Jump to content

exile360

Experts
  • Content Count

    21,496
  • Joined

  • Last visited

Everything posted by exile360

  1. I believe these are the steps to reproduce the issue: Install Malwarebytes on a system where it will initiate the free trial and register itself by default with the Windows Action Center/Security Center Wait for the trial to expire without altering the Action Center/Security Center setting in Malwarebytes Open Action Center/Security Center to verify that it still shows Malwarebytes among the protection programs on the system being monitored Open Malwarebytes and attempt to alter the Action Center/Security Center registration setting under Settings>Application We have seen this issue in the past and I have reported it to the Product team previously, however I do not know if or when it was addressed if at all. Please feel free to correct me if I am mistaken, but I believe this is how the issue is reproduced.
  2. Microsoft updated their website with current information on the planned expiration of Windows 7. As you may have already been aware, the date for the end of extended support (i.e. the development and release of new security updates for the OS) is set for January 14, 2020 which means users who wish to continue to receive security updates and patches will need to migrate to Windows 10 before then. The new/updated page containing this information may be found here and it also includes info on several versions of Windows Server as well as the Embedded versions of Windows 7. More details specific to the Windows 7 End of Life policy may be found here and an FAQ about the Windows 7 End of Life/Product Lifecycle may be found here. Below you will find my commentary on Windows 7's End of Life. I put it in spoiler tags for courtesy since you may not be interested in my lengthy opinions o the subject and it's not essential information in relation to the links and info above.
  3. In addition to the tools and products mentioned above, for consumers there are also several other free tools available which have proven quite effective at cleaning heavily infected systems and dealing with persistent and difficult to remove threats. The first of these is Malwarebytes Anti-Rootkit BETA or MBAR for short. You can find out more about this free tool as well as download it here. This tool is a portable, self-extracting anti-rootkit utility which includes the same excellent rootkit detection and removal technology built into Malwarebytes 3 but in a more portable package. There is also a special build of this tool available which is designed to deal with certain specific infections which might try to block Malwarebytes Anti-Rootkit from running. More details as well as a download link and instructions on using this special version of the tool may be found in this topic. Next, Malwarebytes also offers a special standalone adware/PUP (Potentially Unwanted Program) utility which is capable of removing many undesirable items that even Malwarebytes 3 may not detect (it's generally a good idea to scan with both if you are infected) called ADWCleaner. This tool has been around for a while and was acquired by Malwarebytes due to its excellent reputation and proven effectiveness in the field. The databases and capabilities of ADWCleaner have also been augmented to include all of the detections from the previously available Junkware Removal Tool (JRT for short). You can learn more and download the tool on this page. Of course Malwarebytes 3 itself is a powerful tool as I'm sure you're already aware, and while the default scan in Malwarebytes 3 is quite powerful and also very efficient, if you are scanning a system which is heavily infected or that you suspect might be, I would suggest enabling rootkit scanning (which is disabled by default for the sake of performance) by opening Malwarebytes and navigating to Settings>Protection and toggling the Scan for rootkits option located under the Scan Options section to On, then returning to the Dashboard tab and clicking the Scan Now button. This will perform the same efficient and highly effective Threat scan, but now it will be enhanced with superior rootkit detection and remediation capabilities. One more thing to note: both Malwarebytes (when rootkit scanning is enabled) as well as Malwarebytes Anti-Rootkit will check for the presence of rootkits and rootkit families known to damage core Windows system components, especially those related to system security and internet connectivity, and if found, they will not only remove the rootkits, but also repair the damage to those critical Windows system services and functions to return the system to normal functionality which can save you a lot of time and trouble trying to repair those damaged features after the malware cleanup is complete.
  4. The information in this support article may also prove helpful. It details how to manage licenses/subscriptions using the My.Malwarebytes.com web interface.
  5. Unfortunately I can't get the full memory dump as my keyboard has no Scroll Lock key. Here is the MBST archive though. mbst-grab-results.zip
  6. I found an issue with the new build. Windows 7 x64, fully patched. On system startup, when Ransomware Protection is allowed to start with MB3 which is set to start with Windows, system start is halted shortly after Windows loads during the startup process of startup applications/services with MBAMService running without the Malwarebytes tray running and it appears to be getting stuck somehow by or because it is interfering with the startup of HotKey which is a proprietary hardware/system control and monitoring solution provided by Clevo for their custom high end laptop solutions (sometimes sold under other branding such as Sager, Eurocom etc.). If I terminate the HotKey service process via Task Manager, Malwarebytes proceeds to load and allows all the other startups to proceed with loading. If I do nothing and wait, eventually the HotKey service process will time out and throw an error and Malwarebytes will then finish loading and allow the other startups to load (this takes several minutes to occur). If I disable Malwarebytes or just Ransomware Protection from loading on boot there is no issue and the system loads fine. I have not yet attempted creating exclusions but I will. I just wanted to report this issue first as it seems related to the other issues we've been seeing. I captured memory dumps via Task Manager from the various processes involved in this issue and uploaded them here. I have also noticed, as one user mentioned previously in this thread in post #419, that Malwarebytes causes a delay in shutdown/waiting for a program to close message when installed/active during shutdown and also notice that it takes a while longer for the system to shutdown completely after logging off of Windows on the final shutdown screen with a good deal of that time spent displaying a message about Malwarebytes service shutting down (verbose logon/logoff messaging enabled), though it's not the only one that shows up during shutdown. The system doesn't hang during shutdown and it doesn't take terribly long, but it is noticeable, especially considering my system specs: I will test with exclusions and let you know how it goes, but I suspect that something similar to the multi-threading/vs single threading issue discovered with the Web Protection component is involved here as well because seeing Malwarebytes' protection get "stuck" on something and seeing the rest of the system becoming partially or completely unresponsive as a result is a fairly common occurrence in my experience.
  7. You're welcome A new version has been released that should correct this issue. To install it, open Malwarebytes and navigate to Settings>Application and click on the Install Application Updates button and allow it to download and install the update, then restart your system if prompted to do so once the installation completes. You can find out more info about the new build here.
  8. exile360

    Login my Account failed

    Excellent, I'm glad that you received the email and were able to finally resolve the issue. Here are a few links to additional info that my prove useful in the future for using the My Account feature to manage your subscriptions: - My.Malwarebytes.com setup: https://support.malwarebytes.com/docs/DOC-2722 - Manage licenses for your account: https://support.malwarebytes.com/docs/DOC-1032 - Deactivate Malwarebytes license key: https://support.malwarebytes.com/docs/DOC-1037
  9. exile360

    Re-using premium license

    Greetings, You should be able to create an account by signing up at My.Malwarebytes.com following the instructions in this support article and then you should be able to deactivate your previous installations by following the instructions found in this support article using My.Malwarebytes.com. You can learn more about managing your subscriptions using My.Malwarebytes.com in this support article. Please let us know if that doesn't resolve the issue or if there is anything else we might assist you with. Thanks
  10. @LiquidTension, @AdvancedSetup can one of you please take a look? Some memory dumps of the crashing processes have been provided in post #6 above.
  11. Apparently some genius at Microsoft (likely at the prompting of someone from a third party hardware manufacturer who figured out this is how it should be a long time ago ) finally figured out that it might be a good idea to stop preventing basic, core, identical hardware drivers from installing on different devices just because some higher level software components and/or additional drivers/files may be specific to certain device types and OEMs (such as the driver software for notebooks which tend to focus on power saving features and avoiding thermal issues). For a long time, many hardware manufacturers (looking at you, AMD) would prevent their standard/generic drivers from installing on some platforms/devices, especially notebooks and tablets because they assumed that the OEM that built and sold the system would provide their own 'special' driver for the hardware. This is because, especially in laptops, tablets, all-in-ones and other non-desktop form factors, manufacturers will sometimes tweak the drivers they provide to customers to provide better battery life as well as down-clocking to prevent overheating. The trouble is, all too often OEMs don't often update their drivers, and when they do, it is often much less frequently than the original hardware component manufacturer meaning that, unless the end user is allowed to install the more up to date drivers from the component manufacturer (such as Intel, AMD or NVIDIA), they are likely to miss out on major feature updates and bugfixes, including BSOD fixes, performance enhancements, security/vulnerability patches and other important updates to the core driver components. It sounds reasonable in theory since it often is the case that an OEM will provide special drivers for the components shipped in their systems to customers to improve battery life and to optimize for the smaller, and often lower powered form factor for their non-desktop devices, however if you, like me, have ever actually taken a look at the base driver files being installed (not so much the "control" software or registry settings etc. that control things like power output, device sleep settings, low power modes, thermal throttling and device clock speeds/boost speeds etc.), they are completely identical so there is absolutely no reason that a person shouldn't be able to update these files using the drivers from the original component manufacturer's website using their much more up to date driver installation package. So now, with DCH, hardware creators will have the opportunity to provide base/core driver packages that just update the core driver components without altering any of the higher level settings that control things like low power modes, sleep modes, thermal throttling settings and clock speeds/boost speeds so that users can have the best of both worlds. All the benefits of the specially tuned/customized higher level settings/software provided by the system builder (the OEM) as well as the bugfixes, performance improvements and security/vulnerability patches provided by the individual component manufacturer who will often roll out driver updates much more frequently. I'm amazed that nobody thought to do this sooner, but at least it's here now, and hopefully hardware developers will adopt this standard quickly now that Microsoft has implemented it and is pushing for it. You can find out more about this feature on Microsoft's website here: https://docs.microsoft.com/en-us/windows-hardware/drivers/develop/getting-started-with-universal-drivers You can read Intel's announcement (where I originally found out about this new feature/initiative) here: https://www.intel.com/content/www/us/en/support/articles/000031572/programs/intel-corporation.html To tell you the truth, I've always installed the drivers from the individual component manufacturers rather than my system's OEM because of this issue since the OEM's drivers would invariably be out of date almost immediately and you were lucky if you got two updates for a component's driver throughout the entire lifetime of the device when new drivers would be released multiple times a year if not monthly from the individual components' manufacturers and because, even though I do use a laptop, I do not run it off the battery (unless the power goes out; I like the laptop form factor for use around the house but don't actually take my system anywhere outside my home so it's always plugged in just like a desktop and I've optimized the cooling solution by replacing the thermal paste and modding the internals of the laptop to improve the airflow and eliminate any issues related to heat, thus allowing me to run a stable overclock on my hardware components full-time without any thermal throttling issues whatsoever). This is one of the longest standing issues to create frustration and confusion for computer users and is one of the primary reasons so many users try these "driver updater" programs (which are generally PUPs and not recommended) and also why these types of programs will so often fail to detect/download/install the correct device drivers for a user's particular hardware components/system, because there are so many different versions available from so many sources. DHC should eliminate the need for these types of applications, enabling users to go to a single known good source for each individual component to update their core driver components (especially since the higher level/performance/tuning related stuff isn't likely to change much if at all in most cases).
  12. While this is true for most cases, it is not true for all. Early on I verified that some of these issues were indeed due to a conflict (or at least due to the presence of another security web filter driver like the Web Protection in Malwarebytes) because many users were able to resolve the issue by disabling the Avast web shield or the web protection in several other AV products (Avira, AVG, and ESET for certain, and there may be others) allowing them to keep all Malwarebytes modules enabled without any further issues/freezes. Again, this is not the case for all, and I realize that, but it is true that it is the case for at least some.
  13. Same here. So far all good with Ransomware Protection enabled again.
  14. Interesting, I guess Avast must have been having some kind of similar problem on their end around the same time as Malwarebytes. Thanks for the info. I guess it would be a good idea to check and see if users have Avast installed in the future once the fix for Malwarebytes rolls out officially to everyone if any similar issues crop up again.
  15. Someone else will have to do it for any OS older than 7 as Malwarebytes only officially supports Windows 7 and newer Windows versions now and won't be developing any new features for Vista or XP. They do still provide the last compatible version of Malwarebytes for those operating systems for download, but that's it.
  16. Good, at least it worked. I agree that this isn't an ideal solution or user experience. I'll bring it up again to the Product team and hopefully they'll make a change in an upcoming release to eliminate the need to remove/reinstall the software just to unregister it from the Security Center/Action Center.
  17. Well that's a bummer It was worth a try anyway. Hopefully the memory dumps and data that LiquidTension collected for the Developers will prove helpful. I'm sorry that we haven't been able to solve this problem so far.
  18. A new beta build was just released which includes fixes for issues related to protection, in particular Web Protection. That may be worth a try to see if it corrects the problem if you're willing to give it a shot. If so, it can be found here.
  19. Greetings, I did report this issue to the Product team however I do not know the status of a resolution for it in the product. In the meantime you should be able to perform a clean installation to remove Malwarebytes from the Windows Action Center: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Please let us know if that fails to resolve the issue and if there is anything else we might assist you with. Thanks
  20. exile360

    Windows 10 1809 and MBAM Premium

    OK, so just to make sure I understand, fast startup was enabled, you disabled it then restarted your PC and Malwarebytes still isn't showing the mbamtray.exe process in Task Manager, is that right? If that is the case, is the tray showing up I your taskbar/notification area near the system clock on system start? If so then it could just be a difference in how it functions/shows up in Windows 10 (I can't confirm as I'm on Windows 7 here) and as long as the tray is working then it should be fine. Thanks for the info on the email link. I will inform the forum team about the issue so that they may report it to our forum software provider that handles the forums and emails. Hopefully they'll be able to fix it at some point in a future update.
  21. exile360

    Feature Request: Dark Mode and other GUI stuff

    Do you know of a particular font that is preferred for dyslexic users?
  22. exile360

    Windows 10 1809 and MBAM Premium

    Yes, I believe it should also show the mbamtray.exe process unless I am mistaken, at least that's how it is in Windows 7. Since you're running Windows 10 it is likely that this is being caused by the fast startup feature which is enabled by default but is known to cause problems with Malwarebytes and other software. You can find out more, including how to see if it is enabled as well as how to disable it if you wish to here as well as here. Please let us know if that resolves the issue or not. Thanks
  23. Yes, I know. I wasn't saying that DEP was exclusive to Vista+, just that it was a built in function in the OS implemented by Microsoft just like ASLR.
  24. Good insight, I bet you're right. This also explains why, since 3.x was first released, that Vista and 7 (though especially 7, likely because so few stuck with Vista once 7 was released) have been plagued by performance issues, lockups and just overall bad behavior of MB3 under various conditions across several releases. It also explains why so many of those same issues did not seem to impact Windows 8/8.1 or Windows 10 in most cases. I've been watching these issues since 3.0 was first released and I've been keeping a close eye on them since I'm a Windows 7 user myself (with absolutely no intention of ever downgrading to Windows 10) and I kept wondering why it seemed that so often issues with Malwarebytes would be isolated to Windows 7. I'm sure it's not the only reason, but it would explain a lot considering how similar so many of the issues appear to be, with either the entire system or Malwarebytes itself locking up/freezing or just taking a long time to load or unload and delaying and/or freezing everything else in the process. I hope that the Developers keep this in mind going forward because I suspect this is not the only module to be impacted by this limitation in 7.
  25. exile360

    Forum Browsing

    You're welcome Yep, basically the way it works is it will remain bold as long as you have not viewed the most recent post/reply to a topic. Once you have read the most recent reply it will no longer be bold until there is a new reply from someone.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.