Jump to content

Zemana Antilogger - can't create MBAM rules.

Recommended Posts

I am running Zemana AntiLogger under license along with MBAM Free in Windows XP Pro SP3.

I have been using MBAM Free for quite some time and ZAL since August. Since the former was run only occasionally, I never evoked the creation of a permanent rule for mbamswissarmy.sys and mbam.exe. However, in my recent decision to consider the purchase of MBAM Full, the last time I ran a Free scan I decided to check the ZAL Create rule option...

I have observed that rules for MalwareBytes Free are not created (the events don't even show up in the log). I made several attempts to do so on my production system. I have a laptop that is also running WinXP Pro SP3 where I installed a trial AntiLogger, created several rules and then cleared the logs. I then ran MBAM where I duplicated the issue observed on my production system. Please see the composite of screen shots; clearly I allowed two create rules and neither showed up in the Rules List or Logs record. As you can also see, I have no problems with rule creation for other apps.

I was able to try a friend's computer which has no similarity to mine but that it's running WinXP Pro SP3. (A few weeks ago I installed MBAM Free 1.42 for her.). I downloaded and installed the trial ZAL and observed the same exact issue I experience on my own two computers - no rules or logs for the two alerts. I upgraded her MBAM to 1.43; no difference.

Zemana's Web site vouches for AntiLogger compatibility with Malwarebytes and I detailed my issue for their support. The response was they could not duplicate it.

My concern is particularly with respect to MBAM's realtime protection. While interacting with ZAL every time an on-demand scan is evoked every so often is merely an inconvenience, such behavior for realtime is not acceptable.

Unless a realtime event would not evoke the Type 12 and 7 alerts as does the on-demand function.

Any thoughts? Insights? Thank you.


Link to post
Share on other sites

As a sidebar, when I registered and boosted MBAM Free to Full, ZAL alerted for allow/block for mbamservices.exe and mbamgui.exe. I allowed and selected Create rule. Still no rules or log entries; same as the Free issue related in my previous post.

However, a third alert was evoked for IP FILTER DRIVER, services.exe (ipfltdrv.sys) which I allowed & create rule. Result? Rule created, event logged. But that's straight out of \system32\drivers\ via Microsoft.

So still no cigar for ZAL and MBAM, Free or Full.


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.