• Content count

  • Joined

  • Last visited

About lmacri

  • Rank
    Regular Member

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Location

Recent Profile Visitors

3,813 profile views
  1. Hi miekiemoes: I did as you suggested and ran a Custom full system scan today (malware database v2016.10.14.04) after restoring the registry entry, and you were correct - the scan was clean with no detections. Problem solved, and thank you for your assistance. MBAM Scan Log No Detections 14 Oct 2016.txt
  2. A MBAM v2.2.1 Threat Scan of 25-Sep-2016 (malware database: v2016.09.25.06) quarantined the following registry entry as Trojan.StartPage.E on my 32-bit Vista computer (see attached scan log): Registry Keys: 1 Trojan.StartPage.E, HKU\S-1-5-21-3086198521-800258848-3831315664-1001_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}, Quarantined, [9dbd96e06832d75fc6809466986c1fe1], I noticed that didero's 27-Sep-2016 thread Trojan.Startpage.E in this board reported a similar detection for a registry entry for ....\WOW6432NODE\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} on their Win 10 computer that was confirmed as a false positive. A Google search indicates this CLSID might be associated with the Internet Explorer browser, so I'm not sure if my Trojan.StartPage.E detection is also false positive or a real detection for a browser hijacker. Mozilla Firefox v49.0.1 is my default browser. ------------- 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * IE9 * NIS v22.8.0.50 * MBAM Premium v2.2.1.1043 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS MBAM Scan Log Trojan_StartPage_E 25 Sep 2016.txt
  3. Hi dougbthom: From Symantec employee Gayathri_R's 03-Oct-2016 post in FattiesGoneWild's thread Norton Security SDS definition error: "...Our engineering team has reviewed the need to alert customers about Malwarebytes and HitmanPro.Alert upon install, and after inspecting the latest versions, we have removed these blocking alerts in the latest patch." I tried Norton's AutoFix (Help | Get Support) after Norton's LiveUpdate ran this morning and confirmed that the warning to uninstall MBAM has been removed. ----------- 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  4. Hi dougbthom: For future reference, if you want to test for a conflict between Norton and MBAM you can go to Settings | Advanced Settings in MBAM Premium and disable Start Malwarebytes Anti-Malware with Windows and re-boot. This will prevent MBAM Premium's real-time protection from starting at boot-up and essentially turns MBAM Premium into an on-demand scanner like the free version of MBAM that you can still launch anytime you wish to run manual scans. If you find that Norton runs better with MBAM's real-time protection completely disabled you can selectively disable Malware Protection or Malicious Website Protection as shown below to see which real-time module is causing problems with Norton. ------------ 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  5. Hi dougbthom: Other Norton users have noticed the same issue since Symantec started rolling out the v22.8.0.50 product update on 26-Sep-2016. Norton v22.8 users are even being prompted to uninstall the free version of MBAM - see FattiesGoneWild's thread Norton Security SDS definition error in the Norton forum. Here's what I see when I run Norton's AutoFix (Help | Get Support), and Krusty13 reported in that thread that he is also being prompted to uninstall HitmanPro.Alert 3: Note that Norton users saw similar warnings in 2013 - see the old thread thread Warning NIS NOT compatible with Malwarebytes. That time it took over 9 pages (and 480 posts) of user comments before Symantec finally relented and removed this warning per Symantec employee Tony Weiss' 10-Jun-2013 post <here>. I'm currently monitoring FattiesGoneWild's thread and hope it doesn't take Symantec four months to respond to user complaints this time. ------------ 32-bit Vista Home Premium SP2 * Firefox v49.0.1 * NIS v22.8.0.50 * MBAM Premium v2.2.1
  6. Since this thread hasn't been locked yet, I'll just post another status update for Vista users. I was recently required to upgrade from NIS v21.7.0.11 to the latest NIS v22.7.0.76 to patch the vulnerabilities listed in Symantec's security advisory SYM16-010, and the Norton upgrade didn't solve my conflict with MBAM Premium's Malicious Web Protection (MWP). MBAM's MWP still prevents my NIS v22.7.0.76 background Automatic LiveUpdates from running to completion during system idles on my 32-bit Vista machine. This was a clean install of NIS v22.7.0.76. I uninstalled v21.7.0.11 from the Control Panel (selecting "Please remove all user data"), ran the Norton Removal Tool, installed v22.7.0.76 using the latest NIS offline installer from www.norton.com/latestnis, and ran multiple LiveUpdates to ensure v22.7.0.76 was fully patched. Adding mutual scan exclusions for NIS and MBAM executables as instructed <here> made no difference, so I've had to permanently disable MWP again. It's fine if forum mods want to lock this thread. The MBAM Help Desk already looked at my diagnostic logs and trace routes and concluded that a bug fix would be a low priority since this type of problem only occurs for a small number of users. ------------- 32-bit Vista Home Premium SP2 * Firefox v47.0.1 * NIS v. * MBAM Premium HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  7. Further to my previous post, I've decided to re-enable the Allow pages to choose their own fonts, instead of my selection above in my Firefox settings because Firefox's default Times New Roman font looks terrible on many other websites I visit that use a Serif font. The text at https://blog.malwarebytes.com/ is back to the washed-out font shown in Corrine's post # 15 but that's better than having several other websites defaulting to the wrong font.
  8. Hi Corrine: Thanks for raising this issue. I also use Firefox as my default browser and could barely read the text at https://blog.malwarebytes.com/. I disabled the setting at Tools | Options | Content | Fonts & Colors | Advanced | Allow pages to choose their own fonts, instead of my selection above and the text is much easier to read now.
  9. I was also told that free utilities like BlueScreenView and WhoCrashed don't have the ability to interpret all the symbols in crash dumps that allow you to look at functions further down the crash stack. The Windows debugging tool WinDbg can be configured to access the Microsoft symbol server (see the MS article Debugging with Symbols) and it looks like WhoCrashed Professional has at least some ability to perform kernel stack traces with symbol resolution that the free version doesn't have. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.2 * NIS v. * MBAM Premium 2.2.1
  10. Hi Kaiwen et al: Just a bit more info to clarify my last post <here> about BSODs reported in the Norton forum by users with Gigabyte motherboards. BSODs would only occur when the Norton AV was running a scan or performing a background idletime task. BSODs stopped when Norton was removed from their system. In most cases BlueScreenView or WhoCrashed would show a crash caused by Microsoft files ntoskrnl.exe (Windows NT Operating System Kernel) or hal.dll (Hardware Abstraction Layer), and not a Norton driver. Utilities like BlueScreenView and WhoCrashed are usefull tools but will only show the last driver loaded into memory before the crash. BlueScreenView would show that the Gigabyte driver gdrv.sys used by multiple Gigabyte utilities such as Fast Boot, EasyTune, Smart Backup, etc. was loaded into memory at the time of the crashes but did not indicate that any Gigabyte driver was involved in the crash. It required a full analysis of the crash dumps with the Windows Debugger Tool WinDbg to show that crashes were in fact caused by the EasyTuneEngine driver, and once the EasyTune utility was uninstalled and Norton was reinstalled the crashes stopped. The output from one of these WinDbg analyses is shown <here>. There are several BitDefender users posting WhoCrashed output in the BSOD, Crashes, Kernel Debugging board that show that mwac.sys (Malwarebytes Web Access Control) was the last driver to load before a BAD_POOL_CALLER BSODs. It certainly points to a mwac.sys conflict with BitDefender as the probable cause of the crashes but a proper analysis of your diagnostic logs and dump files might be required to isolate the exact cause of your crashes. Hopefully Maurice Naggar's above suggestion to create mutual file exclusions in BitDefender and MBAM will provide an easy workaround. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.2 * NIS v. * MBAM Premium 2.2.1
  11. Hi Kaiwen: Since you've declined to post the diagnostic logs requested by Maurice Naggar in your own thread <here> in the Malware Removal Help board, you might be interested in reading the November 2015 ESET support article Blue screen error (BSOD) on systems with ASUS/Gigabyte motherboards with chipsets H87/Z87 and H97/Z97: "AI Suite (ASUS) and APP Center (Gigabyte) applications use drivers that create memory-mapped I/O to access hardware ports in a non-standard way. If the memory is subsequently read by another process utilizing a Windows API function (for example, during a memory scan by ESET), it may have unpredictable results on the system and the system may crash...ESET is working closely with ASUS and Gigabyte to make sure this issue get resolved as quickly as possible." This support article specifically mentions the Z87 and Z97 chipsets but I wouldn't be surprised if drivers used by the applications that come with other Gigabyte/ASUS motherboards also have a similar issue. You should also read Phoenix365's thread Norton Security Blue Screen from Background Tasks, where analysis of dump files showed that BSODs on a computer with a Gigabyte GA-Z170X-UD5 "F4" BIOS were caused by a conflict with a Gigabyte utility called the EasyTuneEngine. Uninstalling the EasyTuneEngine utility solved the BSODs. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.2 * NIS v. * MBAM Premium 2.2.1
  12. Hi Chewie: I'm not sure if your problems are related, but daledoc1 reported in 2016.03.23.06 update issues: update doesn't finish that disabling checking for program updates (Settings | Updates | Check for program updates when checking for database updates | DISABLE) allowed database updates to run to completion. I'm not sure if a re-boot was required before the setting change took effect. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.1 * NIS v. * MBAM Premium 2.2.1
  13. Just reporting that updating to MBAM Premium v2.2.1.1043 didn't solved this conflict with my Norton Internet Security (NIS). After performing a clean install of v2.2.1, my Vista machine is still unable to connect to the Norton update servers and download background Pulse Updates or Automatic LiveUpdates when MBAM's Malicious Website Protection in enabled. Norton Updates Fail with MBAM v2.2.1 Malicious Website Protection Enabled: Norton Updates Succeed with MBAM v2.2.1 Malicious Website Protection Disabled: I opened a ticket with the Malwarebytes Support Desk on 10-Dec-2014, and it's unfortunate that it took them until 22-Sept-2015 to tell me that my problem would not be escalated to the software development team because "it looks like an issue specific to the 32-bit Vista operating system where MWAC (Malwarebytes Web Access Control) can act oddly on occasion." I realise that Microsoft is ending extended support for Vista on April 11, 2017. I am also aware that companies like Apple (iTunes) and Google (Chrome) have already announced that their products will continue to run on Vista but that they will no longer provide security updates or technical support for this OS. I only wish that Malwarebytes had been just as forthcoming back in 2014 so that I hadn't wasted countless hours running trace routes to Norton servers and submitting new diagnostic logs to their Support Desk every time a product update was released for MBAM or NIS. Please lock this thread, since I have no expectation that this conflict with my Norton antivirus will be addressed in a future MBAM release. ------------- 32-bit Vista Home Premium SP2 * Firefox v45.0.1 * NIS v. * MBAM Premium 2.2.1 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  14. Hi AdvancedSetup: Thanks for the offer, but are you seeing any obvious problems in the logs I attached in post # 3 of this thread that weren't present when you checked my system a few months ago in the Malware Removal Help board at https://forums.malwarebytes.org/index.php?/topic/171640-cant-run-windows-update-after-pupoptionalspigota-removal/?p=984449. The Addition.txt file I attached in that older thread also showed multiple Code Integrity errors for mwac.sys, and after you'd cleaned up some stray files and registry entries I confirmed that your tune-up hadn't solved the conflict with Norton background tasks and MBAM's Malicious Website Protection. I believe it was Albert Einstein who said, "Insanity is doing the same thing over and over and expecting a different result." I think it would make more sense for me to wait a few weeks and see how the upcoming MBAM v2.2.1 update behaves on my 32-bit Vista system before deciding how to proceed, unless you saw something that points to a serious problem in my latest set of logs. ------------- 32-bit Vista Home Premium SP2 * Firefox v44.0.1 * NIS v. * MBAM Premium v2.2.0.1024 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS
  15. Hi P1W: Thanks for the suggestion, but I provided multiple sets of diagnostic logs to the Customer Support Help Desk and also had my system checked for malware in the Malware Removal Help forum a few months ago to confirm that my system was clean, so I'm confident that my Norton conflict with Malicious Website Protection has nothing to do with a malware infection. Malwarebytes has also been very clear that bug fixes for Vista users are not a priority. For now I'll just disable my real-time protection and use MBAM sparingly as an on-demand scanner until the current spoofing vulnerability is patched in the upcoming v2.2.1 release. I'll continue monitor this forum and see if anyone else reports a problem with mbam.exe crashing when the Self-Protection module is enabled. If my problems still persist in v2.2.1 I'll reconsider opening another topic in the Malware Removal Help forum. ------------- 32-bit Vista Home Premium SP2 * Firefox v44.0 * NIS v. * MBAM Premium v2.2.0.1024 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS