Jump to content

dont_touch_my_buffer

Honorary Members
  • Posts

    155
  • Joined

  • Last visited

Everything posted by dont_touch_my_buffer

  1. After installing version 3.06.1469 yesterday, I've been greeted with this today in the morning: Yes, real-time web protection (RTWP) did not start, nor can be started manually. Annoying would be an understatement to say the least... Comparing to the version 3.06.1458 (release preview) to the version 3.06.1469 (final release): Release preview, RTWP would start at system boot Final release, RTWP would not start at system boot Release preview, RTWP may stop once or twice during the day, but manual start up worked with standard UID Final release, RTWP would not start manually with or without admin access Maybe the programmers can learn something from the above, I am certain that they do have version control software... Yes, I know, in the meantime... Uninstall, clean up system from the leftover broken services, delete registry setting, etc., and install version 3.06.1469... This "rinse and repeat" cycle is getting old by now...
  2. Yes, it does, especially in the first version, even if it is called version 3.0 Sort of brings back memories of Windows 3.0, that MS didn't want to name version 1.0
  3. I am with benvddriessche... The difference being that I have never used 2.x version... <rant> There are a number of shortcomings of the MB 3.x train: New version(s) released without documentation for installing it. Some say just install it over the previous version, while other state uninstall it first. Malwarebytes should clearly document this The installation routine may and may not work correctly, regardless of the type of installation. Cleaning up is a time consuming process Once the MB is installed, it may work for a day or so and then, it self-destructs My other gripes is that MB installs in to the "C:\Program Files" folder, even if it is not fully 64-bit program. For example "mbam.exe": Or, "mbamtray.exe": I am sure that there are other, but I've stop looking... While mixing 32 and 64-bit applications, dlls, etc, is not unusual, there are some issues with it. For example, the performance of the program as a whole will be impacted and it may impact the security of the program as well. I wouldn't be too surprised to learn the interacting 32 and 64-bit processes are responsible for a large chunk of the issues with MB3.x, or at least some of it... </rant>
  4. On a Windows 8.1 64-bit OS with the release preview version of MB 3.06: Download and install final version of MB over the release preview Neither the Exploit Protection, nor the Web Protection works after installation Uninstall and reboot Install final version and reboot Manually activate license, no problem All protection green Just yesterday, the system had to be cleaned up with the FRST tool to install the release preview. The system retained the license after cleaning up. Now, unistall/install loosing the license. Consistency does not seem like a strength for this software package...
  5. The procedure, uninstall, remove leftover services with farbar tool and install 3.06 version worked just fine. One minor difference between Windows 7 and 8.1. In Windows 7, the license information had also been removed and had to be entered manually, while Windows 8.1 retained it. Thanks again for your help dcollins...
  6. I agree with Aura, if licensing cost for both software is not an issue. If it is, I'd recommend Malwarebytes. Most, if not all malware nowadays buffer overflow based for which, Kaspersky does not have a protection against. Yes, as long as the malware signature is known, or matching a behavior, Kaspersky will stop it. If not, the malware will take over the system Malwarebytes on the other hand has memory protection, formerly MBAE that works really well, in addition to the signature and behavioral based protection. I personally did not like Kaspersky with its confusing interface, rather use Windows Defender, if I need and AV in addition to Malwarebytes.
  7. Thanks dcollins... The Windows 7 machine will have to wait until tomorrow, work sometimes interferes with my hobby...
  8. Here's the content of the second "Fixlog.txt" file: fixlist content: ***************** R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys C:\Windows\system32\drivers\mbae64.sys C:\Windows\system32\drivers\farflt.sys C:\Windows\system32\drivers\mbam.sys C:\Windows\system32\drivers\mwac.sys ***************** ESProtectionDriver => service not found. MBAMFarflt => service not found. MBAMProtection => service not found. MBAMWebProtection => service not found. "C:\Windows\system32\drivers\mbae64.sys" => not found. "C:\Windows\system32\drivers\farflt.sys" => not found. "C:\Windows\system32\drivers\mbam.sys" => not found. "C:\Windows\system32\drivers\mwac.sys" => not found. The installation proceeded without any issues and it actually works just fine. All system go, or green, so to speak. I don't know how long, it survived one reboot, but it does work... Thank you very much for your help... One more question... Would it be the same "fixlist.txt" file for Windows 7? Presumably, the answer is yes, but not certain. Windows 7 have the same issue with real time web protection not starting. TIA...
  9. Thanks dcollins... Here's the fixlog content: fixlist content: ***************** R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys C:\Windows\system32\drivers\mbae64.sys C:\Windows\system32\drivers\farflt.sys C:\Windows\system32\drivers\mbam.sys C:\Windows\system32\drivers\mwac.sys ***************** ESProtectionDriver => Unable to stop service. HKLM\System\CurrentControlSet\Services\ESProtectionDriver => key removed successfully ESProtectionDriver => service removed successfully HKLM\System\CurrentControlSet\Services\MBAMFarflt => key removed successfully MBAMFarflt => service removed successfully HKLM\System\CurrentControlSet\Services\MBAMProtection => key removed successfully MBAMProtection => service removed successfully HKLM\System\CurrentControlSet\Services\MBAMWebProtection => key removed successfully MBAMWebProtection => service removed successfully "C:\Windows\system32\drivers\mbae64.sys" => not found. "C:\Windows\system32\drivers\farflt.sys" => not found. "C:\Windows\system32\drivers\mbam.sys" => not found. "C:\Windows\system32\drivers\mwac.sys" => not found. The system needed a reboot. Prior to installing the 3.06, one more question... The FRST scan also shows these Malwarebytes files: 2017-01-24 06:11 - 2017-01-24 06:11 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\5B4D0450.sys 2017-01-23 12:20 - 2017-01-23 12:20 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\0B4850AA.sys 2017-01-23 12:03 - 2017-01-23 12:03 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\6B9643AA.sys 2017-01-19 08:37 - 2017-01-19 08:37 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\625F6D8E.sys 2017-01-15 10:46 - 2017-01-15 10:46 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\0FD71715.sys 2017-01-13 14:40 - 2017-01-13 14:40 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\17DA2E73.sys 2017-01-12 07:26 - 2017-01-12 07:26 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\249D13CD.sys 2017-01-12 07:14 - 2017-01-12 07:14 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\42EB0A70.sys 2017-01-12 07:04 - 2017-01-12 07:04 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\4F160303.sys 2017-01-12 07:04 - 2017-01-12 07:04 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\6091037C.sys 2017-01-08 18:18 - 2017-01-08 18:18 - 00176064 _____ (Malwarebytes) C:\Windows\system32\Drivers\6CF04E33.sys 2017-01-08 18:17 - 2017-01-08 18:17 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\4F354DF5.sys 2017-01-06 07:19 - 2017-01-06 07:19 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\7B6139D3.sys 2016-12-29 15:58 - 2016-12-29 15:58 - 00250816 _____ (Malwarebytes) C:\Windows\system32\Drivers\30B25644.sys Some of these files do exist in the indicated directory, should they be removed by the fix and/or manually? TIA...
  10. Maybe I am mistaken, but I don't see the items listed in the fixlist.txt file in the attached frst.txt file. Should I run it anyway? FRST.txt
  11. I'll backup my system prior to running FRST, couple of questions in the meantime... The "fixlist.txt", needs to be in the same folder as the "FRST64.exe", includes all of the Malwarebytes related files/services that need to be cleaned,correct? The fix could be initiated without actually scanning it first. If that's correct, it may not resolve the issue since none of those drivers are in the text file indicated folder.
  12. Yes, the file was on the desktop... The user account information had been removed from the attached file. Running as an admin results in an empty file... mb-checkResult.txt
  13. There was no file created when the program ran, either as standard user or admin... I've looked in the folder where the "mb-check-3.0.1.1.1004.exe" is and also searched the "C" drive, none found.
  14. Does it make a difference if the program uninstalled in normal mode now? There's no running MB related suff...
  15. The log file is no longer available for Windows 8.1, see below, but will try to get it for Windows 7... That was my idea as well and proceeded to do just that prior to seeing your reply. Unfortunately, doing so resulted in more issues... Both the uninstall/reinstall seemingly worked just fine, except: The MBAM service is not installed The MBAM tray exists with an error (of course) Here's the error displayed: Manually trying to start mbam.exe, MBAMWsc.exe, MBAMService.exe result in the same error. Right clicking on any file and/or folder shows this: Selecting the "Scan with Malwarebytes" seemingly works... Uninstalled 3.06 and installed 3.05 result is the same, no service installed, nor does it show up in the Windows Services and the same error. I don't really know how to proceed from here. Other than removing MBAM and contact tech support. I do have a premium license... PS: Not having MBAM working did result in a seemingly faster PC...
  16. Well, that didn't last long... Both Windows versions required admin level access for starting up RTWP. Well, it's release preview version, a.k.a. Beta, but I am loosing my patience...
  17. Maybe I haven't looked at AV software for awhile, but on the surface, Bitdefender is quite dissimilar... BitDefender Internet Security 2017 does not include Anti-ransomware, nor does it have memory protection. While BitDefender Total Security 2017 adds the Anti-ransomeware, it does not have memory protection. Malwarebytes 3 has both, in addition to the basic protection of Bitdefender. Provided it is actually working instead of the real time protection being flaky at best that is... With that said, the Bitdefender Family Pack 2017 with unlimited license looks enticing for my small business with nine computers; for 3-years at 150 bucks. But I also have a perpetual license for Vipre, no yearly renewal, also unlimited license. Adding the perpetual Beta version of MBAE, that's good enough for my needs. And yes, three computers do have MB 3.x premium version with grandfathered renewal rate of $24.95. I would not extend MB 3.x premium to six more computers at the 80 bucks per 3 computers per year, for a total of 160 bucks. Even if MB 3.x is not flaky...
  18. I've installed the release preview version of MB 3.06, over 3.05 premium on Windows 7 Professional 64-bits. After the updates downloaded and installed, to my surprise, the RTWP did start up manually. Nonetheless, the system had been rebooted. Logged in with standard UID and had been greeted with the "Awesome! You're Protected" green check mark. In another word, it works just fine on Windows 7 without logging in with an admin account. Again, it's been a short time and I am hesitant to say that it is fixed until at least couple of weeks. Based on my experience with two system, the MB 3.06 acts differently for some reason on W 7 and 8.1. Maybe it's due to the more strict security in Windows 8.1, but that's just a guess...
  19. Yes... After installation and the update, circled in the image below, completed:
  20. I've installed the release preview version of MB 3.06, over version 3.05 premium. After updating definitions had completed, the Windows 8.1 Professional 64-bits had been rebooted. Initially, Real Time Web Protection (RTWP) would not start, when logged in with standard UID Trying to start the RTWP would fail with the standard UID. Stop and start Malwarebytes service with admin account via MMC\Services also failed to start up RTWP Log out the standard UID and login with the admin account also resulted in RTWP not starting Starting the RTWP manually on the other hand worked with the admin account logged in And here's the interesting part, at least to me. Subsequent reboot, or shutdown/start, and logging in with the standard UID, the RTWP started up just fine. Maybe there's some permission issues within MB code at start up, in which case, this issue may come back in the near future. I hope not and will try the MB 3.06 on a Windows 7 box as well... PS: I did change the loading order for the AV to "Automatic" and MB to "Automatic (Delayed Start)". In another word, flipped the default setting for the MB installation...
  21. Really David? It's not categorized as "fake news". That in itself is wrong, accusing website that engages in spreading malware when it's not. Every news website have their own agenda. Isn't that up to the end user to select what to read? What if next Malwarebytes blocks access to CNN, the site with alleged "true journalist with journalistic integrity"?
  22. If that the case, why is the site falsely classified as "FSA", isn't that some sort of "fake news" in itself? Especially in light of no other sites deemed the site in question not worthy for blocking. You've just confirmed that Malwarebytes censors "alternative journals", thank you. It's good to know that Malwarebytes engages, or at least tries shaping end users political views... Maybe you should try blocking other fake news sites, like CNN...
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.