Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. It is normal to be able to stop the service using Services.msc, but you shouldn't be able to kill it using Task Manager if self-protection is working.
  2. It shouldn't make too much difference and you can verify that it's working by trying to terminate any of Malwarebytes processes using Task Manager (you should get an error/access denied message box because of the self-protection driver blocking it).
  3. You may be correct. I will ask the Devs to find out if Malwarebytes is doing something similar on XP.
  4. Greetings, It's possible that the issue you're experiencing is similar to the one being discussed in this topic. If you would, please try each of the workarounds mentioned in this topic under the Known Workarounds section to see if that resolves it or not, particularly the second one involving reverting to an early build of the program. Please let us know how it goes. Thanks
  5. You must have written it with that disappearing ink
  6. Greetings, While it is very unlikely that you were infected with anything, just for your peace of mind I'd suggest going ahead and following the instructions in this topic and then creating a new topic including the requested logs and information in the malware removal area by clicking here and one of our malware removal specialists will assist you in checking your system for any threats and helping you to remove any that are discovered as soon as a specialist is available. Please let us know if there is anything else we might assist you with and we'll do our best to help. Thanks
  7. You're welcome, and please keep us posted on how it goes and let us know if you have any questions.
  8. It could also be that there's another issue with your system preventing it, possibly the same thing preventing the anti-exploit driver from loading though I'm really not sure.
  9. Greetings, It's likely due to the fact that the current version is no longer officially supported on Windows XP but I don't know for sure and don't have an XP system to test with at the moment unfortunately. This is a direct quote from the official Process Monitor page on Microsoft's website:
  10. It was a minor update to address an issue with licensing. You can find the details in this post.
  11. Greetings, It's possible that your browser has some kind of PUP (Potentially Unwanted Program) installed such as a plugin or extension causing Chrome to connect to unwanted sites. To check, please open Malwarebytes and click on the Scan Now button to allow it to scan your system, then have it remove anything it detects and allow it to restart your system if prompted to do so to complete the removal process. If the issue still persists or Malwarebytes didn't find anything then please run ADWCleaner and likewise have it scan your system and have it remove anything it detects, restarting your system if prompted to do so. Once that's done, if the problem still remains then please read and follow the instructions in this topic and then create a new topic in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking your system and browser for any threats and help you to remove them. Please let us know if there is anything else we might assist you with. Thanks
  12. You can also install the Malwarebytes browser extension if you use Chrome (or another Chromium based browser like SRWare Iron or Vivaldi) or Mozilla Firefox. It contains the same block database as the Web Protection component in Malwarebytes 3 and also includes some additional functions such as ad blocking, anti-phishing, clickbait site blocking as well as behavioral blocking for certain common threats like tech support scam sites and fake/PUP browser plugin sites. It's compatible with Malwarebytes 3 so once this issue is resolved you can continue using it. Its only limitation is that it only guards your browser rather than your entire system the way that Malwarebytes 3 does. You can find out more and download it at the following links: Chrome Firefox
  13. I believe the OP is asking if, since ASLR is a feature implemented starting in Windows Vista by Microsoft and didn't exist in Windows XP, is there any point to this setting/function in Malwarebytes Anti-Exploit when running on Windows XP, and I believe the answer is "no" since there is no system default ASLR to be enforced, at least if I am understanding Malwarebytes' implementation of this feature correctly in that I believe, just as with their DEP enforcement feature, it relies on the system's in-built functionality to work and simply augments/enforces the system's function as implemented by Microsoft in Windows. For reference: https://en.wikipedia.org/wiki/Address_space_layout_randomization#Microsoft_Windows
  14. I switched back to my previous configuration since I get less performance issues that way (not to mention faster startup and fewer/no errors) so I've got Web Protection on again, Ransomware Protection off and self-protection off (though I don't think that module is related to the issues, I just see no point in it since I don't expect to get infected).
  15. It most likely is pretty normal depending on what you're doing at the time since the various protection components will talk to the cloud while doing their work such as the Web Protection component while browsing and the Machine Learning/anomaly detection component I mentioned which will analyze any new/unknown process it doesn't recognize leveraging the cloud to determine if it's malicious and to help train the module/system further for improving its classification/detection capabilities.
  16. Aha, that explains it. Well done I guess Windows Defender turned itself on once the other AV was removed and must have enabled that feature (Malwarebytes can't touch Windows Defenders' settings, but Defender does sort of have a mind of its own, especially when it thinks its the only protection on the PC).
  17. OK, thanks. Have you tried disabling the other protection components individually to see if that makes a difference? If that doesn't help then you might try disabling the self-protection component by opening Malwarebytes and navigating to Settings>Protection and toggling the Enable self-protection module setting to Off under Startup Options as that could also be the issue. Please let us know how it goes in your testing, both for the protection components and for uninstalling. Thanks
  18. Awesome, I'm glad to hear it. Please let us know if there's anything else we can assist you with in the future. Thanks
  19. Awesome, thanks, I'm sure this info will prove useful Hopefully they'll be able to figure out what's causing this and get it fixed quickly.
  20. The closest thing (besides the add-ons/extensions/plugins David mentioned above, which are quite common (also beware of fake "Flash Player" updates and similar scams and only download known valid plugins/updates from their original sources) would be exploits, which are essentially malicious scripts that run inside web browsers and often attempt to exploit a known vulnerability within the browser or one of the legitimate plugins you might have installed (such as Flash Player, Adobe Reader, Java etc.), however the Exploit Protection in Malwarebytes Premium is very good at stopping these kinds of 'drive-by' attacks as they are often called because it does not rely on any sort of signatures and instead looks at exploit behavior to generically block any exploit attacks in their tracks before they can do any harm to your system (including preventing them from downloading and executing any files/installers etc.) and Malwarebytes is very good at detecting PUPs as well thanks to Malwarebytes' aggressive stance on PUPs, which is much more aggressive than most other security vendors. I would also recommend the Malwarebytes browser extension beta as it is very good at stopping online scams such as tech support scam sites and many of the common types of fake/PUP browser plugin sites that try to convince you to install browser extensions that you shouldn't by making them appear to be legitimate updates for things like Flash etc. as I mentioned before. The extension is free so you don't need to wait to afford it; you can install it right now and put it to work at helping to protect your system. You can find out more and download the Malwarebytes browser extension beta at the following links; it is available for both Google Chrome (as well as other Chromium based browsers such as SRWare Iron and Vivaldi) as well as Mozilla Firefox: Chrome Firefox
  21. He asked for a screenshot of Event Viewer but I don't believe you ever provided it, and besides, that tool I posted above will collect much more than just those particular events so it could be far more helpful diagnostically speaking. You can take your time and do it whenever you have a free moment. You don't need to interrupt anything important for this. I'm just trying to help get the problem figured out and solved.
  22. So after testing for a while with Web Protection disabled and Ransomware Protection disabled, here are my findings: Installed .NET monthly preview update, a def update for MSE and an update for Silverlight Rebooted and Malwarebytes took several minutes to start and prevented one of my system startup programs (Hotkey Control Center; a hardware control/overclocking app for Clevo laptops like mine) from starting I terminated Control Center via Task Manager and tried launching it again After around 30 seconds it finally launched at the same time the Malwarebytes tray icon showed up It looks like Malwarebytes was having trouble starting and was preventing Control Center from launching; this is an issue I've never encountered before today (not coincidentally I have Ransomware Protection enabled and Web Protection disabled where I usually have it the other way around with Ransomware disabled and Web Protection enabled) and experienced no issues whatsoever running the system with Malwarebytes configured that way. I also keep self-protection disabled though I don't know if that is related or not. I replicated the issue by shutting down and later starting my system again. This time I waited and after Control Center threw an error that the system needed to be restarted for it to run, I created dump files of its process as well as MBAMService.exe (mbamtray wasn't running yet) After waiting for a few minutes mbamtray finally loaded along with Control Center (again, simultaneously as before) with the tray icon showing up at the same time as the Control Center UI Dumps were too large for the forums so I've uploaded them here. I'm glad I didn't have to force the system to shut down, but obviously it's still not ideal. I also noticed that every time I'm shutting down the system MBAMService takes much longer when Ransomware Protection is enabled to shut down (I have verbose shutdown/logoff/logon messaging enabled so I see it taking longer than usual during the Malwarebytes service shutting down phase).
  23. Nope, not really. It just prints out the last few of them to one of its logs. The tool I posted above is much more comprehensive. It also may prove helpful to have Malwarebytes output its verbose logs when the issue is occurring to see if it reveals anything helpful. To enable it, open Malwarebytes and navigate to Settings>Application and toggle the option under Event Log Data to On then restart the system and wait for at least one crash to occur, then run the Malwarebytes Support Tool again to have it gather the logs then attach the archive to your next reply: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply I'm hoping that it will be able to log more details about what's going on with the service/drivers etc. when the crash is happening which might help the Devs in figuring out the cause and possibly help LiquidTension as well in troubleshooting further.
  24. OK, thanks. It might help to get some of the Event Viewer logs just in case there's one or more related issues happening as it might give them a clue as to what might be causing this so please do the following if you wouldn't mind; this tool will grab some of your most recent Event Viewer logs: Post Event Logs: Please download VEW by Vino Rosso from here and save it to your desktop Right-click the file and select Run as administrator and click Continue or Allow at the User Account Control Prompt. Click the check boxes next to Application and System located under Select log to query on the upper left Under Select type to list on the right, click the boxes next to Error, Warning, and Critical (not XP) Under Number or date of events select Number of events and type 20 in the box next to 1 to 20 and click Run Once it finishes it will display a log file in notepad Please copy and paste its entire contents into your next reply, or if you prefer you may save the text file to a convenient location and zip and attach it instead Thanks
  25. You're welcome Nope, since you disabled telemetry, the only kind of checking in it should do would be for licensing/subscription validation, database updates, product version updates/upgrades, and of course all the cloud/AI detection stuff I mentioned. If there's anything else we might assist you with please don't hesitate to ask. Thanks
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.