool WinDbg can be configured to access the Microsoft symbol server (see the MS article Debugging with Symbols) and it looks like WhoCrashed Professional has at least some ability to perform kernel stack traces with symbol resolution that the free version doesn't have. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.2 * NIS v.21.7.0.11 * MBAM Premium 2.2.1
  15. Hi Kaiwen et al: Just a bit more info to clarify my last post <here> about BSODs reported in the Norton forum by users with Gigabyte motherboards. BSODs would only occur when the Norton AV was running a scan or performing a background idletime task. BSODs stopped when Norton was removed from their system. In most cases BlueScreenView or WhoCrashed would show a crash caused by Microsoft files ntoskrnl.exe (Windows NT Operating System Kernel) or hal.dll (Hardware Abstraction Layer), and not a Norton driver. Utilities like BlueScreenView and WhoCrashed are usefull tools but will only show the last driver loaded into memory before the crash. BlueScreenView would show that the Gigabyte driver gdrv.sys used by multiple Gigabyte utilities such as Fast Boot, EasyTune, Smart Backup, etc. was loaded into memory at the time of the crashes but did not indicate that any Gigabyte driver was involved in the crash. It required a full analysis of the crash dumps with the Windows Debugger Tool WinDbg to show that crashes were in fact caused by the EasyTuneEngine driver, and once the EasyTune utility was uninstalled and Norton was reinstalled the crashes stopped. The output from one of these WinDbg analyses is shown <here>. There are several BitDefender users posting WhoCrashed output in the BSOD, Crashes, Kernel Debugging board that show that mwac.sys (Malwarebytes Web Access Control) was the last driver to load before a BAD_POOL_CALLER BSODs. It certainly points to a mwac.sys conflict with BitDefender as the probable cause of the crashes but a proper analysis of your diagnostic logs and dump files might be required to isolate the exact cause of your crashes. Hopefully Maurice Naggar's above suggestion to create mutual file exclusions in BitDefender and MBAM will provide an easy workaround. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.2 * NIS v.21.7.0.11 * MBAM Premium 2.2.1