Jump to content

exile360

Experts
  • Content Count

    25,847
  • Joined

  • Last visited

Everything posted by exile360

  1. That's OK, they might be storing their data files somewhere else like under one of the local user data folders under C:\Users\<user name>\Application Data. You can try to locate it to exclude but the main thing is excluding its primary program folder which you already did. As for the support tool, it can take a while to run sometimes. It has to download FRST and run that (you'll likely see an icon in your system tray while it's running/scanning to create the logs) and it should finish after a few minutes unless something is preventing it from working properly.
  2. That's correct, the issue with the errors in Event Viewer from Malwarebytes during shutdown occurred in the last version as the result of a bug that was actually fixed in build 508 that was related to the self-protection driver and/or MBAMService.
  3. No worries, if your hypothesis is correct about it not scanning then chances are that if they do address it, they'll likely build it with the same kind of heuristics that most of their other scanning components use meaning it will be likely to catch a lot of undesirable items and they've already got a pretty good collection of known malicious sites, ad servers and other undesirable websites thanks to the Web Protection component, the hpHosts database as well as the new browser extension beta (which you might try by the way if you haven't already, as it may block these, but even if not, it will still add a lot of protection to your browser). You can check out the Malwarebytes browser extension beta here: Chrome Firefox
  4. Greetings, I'm honestly not certain if it does or not, though I do know that it does scan Chrome's preferences for malicious plugins/extensions and the like. I'll have to check with the team to see if it checks the notifications/allowed list or not and will request that it be added if possible if it turns out that it does not. If you have any further suggestions please don't hesitate to let us know. Thanks
  5. Thanks for the additional info and links guys. I will be sure to report them to the staff for you so that the Devs are made aware. I hope these issues are resolved soon, I'm anxious for all the bugs to get squashed.
  6. OK, please run the support tool again and use the repair option to see if that corrects it, if not, then please run it once more and collect a fresh set of logs and attach the resulting ZIP file so that we may take a look at what's going on. Thanks
  7. Greetings, It's most likely the Ransomware Protection component causing this issue, so if you disable that for the time being that should alleviate the problem. The other workaround would be to revert to the last build of Malwarebytes until they get this issue fixed. As for why they are requesting logs, it is because the Developers are still working on this issue and attempting to track down the exact cause, so the more data they get from affected users the better, however if you do not wish to provide any logs/data then of course you don't have to and you can just wait for the fixed version to be released. Instructions on implementing each of the workarounds I mentioned can be found near the top of this pinned topic. As for why they released the build like this, unfortunately even though they did perform extensive testing via their QA team, including testing on every OS which is currently supported (including Windows 7; both x64 and x86), they didn't experience any of these issues during their testing and only became aware of it once reports from users started coming in and they realized that the typical fixes for issues weren't working, thus indicating that it was a bug in the software and they have been attempting to locate and fix the bug ever since and plan to have it fixed in the next release, though I do not know of any ETA on when it will become available because of course they must first fix the issues, then test the build, and then finally release it, but I'm hoping that it will be soon of course, as I'm sure everyone affected by these issues is.
  8. Interesting, I've got the update but not the issues (though I don't use any network shares as I have all such functions disabled and/or crippled on my own system for security reasons). Hopefully they get it fixed for the sake of those users who are affected soon though. Looks like Windows 10 users aren't the only ones feeling the pain of poorly implemented patches these days .
  9. Sure, no problem, thanks for the information. Hopefully it won't be necessary though and you just won't get infected again, at least I hope that's how it will be, because we definitely don't want you (or anyone else) getting infected with anything.
  10. Greetings, I suspect this may be caused by a conflict with the latest version of Malwarebytes and AVG. If you disable the web shield/web protection component in AVG, does that resolve the issue? If so, then you may try creating exclusions in each program for the other to see if that helps, otherwise you'll likely have to wait for this issue to be resolved in a future version of Malwarebytes and/or AVG (I believe it's an issue specific to Malwarebytes' code, however I do not no for certain that this is the case). The items to exclude in AVG for Malwarebytes are listed in this support article and I'd suggest excluding AVG's program folder from Malwarebytes as well as its data folder which is likely located under C:\ProgramData along with any of AVG's driver files which should be located under C:\Windows\System32\drivers (only exclude the individual AVG drivers, not the entire folder as doing so would put your system at serious risk since actual malware infections will often install malicious drivers such as rootkits among others). Please let us know how it goes and if the issue is resolved. Thanks
  11. Just FYI, I did successfully confirm the freeze issue on my own system yesterday. I was streaming a video on Netflix at the time with a few browser windows open so not a lot of resource usage or anything particularly unique (I'd been streaming stuff on Netflix for several hours before the freeze occurred, then suddenly it rendered my system unusable starting with the browser and progressing until only the mouse would move). It definitely isn't the Spectre mitigation since I don't have any (no microcode updates for my system since I'm running Windows 7 and I haven't received an updated BIOS from my system vendor).
  12. I did see where a member of Support posted recently that at least some (though hopefully all) of the current known issues would be addressed in the upcoming 3.7 version, however he didn't have an ETA on when it would be available. As for MSE, I haven't heard of any freezes/issues with it and Malwarebytes. I'm running the two of them together here and the only freezes I've had were when I had Ransomware Protection enabled (which I normally keep disabled for performance reasons, though typically it doesn't cause any freezes/issues, although it appears it does for the latest version of Malwarebytes); I assume you guys would be able to alleviate your issues by doing the same (keeping Ransomware Protection disabled and leaving the other protection modules in Malwarebytes active). I also don't think it's an issue with MSE and that its presence is just a coincidence because several users who weren't running MSE have reported the same problems (slow performance, lag/hanging during shutdown, occasional or frequent system lockups/freezes) on Windows 7 x64 (though the 32 bit version may be susceptible as well, I'm not sure). It may accelerate it some how as you suggested where it happens less frequently when MSE is disabled, but that could just be because the Ransomware Protection component is less 'busy' when it is disabled and therefore doesn't cause the issue as quickly or frequently. Honestly, I keep Ransomware Protection disabled anyway as it's by far the least proactive protection component in Malwarebytes and also the most resource intensive since it monitors all processes/threads in memory for ransomware behavior and only looks for threats that are already present/active on the system, and since virtually all ransomware attacks begin with other attack vectors (mostly exploits) to infect systems in the first place, the other more proactive modules should detect and stop any such threats before the attack gets to that final stage of downloading and executing any ransomware on the system. I'm not saying that you should just accept that and be content with it disabled forever going forward, only that if you did decide to do so, at least until this issue is resolved, I don't believe you'd really be missing out on much in the way of protection.
  13. No worries, you don't need to replicate the issue again. Just getting the logs from your system helps I'm sure, as they just want to try and narrow down the environmental factors/software and hardware configurations where the issue occurs as that will hopefully aid the Developers in tracking down the source of the problem in the code.
  14. What response from MB? I don't work for Malwarebytes in case you hadn't noticed, and I guess you don't know much about automated spam filters and the kinds of activities they tend to flag because that's what I'm talking about there. I know because back when I did work for Malwarebytes years ago, our newsletter got flagged by several email providers as spam even though every user who received it had signed up for it and the company had never been flagged before that so it was all about the numbers. Either way it doesn't matter because we both agree that informing more people would have been better and is something we'd both like to see going forward; we just disagree on the method. I'm saying email wouldn't be enough and might not work, you seem to be saying their website/forums aren't enough and they should have used email. Either way they're still here working with users trying to find the cause and fix it. As for Malwarebytes' official response, all they've been doing is gathering info and trying to help affected users and publishing info in FAQs etc. I haven't checked their social media channels, but they might have posted about it there too (they sometimes do when an issue comes up, but it probably depends on how many users are impacted, though that's just my guess). Again, it's not isolated to any one (or even multiple) AV, though it is known to be caused in some cases by a conflict with certain AVs (I know this because I've had users with this issue who had one of the aforementioned AVs and once they disabled the web protection component in the AV, the issue went away), and yes, there are a wide variety of system hardware configurations, but again, it's not consistent. I don't know of any single common cause for this issue so far. I'm running Windows 7 x64 myself and have yet to experience this issue, though I was able to replicate one of the freezing issues caused by the Ransomware Protection component (which I normally keep disabled, so I wasn't aware of it until I turned it on to test). Web Protection hasn't caused me any issues so far, but why that is we still don't know. My guess is there are multiple triggers for it and that I just so happen to be running a configuration where none of those triggers are present.
  15. No, there's no need for a new topic, I just meant in the future if any other issue comes up. The fact that this topic is so old is why the outdated version of the tool is linked to in the posts above, because they pre-date the latest support tool. LiquidTension will take care of you and should be able to help you resolve or at least work around the issue you're having with the software. As for the other issue you mentioned, all those instances, that's a new one on me. Maybe somehow a scheduled task ran away or something executing tons of instances into memory trying to initiate an update or scan, but it's definitely a unique one to me as I don't recall ever hearing about an issue like that with Malwarebytes before. Whatever caused it, hopefully it was a one-off and won't happen again, but yes, definitely report it if it does happen again.
  16. That's not what I'm saying. I'm just saying email isn't the way to go. A public posting on their website or a message/notification in the product would be much more effective. Word spreads, especially in the tech scene, and no one is trying to hide anything (they wouldn't have created FAQs about this stuff if they were trying to hide it, and certainly wouldn't be addressing the issues and assisting users in public if they were; they'd force everyone to contact them on the helpdesk to keep it private in email).
  17. This topic is from 2017; in the future I'd recommend creating a new topic of your own, even if it seems like the same issue because often times completely different issues/circumstances can cause seemingly identical symptoms/problems, especially since there have been many Malwarebytes versions released since this topic was created over a year ago. I understand you were just expressing the fact that you seem to be dealing with the same issue and seeking help, but unfortunately the solutions for each may be very different. Normally an automated reply would respond asking for logs using the correct/latest version of the support tool, however it only replies when you create a new topic in this area, so because you responded to another user's thread, the bot did not reply to you.
  18. I doubt they could ever do that without setting off just about every spam filter on Earth due to the sheer number of users/customers they have, not to mention the fact that Malwarebytes doesn't collect the email address of every user of the Premium version (i.e. trials, not to mention licenses purchased through third party resellers as well as retail boxed versions which only require a valid license key and never prompt for registration via email), so while that certainly would have kept the customers who purchased the software direct from the Malwarebytes website informed, none of the other users would have received the notification/email, and again, I'm sure attempting to do so would have set off spam filters everywhere because mail servers are way more strict about that sort of thing these days (i.e. sending out too many duplicate messages to too many users at the same time). I'm not saying they've handled everything perfectly; I just don't think email would be the solution, especially since a lot of people seldom check the email addresses they use when purchasing software as they'll often keep a separate address for that sort of thing (signing up for websites, registering software etc.) with a different address for actual personal communication which they check much more regularly, that way they cut down on the amount of spam/advertising emails/promotions and such that show up in their personal inboxes.
  19. There is a conflict with Avast, however that is not the only cause for this issue (as I mentioned, there are currently multiple AV conflicts with build 508 of Malwarebytes) and it is indeed happening on some systems where no third party AV is installed. So basically it's the same symptoms with multiple causes which may or may not be the result of the same change to the code in the Web Protection component in build 508 (i.e. there may be multiple causes/changes in the code resulting in different issues which need to be tracked down and fixed, but only the Developers can know that for certain). Whether it is caused by specific hardware/drivers is also currently unknown at this time, but that is one area they are exploring, collecting info on network adapters from affected users.
  20. One of my all time favorites from way back in 1991, long before "Nu-Metal" or any of the other Hip Hop/Metal blends/genres emerged on the scene, Public Enemy and Anthrax were getting down and dropping Thrash Metal with a Hip Hop beat and hardcore lyrics to match: Bring the Noise, 'nuff said!
  21. Yes, and while I know this isn't always the cause (sometimes the issue is caused by the Ransomware Protection component, and sometimes it's not a conflict with an AV at all), we have seen many reports where that indeed was the case, particularly with Avast, Bitdefender and ESET and I've also seen some reports about similar issues with AVG, Avira and Kaspersky with the latest Malwarebytes release.
  22. The program folder for your AV (generally under Program Files or Program Files (x86)) as well as the data folder for your AV, usually under C:\ProgramData should be excluded from Malwarebytes. You may also exclude any drivers etc. that belong to your AV from Malwarebytes, for example the driver files stored under C:\Windows\System32\drivers that belong to your AV (don't exclude the entire folder, just the individual driver files belonging to your AV) which can be determined using a tool such as MS Sysinternals Autoruns (under the Drivers tab; it should list your AV vendor as the company name/in the description column).
  23. Interesting, I wonder if this has anything to do with the kind of vulnerability that plagued SMBv1 (the EternalBlue exploit employed in the original WannaCry/WannaCrypt0r attacks/epidemic)? I disable all the sharing/remote stuff on my systems so if it broke anything with that I would not have noticed, so thanks for the info as I'm sure there are plenty of users who do use this functionality, especially for local shared network storage setups.
  24. Nice, it looks like Malwarebytes blocked the server hosting the malware. I love it when that happens With regards to the types of threats you've been facing, can you provide any more details so I can check into how Malwarebytes is doing and give the Researchers a poke if needed to point them in the right direction? I would like to make sure that they stay on top of whatever it is you've been dealing with to ensure you and other users have the best protection possible. You mentioned that the threat overwrites the boot sector, which definitely sounds like a nasty MBR/VBR rootkit, and if it's coming through your games then it's probably some kind of Trojan or file-less malware (like some malicious shell code or Powershell script etc.), but I don't want to make assumptions so if you have any info at all about the threats you've been seeing please let us know because I know there are a lot of different threats and attack vectors out there these days (usually employing some kind of exploit).
  25. I do believe there's an issue with Avast's Web Protection conflicting with the Web Protection in the latest build of Malwarebytes 3 so it's possible that if you disable the web shield in Avast or the Web Protection in Malwarebytes that you'd be able to eliminate the issue until it is fixed.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.