Jump to content

MJL

Members
  • Content Count

    23
  • Joined

  • Last visited

About MJL

  • Rank
    New Member
  1. I supplied @LiquidTension with additional details on this problem. After some back and forth he had be try a beta version of MWB which appeared to solve the memory leak problem. I am now running the latest release version of MWB 4.1.0.56 with Update package version 1.0.25262 and component package version 1.0.931 and everything seems to be working fine. After running further tests on my network I noticed that there was an almost constant exchange of messages between my PC and an HP printer on my network. This exchange consisted of the same sequence of messages over and over including the printer sending a TCP out of order response and the PC responding with a TCP Dup Ack It was my belief that sending the Dup Ack corresponded to an unfreed alloc so that memory was being chewed up pretty quickly. Turning the printer off then restarting it solved the problem of the chatter and hence the memory usage. I'm assuming that a fix was added to the Web protection module to address this too.
  2. Thanks for the response. I guess that even though they are using the same API Web Protection is actually checking the requests prior to the Firewall itself. No unwanted connection requests are getting through to the VPN server which is the behaviour I want. MWB stops known malicious sites from geting through and the firewall stops any others which aren't flagged as malicious. So all is good. Mike
  3. I have a PC running Windows 10 Pro 1909 and MWB Premium 4.1.0.56 Update Package Version 1.0.23404 and Component package version 1.0.889 I have a VPN Server App installed on the PC and have a port forward rule in my router to forward incoming requests on port 443 to my PC. Of course this opens up all sorts of attempts to get into the system but since the clients that are validly connecting come from a small number of know IP addresses I have modified the firewall rule on the PC to only pass through requests from specific IP addresses and to drop all others. This works and stops my vpn server log from filling up with invalid connection requests. This has been working as expected but since 4/42020 I have started to see blocked website entries in MWB all Inbound for my vpn server app. The fact that MWB stops these is great but I would have thought they would have been blocked already. I'm assuming that the Real Time Protection module that is catching these Inbound requests is inserted in the network stack prior to the Windows firewall. Can you confirm that for me, otherwise something is not working in the firewall rules. Even though I've been running MWB on this system for quite a while, it is only since 4/4 (round about the time Component Update 1.0.867 was rolled out) that I have seen these messages in MWB so something certainly improved. Good work. Thanks Mike
  4. I have responded to your message and supplied requested information Mike
  5. I set the system up for clean boot about 2 3/4 hours ago. The only non MS Service running is MWB with Web Protection enabled. Memory usage is already higher than it was with Web Protection disabled and looking at poolmon out put the mwac.sys driver's non-paged pool allocation continues to grow in 992 byte chunks. There is a slight difference in behaviour as very occasionally (5 times in 2 3/4 hours there are 4 "frees" executed) but overall the non-paged pool continues to grow. Are there any other tests you would like me to run? Mike
  6. It has been more than 6 hours since I restarted the PC and disabled web protection. Everything seems to be normal. Memory usage has not increased at all. let me know if you still want me to run the clean boot test on Thursday. I assume you want that test running with Web Protection enabled. Mike
  7. Sorry forgot to respond to the last part. I'm still away from home (it's my grandsons 2nd birthday today) and will not have a chance to do the clean boot test until Thursday when I am home. Mike
  8. Thank you for the follow up. The answers to your questions are as follows 1. I have not tried disabling Web Protection to see if the problem still exists. I will do that and report back later today. 2. I first starting noticing this late last week. I upgraded to the 4.1 to see if that would help but it did not. I have been using Malwarebytes Premium for years and have not had any problems. This however is a relatively new PC (Dec 2019). It was not exhibiting this behaviour until last week. This PC is using an AMD CPU all my others use Intel. 3. I haven't made any major changes lately except for the fact that I downloaded and installed the Brave browser to play around with it. I have installed that same browser on other PC's running Windows 10 Pro and MWB Premium without issue. 4. It's very consistent. On Sunday I restarted it around 10 am before leaving to drive to my son's house. So the PC was doing nothing all day Sunday and all day Monday. At some point on Monday it froze and I had my daughter restart it last night around 8 pm. This morning I logged in remotely and the memory usage was already up to 78%. I turned off MWB and restarted the PC , I just checked and it has been running smoothly at around 12% CPU and 152MB non-paged pool memory. 5. There is currently no network filtering active on the PC and no VPN is active. My home network is however protected with an Untangle NG-Firewall which provides web filtering, however the same filtering rules are applied to all PC's on my LAN and all the other PC's (all running MWB Premium) are behaving normally. i have logged in remotely again and restarted MWB and turned off Web Protection. I'll check back in a few hours and let you know if that changes anything. Mike
  9. Just wondering if anyone on the Malwarebytes staff has had a chance to look at this. I'm away from home but restarted the PC around 10 am yesterday. My daughter just checked it for me and the monitor is just blank. She had to power the PC off and on again to restart it. Thanks Mike
  10. Thanks Maurice. I've used Process Explorer before but just didn't in this case. An update since yesterday. It's been about 19 hours since I rebooted the PC. The memory for the non-paged pool is now 11.5GB. The PC was left running overnight with just poolmon and the Task Manager running. I'm attaching another screenshot of poolmon. Mike
  11. A couple of days ago I noticed that my computer was running very slowly, taking much longer to start apps and load websites. I took a look at statistics in Task Manager and saw that the Malwarebytes Service was using the most memory but it didn't look excessive. I had not yet updated this PC to 4.1.0 so I decided to do that and hoped the problem would go away. Unfortunately the problem still persists. I'm assuming that it is MWB causing the problem, if I'm wrong I apologise in advance. Task Manager showed that there were many GB of memory being used in the non-paged pool. I ran poolmon.exe and the driver that seemed to be using a lot of memory was listed with the tag FLTT. Using fndstr the only hit I got for a driver with that tag was mwac.sys which I believe is part of MWB. I don't have the details of the poolmon when the system was really slow as I rebooted it about 7 hours ago. The non-paged pool is already at 3.9B and growing. I'm attaching the logs and a screen shot from poolmon. Can you confirm for me that it is mwac.sys thatis using the FLTT tag? Mike mbst-grab-results.zip
  12. In April of 2015 I purchased a Malwarebytes Premium subscription for 3 PC's. The charge was $24.95. I have renewed the subscription each year since then always being invoiced at that same price. I just went to the Malwarebytes website to see how much it would cost for another subscription for 3 additional computers and see that the charge is $39.99 for EACH PC. Is that true, has the cost gone up that much in 3 years? $119.97 versus $24.95. Thanks Mike
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.