lmacri

Hi smipx013: I re-tested today with the latest Malwarebytes v4.5.10.200-1.0.1709 and ENABLING Excel Macro 4.0 Abuse Prevention (Settings | Security | Exploit Protection | Advanced Settings | Application Behavior Protection | Restore Defaults | Apply) does not prevent me from opening password-protected MS Word 2019 .DOCX or .DOC documents. It only prevents me from opening password-protected MS 2019 Excel workbooks. Note that I used MS Office 2019 Home and Business Version 2206 (Build 15330.20196 Click-to-Run, released 29-Jun-2022) for this test. If you suspect that Exploit Protection in Malwarebytes Premium is the cause of your problem, turn off your entire Exploit Protection module from the main dashboard and re-boot your system. If you still can't open a password-protected MS Word document then Malwarebytes' Exploit Protection isn't the cause. ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 * MS Office 2019 Home and Business Version 2206 (Build 15330.20196 Click-to-Run) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Vortex_800: After you reset your Malwarebytes Exploit Protection settings back to their defaults (Settings | Security | Exploit Protection | Advanced Settings | Application Behavior Protection | Restore Defaults | Apply) did you remember to click Apply? After changing my Exploit Protection settings back to their defaults I usually close the Malwarebytes interface and then re-open just to confirm that Excel Macro 4.0 Abuse Prevention has been re-ENABLED (checked) before I run my tests. That's great news, though, if Component Package v1.0.1709 solved your problem. What version of MS Excel do you use? ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * MS Office 2019 Home and Business Version 2205 (Build 15225.20288 Click-to-Run) * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Here are the requested diagnostic logs. mbst-grab-results.zip Please read my 01-Jul-2022 post in Adam2022's Excel Macro 4.0 Abuse Protection Prevents Opening Password Protected Files. The Malwarebytes Help Desk sent me Malwarebytes Anti-Exploit (MBAE) BETA v1.13.1.488 on 20-Jun-2022 for testing but my test results were mixed (I could open password-protected Excel 2019 .XLSX workbooks but for some reason my unprotected workbooks would not open correctly) so the software devs have gone back to the drawing board. I assume the Malwarebytes Help Desk will send me another MBAE BETA for testing once they are relatively certain they have a working solution. ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * MS Office 2019 Home and Business Version 2205 (Build 15225.20288 Click-to-Run) * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi JhonHamilton: Just an update to let you know that I tested with the latest Malwarebytes v4.5.10.200-1.0.1709 (see Erix's 30-Jun-2022 change log in Malwarebytes 4.5) and the new Component Package v1.0.1709 does not appear to have fixed the problem. See my 01-Jul-2022 post in Adam2022's Excel Macro 4.0 Abuse Protection Prevents Opening Password Protected Files for further details. ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 * MS Office 2019 Home and Business Version 2205 (Build 15225.20288 Click-to-Run) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

I tested with the latest Malwarebytes v4.5.10.200-1.0.1709 (see Erix's 30-Jun-2022 change log in Malwarebytes 4.5) and the new Component Package v1.0.1709 does not appear to have fixed the problem. I reset the advanced settings in my Malwarebytes Exploit Protection back to their defaults (Settings | Security | Exploit Protection | Advanced Settings | Application Behavior Protection | Restore Defaults | Apply) and confirmed that Excel Macro 4.0 Abuse Prevention was re-ENABLED, and when I tried to open a password-protected Excel 2019 .xlsx workbook I got the same "This encrypted file cannot be opened or repaired by Microsoft Excel because it is corrupt" error. The Malwarebytes Help Desk sent me a Malwarebytes Anti-Exploit (MBAE) BETA v1.13.1.488 for testing on 20-Jun-2022 but it didn't work correctly. I see that a newer MBAE BETA v1.13.1.494 was posted <here> on 28-Jun-2022 so I'm hoping the software developers are getting closer to a working solution. ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 * MS Office 2019 Home and Business Version 2205 (Build 15225.20288 Click-to-Run) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Thanks for the heads up. I ran a manual update (General | Application Updates | Check for Updates) and installed the latest Component Package v1.0.1709 (released 30-Jun-2022) and that seems to have solved the problem on my system. I tested by running a few different portable apps and had no problem safe ejecting my USB afterwards, so it looks like this bug has been fixed. I'll contact the Help Desk and let them know they can close my support ticket. Would it be possible to unlock juantho's 04-Jun-2022 Malware and PUP PROTECTION Does not allow me to eject my USB after Run .exe ? That thread was locked to prevent further comments while I was working with the Help Desk and the OP juantho might not know a bug fix has been released. ------------ 64-bit Win 10 Pro v21H2 build 19044.1766 * Firefox v102.0.0 * Microsoft Defender v4.18.2205.7-1.1.19300.2 * Malwarebytes Premium v4.5.10.200-1.0.1709 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: You might recall that I opened a second support ticket on 11-Jun-2022 about an Exploit Protection issue (see Adam2022's 10-Jun-2022 Excel macro 4.0 abuse protection prevents opening password protected files) that I assume is unrelated to my problem ejecting a USB thumb drive after running a portable app. I wasn't giving Amun advice, just stating how I've decided to deal with some of the bugs and other glitchy behaviour I've encountered these past few weeks since Component Packages v1.0.1689/v1.0.6899 were released. I was disappointed to learn that neither of these bugs was fixed by Malwarebytes v4.5.10.200-1.0.1702 (released 15-Jun-2022), and as I noted <above>, I've haven't heard back from the Technical Product Team handling the support ticket for my USB ejection problem since I uploaded a Process Monitor log on 08-Jun-2022. That is not true, at least in my case. Ejecting from Disk Manager (or any other method you suggested) did not work on my system. I was unable to post that feedback in juantho's 04-Jun-2022 Malware and PUP PROTECTION Does not allow me to eject my USB after Run .exe because that thread was locked immediately after I submitted my support ticket. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.10.200-1.0.1702 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Amun: For some reason, I can't safely eject my USB thumb drive after running a portable app, even if I choose "Quit Malwarebytes" from the system tray icon, so I used to power off my computer and allow Windows to shut down what ever process was holding a handle to the USB drive so I could unplug it. That wasn't a satisfactory workaround for me so I've prevented Malwarebytes real-time protection from starting at boot-up (i.e., Settings | Security | Windows Startup | Launch Malwarebytes in the Background When Windows Starts Up | OFF) and I imagine it will stay that way until Malwarebytes releases a bug fix. I hope the fix comes sooner rather than later or I'll have to deactivate my Premium license and just use Malwarebytes Free as an on-demand scanner. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.10.200-1.0.1702 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi JhonHamilton: I'd suggest you subscribe to Adam2022's thread Excel macro 4.0 abuse protection prevents opening password protected files. If you follow that thread you will receive an automatic email notification when a new reply is posted in that thread, and someone will eventually post there when a bug fix is released. Also note that the latest Malwarebytes v4.5.10.200-1.0.1702 (released 15-Jun-2022, see Erix's change log in Malwarebytes 4.5) does not fix this problem. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.10.200-1.0.1702 * Macrium Reflect Free v8.0.6758 * MS Office 2019 Home and Business Version 2205 (Build 15225.20204 Click-to-Run) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Amun: See juantho's 04-Jun-2022 Malware and PUP PROTECTION Does not allow me to eject my USB after Run .exe (currently locked to prevent further comments). I opened a support ticket on 07-Jun-2022 and submitted Process Monitor logs to the Technical Product Team on 08-Jun-2022 but haven't heard anything since then. Just note that the latest Malwarebytes v4.5.10.200-1.0.1702 (released 15-Jun-2022, see Erix's change log in Malwarebytes 4.5) does not fix this problem. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.10.200-1.0.1702 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Adam2022: I just tested with the latest Malwarebytes v4.5.10.200-1.0.1702 (see Erix's 15-Jun-2022 change log in Malwarebytes 4.5) and Component Package v1.0.1702 does not appear to have fixed the problem. I reset the advanced settings in my Malwarebytes Exploit Protection back to their defaults (Settings | Security | Exploit Protection | Advanced Settings | Restore Defaults | Apply) and confirmed that Excel Macro 4.0 Abuse Prevention was re-ENABLED, and when I tried to open a password-protected Excel .xlsx file I got the same error. Looks like we'll have to wait a bit longer for a bug fix.☹️ -------------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.10.200-1.0.1702 * Macrium Reflect Free v8.0.6758 * Dell SupportAssist v3.10.4.18 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Grimallday: I don't want to interfere with Porthos' troubleshooting, but while you're waiting for further assistance you should confirm that KB4474419 (rel. 23-Sep-2019) is installed on your Win 7 SP1 computer. KB4474419 adds SHA-2 code signing support (and is called the the "Microsoft 2019-09 Security Update" <here> in the system requirements) and must be installed before you can install the latest Malwarebytes v4.5.x program. I assume the current standalone offline installer mb4-setup-consumer-4.5.9.198-1.0.1699-1.0.56987.exe would not even launch unless your system supported SHA-2 code signing but it might be something you want to check. If your Win 7 OS has Service Pack 1 (SP1) (see the Computer Hope article <here>) but you aren't sure if it supports SHA-2 code signing go to Control Panel | Programs and Features | View Installed Updates and search for KB4474419. When searching, enter the full KB number in the search box [i.e., search for "KB4474419" (without the quotes) and not a partial string like "4474419"]. Note that AdvancedSetup posted a set of "abbreviated" instructions on 05-Jun-2021 in murph's thread Now MBAM Wants a Microsoft Security Update that is intended for Win 7 SP1 users who already have most of the Windows security updates released prior to end of support on 14-Jan-2020 and just want to install KB4474419. -------------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi JhonHamilton: See Malwarebytes employee AdvancedSetup's 11-Jun-2022 post <here> in Adam2022's thread. Malwarebytes has acknowledged that there is a bug in the Excel Macro 4.0 Abuse Prevention protection technique of Malwarebytes' Exploit Protection that seems to have been introduced by Malwarebytes Premium v4.5.9.198-1.0.1699 (rel 10-Jun-2022) and that it could take "days for a fix or weeks or months". In the mean time AdvancedSetup is advising that MS Excel users leave the Excel Macro 4.0 Abuse Prevention protection technique DISABLED in their advanced Exploit Protection settings until a bug fix is released. It would still be helpful if you could attach your mbst-grab-results.zip diagnostic logs generated by the Malwarebytes Support Tool (Advanced tab | Gather Logs) to your next reply. Attached logs can only be viewed by Malwarebytes employees and a few technical experts with advanced permissions, and those logs will show Malwarebytes your current Windows OS, Malwarebytes version and custom settings, etc. The more information they can gather about affected systems the sooner this bug will be fixed. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: As I noted in my 11-Jun-2022 post <above>, "It's probably not a coincidence that one of my other Excel .XLSX files that is not password protected would only open in read-only mode this morning. I solved that particular problem by opening in read-only mode and then saving under a new file name..." After reading JhonHamilton's Excel 2021 | File Is in use | Locked for editing | Am i infected today I suspect that other users are now finding that Excel Macro 4.0 Abuse Prevention is also causing issues with Excel files that are not password-protected. I ran further tests today using the default settings for Advanced Exploit Protection in MB v4.5.9-1.0.699 (rel. 09-Jun-2022) and MS Office 2019 (Click-to-Run) and can confirm: I am able to open a password-protected MS Word 2019 .DOCX file. I am not able to open a password-protected MS Word 2019 .DOCX file. I see an Microsoft Excel error message that says "We found a problem with some content in '<filename>.xlsx'. Do you want us to recover as much as we can? If you trust the source of this workbook, click Yes". If I choose "Yes" I see a second Microsoft Excel error stating "The workbook cannot be opened or repaired by Microsoft because it is corrupt". I am able to open the same password protected MS Word 2019 .DOCX file if I DISABLE the Excel Macro 4.0 Abuse Prevention protection technique in Malwarebytes (Settings | Security | Exploit Protection | Advanced Settings | Application Behavior Protection | MS Office column | Excel Macro 4.0 Abuse Prevention) There is nothing in the Malwarebytes detection history (e.g., no Malware.Exploit.Agent.Generic detection logged) to indicate that Malwarebytes Exploit Protection is preventing my "corrupt" password-protected Excel file from being opened. I agree with the OP Adam2022 that fixing this bug should be a priority, since users who see these Microsoft Excel pop-ups will likely assume that they have been infected by malware that has corrupted their .XLSX files and will have no idea that Malwarebytes Exploit Protection is the cause. I logged in to my Malwarebytes account yesterday and filed a support request just in case the software developers would like me to submit a Process Monitor log to help diagnose the problem. This is the second Malwarebytes support request I've submitted in the past week (see my 04-Jun-2022 post in juantho's Malware and PUP PROTECTION Does not allow me to eject my USB after Run .exe). The fact that I initially had no idea that a Malwarebytes v4.5.9 was responsible for either of these issues makes me wonder if there are other problems with MB v4.5.9 that I haven't uncovered yet, and I am seriously considering preventing my Malwarebytes real-time protection from starting at boot-up (Security | Windows Startup | Launch Malwarebytes in the Background When Windows Starts Up | OFF) until both these bugs are fixed. --------------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * MS Office 2019 Home and Business Version 2205 (Build 15225.20204 Click-to-Run) * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi JhonHamilton: From my 11-Jun-2022 post in Adam2022's Excel Macro 4.0 Abuse Protection Prevents Opening Password Protected Files: Are you able to open your Excel file if you DISABLE the Excel Macro 4.0 Abuse Prevention protection technique in Malwarebytes (Settings | Security | Exploit Protection | Advanced Settings | Application Behavior Protection | MS Office column | Excel Macro 4.0 Abuse Prevention)? It would be helpful if you could run the Malwarebytes Support Tool (Advanced tab | Gather Logs) and attach the mbst-grab-results.zip file to your next post. If the .zip file is created on your desktop it will have to be moved to a different location (e.g., to your Documents or Downloads folder) before you can attach it to your post. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.6 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Adam2022: I honestly have no idea how Application Hardening | BottomUp ASLR Enforcement or any of the other Advanced Exploit Protection settings work in Malwarebytes Premium, so hopefully someone from Malwarebytes will be able to provide some insight. The last time I had an issue opening my MS Office 2019 files it was caused by the Application Behavior Protection | Office WMI Abuse Prevention technique of Malwarebytes' Exploit Protection. In that case the exploit block was actually logged as a Malware.Exploit.Agent.Generic detection in my Malwarebytes v4.4.6 detection history so it was easy to trace the exact exploit protection technique causing the problem. See my 16-Sep-2021 thread MS Word 2019 - Exploit Office WMI Abuse Blocked (cmd.exe) that was posted in the Malwarebytes for Home Support | Exploit | False Positives board that included a sample detection log identifying "Protection Technique: Exploit Office WMI Abuse Blocked" as the cause of the exploit block. -------------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * Dell SupportAssist v3.10.4.18 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Adam2022: Thanks for posting about this. I just discovered the same problem today where I was unable to open a password-protected Excel .XLSX spreadsheet after updating yesterday to Malwarebytes v4.5.9.198-1.0.1699. It's probably not a coincidence that one of my other Excel .XLSX files that is not password protected would only open in read-only mode this morning. I solved that particular problem by opening in read-only mode and then saving under a new file name. If this happens again I'll try to remember to grab a screenshot of the warning message. Just out of curiosity, do you use Microsoft Defender as your primary antivirus, and if so have you made and recent changes to your Attack Surface Reduction (ASR) settings to mitigate the recently discovered "Follina" zero-day vulnerability (CVE-2022-30190)? I recently added the “Block Office application from creating child processes” rule to the Microsoft Defender ASR settings using the Group Policy Editor (gpedit.msc) in my Win 10 Pro OS (see my 03-Jun-2022 post # 2450624 in Susan Bradley's Zero Day in Office – But Don’t Panic in the AskWoody forum) and I'm now wondering if this has somehow exacerbated my problems with Malwarebytes v4.5.9.198-1.0.1699's Exploit Protection (specifically, the Application Behavior Protection | Excel Macro 4.0 Abuse Prevention) that goes beyond being unable to open my password-protected Excel files. -------------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.1 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1699 * Macrium Reflect Free v8.0.6758 * Dell SupportAssist v3.10.4.18 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Thanks, after reading your last reply I submitted my own support ticket from my Malwarebytes Account, and in the mean time I've posted in the Dell thread Inspiron 3891, Event Viewer error - Usbupdate.exe fails to see if I can find any connection between the UsbUpdate.exe errors in my Event Viewer and my problem ejecting my USB thumb drive after I run a portable app. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.0 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 * Malwarebytes Browser Guard for Firefox v2.4.2 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Thanks for that link. That's Dell thread is quite long so it will take a bit of time to read all 12 pages but I'll see if I can find any relevant information. In the mean time I repeated my test of 04-Jun-2021 and can confirm that I have no problem ejecting my USB thumb drive after I run SUMo v5.15.1 and a few other portable apps as long as I prevent Malwarebytes from loading at boot-up (Settings | Security | Windows Startup | Launch Malwarebytes in the Background When Windows Starts Up | OFF). Assuming this problem is unique to Dell computers, could there be some sort of conflict between my Malwarebytes realtime protection and my Dell software/firmware? ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.0 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 * Malwarebytes Browser Guard for Firefox v2.4.2 * Inspiron 5583/5584 BIOS v1.18.0 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Further to my 04-Jun-2022 post <above> I could hear my cooling fan running while my computer was supposedly in sleep mode yesterday, and when I pressed a key on my keypad to bring my system out of sleep mode it took several seconds for the lock screen to appear. I noticed there were multiple errors in the past week related to UsbUpdate.exe (Source = Application Error; EventID =1000; Faulting Application Path = C:\WINDOWS\TEMP\inv3253_tmp\Executables\UsbUpdate.exe). This error first appeared in my Event Viewer on 27-May-2022, which is the day after I updated to Component Package v1.0.1689 and about the same time I noticed I was having problems ejecting my removable USB thumb drive after running a portable app. Note my Win 10 settings at Settings | Devices | AutoPlay (which is ON) | Choose AutoPlay Defaults | Removable Drive is set to "Open Folder to View Files (File Explorer)". I've also had several errors related to Microsoft Defender in the past week [Source = Service Control Manager; Event ID = 7011; Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the WinDefend service] but these WinDefend service errors started before my Malwarebytes Component Package updated to v1.0.1689 so I don't think it has anything to do with my USB ejection problem. However, they could still be related to Malwarebytes and/or my problem yesterday bringing my system out of sleep mode. Note that Settings | Security | Windows Security Center | Always Register Malwarebytes in the Windows Security Center is turned OFF in Malwarebytes and I've created mutual scan exclusions in both Malwarebytes and Microsoft Defender. Details for sample UsbUpdate.exe Application Error Event ID 1000 and MS Defender Service Control Manager Event ID 7011 errors are attached. Win 10 Pro v21H2 Event Viewer UsbUpdate_exe Application Error Event ID 1000 05 Jun 2022.txt Win 10 Pro v21H2 Event Viewer WinDefend Service Control Manager Event ID 7011 06 Jun 2022.txt ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.0 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 * Malwarebytes Browser Guard for Firefox v2.4.2 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi juantho: Thanks for posting about this. I've repeatedly been unable to safely eject my removable USB thumb drive in the past week or so, and couldn't figure out what running process was causing the problem. I believe the problem started about the same time I updated to Malwarebytes Premium v4.5.9.198-1.0.1676 (rel. 05-May-2022) or after my Component Package updated to v1.0.1689 (rel. 26-May-2022). Note that Windows Update installed my May 2022 Patch Tuesday updates on 13-May-2022 (I also receive a daily update for my Microsoft Defender virus definitions on a daily basis) and my Malwarebytes Browser Guard for Firefox add-on updated to v2.4.2 on 25-May-2022. I have several portable apps on that USB thumb drive and it seems the problem is only triggered when I run certain apps (e.g., the SUMo.exe for SUMo Free Portable v5.15.0). If I recall correctly, other portable apps like CCleaner Free Portable v5.92 (??) don't trigger this problem. I don't know if it's relevant but SUMo is one of my portable apps that automatically checks for a newer program version at launch. I tested today by launching SUMo Portable v5.15.0 from my removable USB thumb drive and was unable to eject my USB after I closed SUMo. When I quit Malwarebytes real-time protection from the system tray icon I still couldn't eject the USB. However, if I prevent Malwarebytes from starting with Windows (Settings | Security | Windows Startup | Launch Malwarebytes in the Background When Windows Starts Up | OFF) then I have no problems running SUMo from my removable USB and ejecting the USB once SUMo is closed. The attached diagnostic logs were collected with Malwarebytes Premium running and the USB still inserted (i.e., after I was unable to eject). mbst-grab-results.zip ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v101.0.0 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 * CCleaner Free Portable v5.92.9652 * SUMo Free Portable v5.15.0.522 * Malwarebytes Browser Guard for Firefox v2.4.2 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi onebyteyboi: Good to know that the number of MBAMSERVICE.LOG backups (i.e., with a .bk1, .bk2, etc. extension) shouldn't increase beyond ten files and eat up my available disk space. I wonder if logging in MBAMSERVICE.LOG has become more verbose (i.e., if additional types of errors are being logged) since Component Package v1.0.1689 was released on 26-May-2022? What is your definition of a memory leak? Do you mean that the amount of RAM consumed by a Mawlarebytes process like MBAMService.exe or mbamtray.exe continues to grow steadily over time after every re-boot, and that additional memory used by one or more of these processes is not released (i.e., returned to the pool of available memory) after a Malwarebytes background task has finished running? Note that user unknownguy recently reported seeing unusually high network activity in their 15-May-2022 thread Latest Stable Release Send Too Many Requests, which has since been moved to the Windows Malware Removal Help & Support board for one-on-one troubleshooting. I have no idea if their issue is related in any way to your "memory leak", but it would be helpful if you could post Malwarebytes Support Tool diagnostic logs as previously requested. These logs can only be viewed by Forum Administrators and users with advanced permissions. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v100.0.2 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi nombredeus: I see you've started another thread today at Any way to install database updates manually ? . Porthos is already helping you troubleshoot your installation problems there so I'll step out of this thread for now so I don't interfere and cause further confusion. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v100.0.2 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi onebyteboi: Just FYI, I checked my C:\ProgramData\Malwarebytes\MBAMService\LOGS folder and I currently have 10 MBAMSERVICE.LOG backups (i.e., with a .bk1, .bk2, etc. extension) dating back to 24-Apr-2022 and each is just over 10 MB in size. It appears to be taking about 3 to 4 days for my MBAMSERVICE.LOG to reach it's max size and create a new backup. The oldest backup, MBAMSERVICE.LOG.bk10, contains entries dating back to 20-Apr-2022. I don't know if it's a coincidence but 20-Apr-2022 is the same day I upgraded from Malwarebytes v4.5.7.186-1.0.1645 to Malwarebytes v4.5.8.191-1.0.1666. Once my current MBAMSERVICE.LOG reaches 10 MB I don't know if it will create a new MBAMSERVICE.LOG.bk11 file (i.e., if these backup files will continue to accumulate) or if the the oldest backup will be deleted to make room for a newer backup. I've attached my oldest MBAMSERVICE.LOG.bk10 backup file (zipped) that includes log entries dating from 20-Apr-2022 to 24-Apr-2022 as well as diagnostic logs gathered with the Malwarebytes Support Tool. MBAMSERVICE.LOG.bk10.zip mbst-grab-results.zip ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v100.0.2 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Nombredeus: When you said you have Windows 8, does that mean you have Windows 8.1 which reaches end of extended support on 10-Jan-2023? Windows 8.1 is based on Windows 8, and Windows 8 customers had until 12-Jan-2016 to move to Windows 8.1 to remain supported (e.g., to be eligible to receive security updates via Windows Updates). You can check your Windows version at Control Panel | System and Security | System | Windows Edition [or open a Run dialog box (Windows key + R) and enter winver]. Assuming you have Windows 8.1, is there any specific reason why you want to install Malwarebytes v3.5.1 (the legacy version for Win XP/Vista) instead of the current Malwarebytes v4.5.9? The system requirements for Malwarebytes v4.x are posted <here>. ----------- 64-bit Win 10 Pro v21H2 build 19044.1706 * Firefox v100.0.2 * Microsoft Defender v4.18.2203.5-1.1.19200.5 * Malwarebytes Premium v4.5.9.198-1.0.1689 * Macrium Reflect Free v8.0.6758 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620