lmacri

Hi dcollins: Could you please clarify your comment in post # 5 of jeffspl311's thread OpenVPN and Web Protection Not Working: If users have both settings at Settings | Application | Application Updates enabled (i.e., Automatically Download and Install Application Component Updates and Notify Me When Full Version Updates Are Available), shouldn't right-clicking the MB icon in the system tray and choosing Check for Updates (or checking for updates from the dashboard) look for available product updates (e.g., from v3.3.1 to v3.4.5)? Perhaps I misunderstood your comment in jeffspl311's thread, but it doesn't seem reasonable that I always have to monitor this MB forum for product update announcements and then click the Check for Application Updates buttons at Settings | Application | Application Updates to get available product updates. This has been going on ever since I upgraded from MBAM PRO v2.x to MB Premium v3.x in June 2017. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.8.0 * Norton Security Premium v22.14.0.54 * MB Premium v3.5.1.2522-1.0.365

Just confirming that MB Premium v3.5.1 still interferes with Norton Automatic LiveUpdates (ALUs) during system idles if MB Web Protection is enabled. With MB v3.5.1 Web Protection enabled my Norton ALUs will attempt to run to completion for long periods of time... ... and eventually fail after an hour or so: With MB v3.5.1 Web Protection disabled my Norton ALUs will finish successfully in about 1 minute. I've attached Malwarebytes Support Tool diagnostic logs that I captured this morning when Web Protection was enabled but due to ongoing conflicts with MB v3.x and Norton I've decided to deactivate my Premium license and will just use MB Free as an on-demand scanner for now. mbst-grab-results.zip ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.8.0 * Norton Security Premium v22.14.0.54 * MB Premium v3.5.1.2522-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Just an FYI that there's no change with MB Premium v3.5.1 and my intermittent mbamtray.exe APPCRASHes at boot-up. I've been using MB Free (i.e., as an on-demand scanner) since updating to v3.4.5 on 14-Apr-2018. I updated to v3.5.1 last night and re-activated my Premium license to test compatibility with my Norton AV, and mbamtray.exe crashed on my second or third system re-boot. I've attached the dump file and Event Viewer log for today's APPCRASH by mbamtray.exe as well as Malwarebytes Support Tool diagnostic logs that I captured this morning after my Premium features were enabled. mbamtray.exe.1368.dmp MB v3_5_1 mbamtray_exe APPCRASH Event ID 1000 11 May 2018.txt mbst-grab-results.zip ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.8.0 * Norton Security Premium v22.14.0.54 * MB Premium v3.5.1.2522-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Hi exile360: I raised the timing / order that processes load at boot-up on my Vista SP2 machine as a possible factor in post # 6 of my thread MB v3.2.2 - SystemTray Icon Missing After mbamtray.exe APPCRASH in Sept 2017. Two instances of the main Norton executable NSBU.exe (now named nortonsecurity.exe since Norton v22.12 was released) load at Windows startup - the first to load is owned by the SYSTEM (for real-time protection) and the second to load is owned by USER (for managing lower-priority tasks like loading of the Norton GUI). My image in post # 13 of that thread shows that mbamtray.exe always attempts to load simultaneously with this second instance of the Norton executable that is owned by the USER. I don't know if it's relevant, but file scans in Norton now execute in user mode rather than kernel mode since the redesigned SDS (Symantec Data Scanner) scan engine was introduced in v22.7 to address possible memory corruption issues discussed in the Symantec security advisory SYM16-010 - see Introducing Symantec Data Scanner (SDS) Technology. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.7.4 * NS Premium v22.14.0.54 * MB Premium v3.4.5.2467-1.0.342

The Win 8.x / Win 10 Fast Startup feature can't be the only culprit since users with older operating systems have been reporting for several months now that the MB icon will often fail to load in the system tray at boot-up. See my Aug 2017 thread MB v3.2.2 - System Tray Icon Missing After mbamtray.exe APPCRASH for one example. Several affected users have reported that their MB icon will also load in the system tray at boot-up if they temporarily disable MB v3 self-protection (Settings | Protection | Startup Options | Enable Self-Protection Module | OFF). See Malwarebytes employee dcollins' Dec 2017 post # 85 in MadDemon64's Malwarebytes System Tray Icon Missing After Latest Update as well as user feedback on pages 4 and 5 of that thread regarding that self-protection test. Disabling self-protection is not a recommended solution but the test results indicate that Fast Startup is not the only cause of this problem. Just an aside, but Win 8.x / Win 10 using a Norton antivirus product are always advised to disable the Fast Startup feature because this hybrid boot-up is known to interfere with loading of Norton services at boot-up and disrupt product updates, and Fast Startup can cause all sorts of odd glitches and unexpected behaviour in this AV. Norton Guru peterweb has posted about this in his thread Windows 8/8.1 or 10 and Fast Start Feature. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.7.4 * NS Premium v22.14.0.54 * MB Premium v3.4.5.2467-1.0.342

...or they could just do like Facebook and move user data to US servers to avoid compliance with the EU's General Data Protection Regulation (GDPR). Facebook Moves Millions Of Users Data To US To Avoid European Privacy Laws Facebook to Exclude Billions from European Privacy Laws When I do a clean re-install of my Norton Security software the installation wizard always asks if I want to participate in Norton Community Watch, which is similar to Malwarebytes' Usage and Threat Statistics data collection. I wonder if that meets the GDPR's requirement for user consent as long as the option to allow data collection from the user's hard drive is disabled by default in the installation wizard? ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.14.0.54 * MB Free v3.4.5 (CP v1.0.342)

Hi bb_aes: Instead of waiting the full 14 days for the trial version of MB Premium to revert back to MB Free on its own, you can also go to Settings | Account Details and click the Deactivate Premium Trial button as shown in the support article Deactivate the Malwarebytes for Windows Premium Trial to disable the trial of the real-time Premium protection features and immediately switch back to MB Free. ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.14.0.54 * MB Free v3.4.5

Hi dcollins: You already checked the Malwarebytes Support Tool logs I attached in post # 1 on 28-Mar-2018 but here's a new set of logs from today: mbst-grab-results.zip ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.14.0.54 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi dcollins: Just an FYI that I still haven't received my MB v3.4.5 update via the regular update channel although my malware definitions continue to update on a regular basis. From this morning: Do you know the current percentage of Check for Updates requests now being offered the v3.4.5 update in Malwarebytes' metered "lottery"? If metering is set that high (e.g., 80% - 100%) is it possible that Malwarebytes is using a CDN in my region (central Canada) that isn't caching updates correctly? ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.14.0.54 * MB Premium v3.3.1.2183 (CP v1.0.262)

Just a quick FYI that the Microsoft support article Important: Windows Security Updates and Antivirus Software was revised on 10-Apr-2018. Microsoft has now lifted the AV compatibility check for Windows security updates for Win 7 SP1 and Win 8.1 in addition to Win 10. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.7.3 * NS Premium v22.14.0.54 * MB Premium v3.3.1.2183-1.0.262

Hi Bert18: I don't know if the EU-U.S. Privacy Shield Framework mentioned below addresses your concerns about the opt-in for data collection, but the International section of the Malwarebytes Privacy Policy at https://www.malwarebytes.com/privacy/ that Max-H referenced in post # 9 states: Malwarebytes' current certification status for the Privacy Shield Framework is posted at https://www.privacyshield.gov/participant?id=a2zt0000000TO84AAG. -------------------------------------------- I currently have Usage and Threat Statistics disabled, due mainly to the following statement in the Client Data section of the privacy policy Software Collection Addendum: ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.14.0.54 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi toungetwister: Other users have reported that they have not been updated from v3.3.1 yet via the regular update channel - see bru's thread No Update to 3.4 Offered After 21 Days for one example. As a test, I have not clicked the Install Application Updates button since v3.4.4 was released on 05-Mar-2018 and here are my current versions as of this morning. Malwarebytes employee dcollins checked my Malwarebytes Support Tool diagnostic logs and confirmed that my updates are running normally when my MB Premium is running in real-time - see his comments <here> about the "lottery" system Malwarebytes uses to meter out new updates. I understand the logic of using staged rollouts but I'm not sure why the percentage of users receiving the v3.4.x update via the regular update channel is so still low unless there are concerns about unpatched bugs in v3.4.5 or there's a problem with the CDN caching servers in my region. ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.12.1.15 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi ejbeak: You might be interested in reading John A's topic Need to update "Having problems using ..." thread. This user reported that utilities like FRST and MB-Check will not run correctly if they are saved to the Windows desktop when the Controlled Folder Access feature (a.k.a. anti-ransomware) is enabled in the Windows Defender Security Center of Win 10 Version 1709. John A could solve their problem by either temporarily disabling Controlled Folder Access or downloading FRST and MB-Check to the Downloads folder instead of the Windows desktop. Your observation about the MB desktop shortcut seems to tie in with John A's comments. ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.12.1.15 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi dcollins: Thanks for checking my logs, and sorry for not responding sooner. I didn't receive an e-mail notification that you'd replied, and it looks like I wasn't automatically subscribed to this topic when you split off my comment from bru's thread No Update to 3.4 Offered After 21 Days. Thank you as well for the clarification about how updates are metered out, although it doesn't seem logical that I could go almost a month without receiving the 05-Mar-2018 MB v3.4.4 product update when I've been launching MB and running manual (and scheduled) updates every 2 or 3 days. For the time being I'm essentially using MB Premium v3.3.1 as an on-demand scanner for running Threat Scans every few days because of multiple bugs I've reported with my Vista SP2 system, including an ongoing conflict with my real-time MB Web Protection and Norton Automatic LiveUpdates. Here are two of the problems that were not fixed with v3.3.1: MB v3.2.2 - SystemTray Icon Missing After mbamtray.exe APPCRASH MB v3.2.2 Web Protection Still Blocks Norton Automatic LiveUpdates I started MB v3.3.1 this morning to run a Threat Scan, and manual updates still aren't delivering the latest v3.4.5 product update. I'll wait a bit longer before I click the Install Application Updates button to see if the v3.4.5 update is ever delivered through the regular update channel. ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.12.1.15 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi dcollins: Like bru, my MB Premium v3.3.1.1283 (CP v1.0.262) hasn't been automatically updated to v3.4.4 yet even though both settings at Application | Application Updates are enabled. My automatic and manual updates are still delivering definition updates - the dashboard says updates are Current and I received a new v1.0.4520 definition set this morning. I have not clicked the Install Application Updates button to check for available program updates. I assumed Malwarebytes was deliberately delaying the v3.4.4 product update via the regular update channels because of the known bugs described in ddubrow's post # 2 of Malwarebytes 3.4 - Now Available, so I've attached the MB Support Tool logs for my own machine just in case they might be helpful. Note that my MB Premium v3.3.1 is currently configured so that it doesn't automatically load at boot-up and Malware Protection is the only real-time protection currently enabled. mbst-grab-results.zip ------------ 32-bit Vista Home Premium SP2 * Firefox v52.7.3 * Norton Security Premium v22.12.1.15 * MB Premium v3.3.1.2183 (CP v1.0.262)

Hi digmorcrusher: My post # 7 in hayc59's thread Latest Version Task Bar notes that this glitch has been reported for many different reporting systems, including Win XP SP3, Vista SP2 and Win 7 SP1 which do not have a Fast Startup feature. There is an APPCRASH error logged in my Event Viewer for mbamtray.exe ( Malwarebytes Tray Application) on my Vista SP2 computer each time the MB icon fails to load in the system tray at boot-up. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.7.0 * NS Premium v22.12.1.15 * MB Premium v3.3.1.2183-1.0.262

Users following this thread with Win 8.1 and earlier versions should note that the 12-Mar-2018 revision of Microsoft's Important: Windows Security Updates and Antivirus Software states that the AV compatibility check has only been lifted for "supported Windows 10 devices via Windows Update". From the More Information section of that support article: ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.7.0 * NS Premium v22.12.1.15 * MB Premium v3.3.1.2183-1.0.262

Hi hayc59: Other users, including myself, have reported the same problem with MB v3.2.2 and higher on various operating systems. Here are a few threads on this topic: lmacri: MB v3.2.2 - System Tray Icon Missing After mbamtray.exe APPCRASH MadDemon64: Malwarebytes System Tray Icon Missing After Latest Update bha6: Malwarebytes and System Tray I've seen a few posts from Win 8.x and Win 10 users who have reported that disabling the Fast Startup power option either solved or at least decreased the frequency of the mbamtray.exe load failures, but that can't be the entire answer since Win XP SP3 (your OS), Vista SP2 and Win 7 SP1 do not have a Fast Startup feature. Fast Startup - Turn On or Off in Windows 8 How to Turn On or Off Fast Startup in Windows 10 I'm still using MB Premium v3.3.1 so I don't know if the latest v3.4.4 update has solved the issue on my 32-bit Vista SP2 computer. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.6.0 * NS Premium v22.12.0.104 * MB Premium v3.3.1.2183-1.0.262

It's disappointing to hear that long time MB customers who have asked about side-by-side comparative testing and unbiased evidence that MB v3.x is an "antivirus replacement" are being referred to as "test fanboys" by Malwarebytes staff. I'll be unsubscribing from this thread now. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.6.0 * NS Premium v22.12.0.104 * MB Premium v3.2.2.2183-1.0.262

I also raised concerns about the methodology used for the Malwarebytes Remediation Map in post # 39 . For example, does the "missed" count include false positive detections by MB v3.x? Would the other "traditional" AV software registered in the Windows Action Center (e.g., Avast, Kaspersky, Symantec/Norton, Windows Defender, etc.) have detected any of these "missed" threats if MB v3 was not installed on the same machine? The MB v3.2.2.2029 used for the MRG Effitas 360 Degree Assessment & Certification Q3 2017 testing is referred to as a complementary "on-demand" security product on page 9 of that report so I'm assuming they tested MB Free rather than MB Premium, but the table on that same page also shows a high failure rate for MB v3.x versus three other similar products (SurfRight HitmanPro, Watchdog Anti-Malware, Zemana Anti-Malware) that are not traditional antivirus programs. Like many other users posting in this forum, I'm looking forward to the day that Malwarebytes finally submits MB Premium v3.x to a few reputable, independent antivirus testing firms like AV-TEST (https://www.av-test.org/en/antivirus/home-windows/) and AV-Comparatives (https://www.av-comparatives.org/comparatives-reviews/) so we can see how well MB Premium v3.x's real-time protection stacks up against traditional antivirus programs in side-by-side "real world" and malware detection tests. The June 2017 Checkmark Certification report that staffer bdubrow referenced in post # 28 does not include any side-by-side testing with other products so I'll need to see further evidence that MB Premium v3.x is actually a reliable "antivirus replacement" as Malwarebytes claims <here> in their FAQ before I'm ready to ditch my third-party AV. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.6.0 * NS Premium v22.12.0.104 * MB Premium v3.2.2.2183-1.0.262

Hi tekitoi: Several users have posted in the MB v3 Comments and Suggestions board that they would like the # of total items scanned and # of scan detections on the main dashboard to be reset to "0" at the start of each scan, or at least have the option to reset these counters back to "0" when they choose. See Reset Protection History to 0 and Reset of "Scan Detections" Needed for a few examples. So far every file detection I've had with MB v3 has been confirmed as a false positive in the False Positives board so I think it's meaningless (and misleading) to keep a running total of the number of times MB v3 has detected a potential threat on my system displayed on the main dashboard. If you click the Quarantine tab on the MB v3 interface your might be able to see the file or registry entry that was detected during one of your past scans, although it might not be listed there if the item was permanently removed from your system. ------------ 32-bit Vista Home Premium SP2 * Firefox ESR v52.6.0 * Norton Security v22.12.0.104 * MB Premium v3.3.1.2183-1.0.262

Hi bha19: I wouldn't advise leaving MB v3's self-protection permanently disabled, since this module prevents MB files from being deleted or modified if your system is ever infected with malware. MadDemon64 and I only disabled this module for testing purposes. I'm not sure what username you use in the Norton forum, but did anyone suggest that you disable Fast Startup in your power settings? This setting is only available with Win 8.x and Win 10, and if it is enabled your computer performs a hybrid shutdown instead of a full power down when you shutdown your computer (see the How-To Geek article The Pros and Cons of Windows 10’s “Fast Startup” Mode ), and Fast Startup could be causing problems with with loading of Norton and Malwarebytes services at boot-up. Try re-testing with MB v3's self-protection disabled after you have ensured that Fast Startup is disabled and you have re-booted your computer a few times, or the setting changes you made in MB might not immediately take effect. See my comments in pdracing's thread Repeated pop-up "! Verifying Subscription" for more information about Fast Startup. And just to clarify, I also find that the main mbamservice.exe process continues to run in the background if mbamtray.exe crashes at boot-up and fails to load the MB icon in my system tray. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS Premium v22.11.2.7 * MB Premium v3.3.1.2183-1.0.262

Hi bha19: Your might want to follow the thread Malwarebytes System Tray Icon Missing After Latest Update. The original poster MadDemon64 and I both use Norton AV products and our preliminary test results suggest that the Malwarebytes system tray icon (mbamtray.exe) will load correctly if we disable MB v3 self-protection (Settings | Protection | Startup Options | Enable Self-Protection Module | OFF) - see post # 96 and later in that thread. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS Premium v22.11.2.7 * MB Premium v3.3.1.2183-1.0.262

Hi dcollins: Just an update to my early test results in post # 96: I disabled MB self-protection from 28-Dec-2017 to 06-Jan-2018 and did not see a mbamtray.exe APPCRASH the entire time self-protection was disabled (that includes at least 2 or 3 system restarts on most days). I re-enabled MB self-protection on 07-Jan-2018 and went back to my usual routine of powering off every night and restarting every morning. I immediately had one BEX (buffer overflow exception / application has stopped working) error for mbamservice.exe on 08-Jan-2018 (Problem Event Name: BEX; Application Name: mbamservice.exe; Application Version: 3.1.0.595; Fault Module Name: rtp.dll_unloaded). I expected the mbamtray.exe APPCRASHes to return within a day or two, but the first mbamtray.exe crash didn't occur until 15-Jan-2018. Here's the mini-dumps for my two mbamtray.exe APPCRASHes after MB Self-Protection was re-enabled on 07-Jan-2018: 15-Jan-2018: mbamtray.exe.2220.dmp 18-Jan-2018: mbamtray.exe.3356.dmp ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS Premium v22.11.2.7 * MB Premium v3.3.1.2183-1.0.262

Hi CT31: Think of the update package version in Malwarebytes v3 as the database version for the malware definition set. Malwarebytes adds new detections for malware on a daily basis and your background automatic updates check for an updated definition set (update package version) on a regular basis. If you go to Settings | Protection | Updates | Check for Updates Every: the default is to check for definition updates every 1 hour, and if a new malware definition set is available your update package version will change. If you re-enable Settings | Application | Application Updates | Automatically Download and Install Application Component Updates your automatic updates will also check for any new product updates (e.g., v3.3.1 for the main MB scan engine) or new component update package (e.g. v1.0.262 for additional modules for anti-exploit, anti-ransomware, etc.) at the same time that it checks for a new definition set. I noticed you have component update package v1.0.236, so you might want to run a manual check for new update components (Settings | Application | Application Updates | Install Application Updates) to see if you're upgraded to the current v1.0.262 component update package described <here>. The terminology in the old Malwarebytes Anti-Malware v2 was much less confusing. The malware definition set was referred to as the malware database version and the numbering scheme indicated the date the new definition set was released (e.g., v2017.03.22.4 was the fourth definition set released on 22-Mar-2017). I don't know why Malwarebytes changed the term to update package version and now uses a meaningless numbering scheme (e.g., I currently have update package version v1.0.3643 for my malware definition set) but there were several complaints about this when MB v3 was released - see user comments in DougCuk's May 2017 thread Database Updates and Version Info for one example. ---------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.5.3 * NS Premium v22.11.2.7 * MB Premium v3.3.1.2183-1.0.262