Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. We were facing an issue of phishing and unwanted folder upload from server side. We have fixed this issue by replace this website to different server and uploading clean copy of website files. Please check once and remove this website from the phishing and malicious content category. Thanks Srinivasa HK
  3. Today
  4. exile360

    Can't enable Ransomware Protection

    Greetings, It sounds like you were able to sort things out on your own, well done If this issue returns or if you have any other problems please let us know, and if you can't provide the logs from the Support Tool if needed, please let us know that as well and we'll figure out another way to try and diagnose the issue.
  5. exile360

    Windows 1809 system tray icons

    You're welcome Yes, Microsoft enables it by default but there's no information/notification about it without digging into your settings so you'd never know it unless you already knew about the feature. Yep, it's bad for SSD's (potentially at least) and with a fast SSD you really don't need it anyway more than likely, plus it can cause a lot of issues with other software and hardware (instability, failed startups, drivers not loading properly etc.) so I'm definitely not a fan of this feature. I applaud their efforts to try and speed things up and I understand why they'd want to in order to provide more of a light switch on/off type of experience for their customers, but if it comes at the potential cost of system stability, it's really not worth it in my opinion. Please let us know if the issue returns or if there is anything else we might assist you with. Thanks
  6. Probably can't do that; what if they're using some other antivirus/anti-malware software that conflicts with it and has deliberately disabled it? Adblock Plus and other ad blockers already have this capability, and there are plenty of free third party extensions and lists that provide this functionality; also, since ADWCleaner is a remediation-only tool, not a protection/prevention product, it wouldn't make much sense for it, at least in my opinion Again, outside the purview of ADWCleaner; it's just a remediation tool, nothing more This might be a good idea, but not for ADWCleaner (refer to 2 and 3 above) so maybe for Malwarebytes? Modern systems very seldom (if ever) run low enough on RAM to ever page anything to disk/the paging file, and contrary to what some may believe, unused memory is wasted memory. Please refer to this article, this article, this article, this article, and this article. In a nutshell, when people complain about apps consuming too much RAM (especially when they still have several GB free/not in use by anything at all) it only reveals how little they understand computers and software. Again, please refer to 2, 3 and 4 above; besides, ADWCleaner strictly uses signatures and heuristics for detections so any behavior monitoring would serve no purpose for it, though this sort of thing could be useful for a rollback tool (such as the one included with some of Malwarebytes' business products, however it already has this functionality as I understand it) While this is true, that's really the purpose of Malwarebytes Premium and promoting some unknown third party resource in an official Malwarebytes product isn't going to happen I'm pretty sure. Why? It's a remediation scanner. There's nothing wrong with performance optimizations like multi-threading etc., but you can only optimize the code so much before you reach the point of seriously diminishing returns, and going this far would not only dramatically increase the risk of conflicts and instability, but would be a serious sinkhole of dev effort that likely wouldn't be worth it just for a scanner that as it is only takes a few minutes to run on most systems (especially since so many now have SSD's). Also, actual bad RAM is an extreme rarity these days. It used to be a lot more common years ago, but modern RAM is mass produced on such a large scale with only like 3 actual RAM chip manufacturers (Samsung, Micron and Hynix) and they're very good at what they do as they've been doing it for so long and their processes are so mature, and they do extensive testing on their modules (especially DDR4 thanks to tech like XMP for Intel boards/CPUs and the equivalent AMP profiles for AMD boards/CPUs) that arbitrarily testing a user's RAM probably wouldn't serve any real purpose. This is also a task for a diagnostics tool, not a basic PUP/adware scanner/remediation tool, again, at least in my opinion (the Techbench program would be a better place for this I think, as it is targeted specifically at PC repair techs). Not sure that this belongs in a basic/narrow focus tool like ADWCleaner; probably more suited to Malwarebytes, and even then, only if such methods are actually being used by the bad guys, otherwise a tool like FRST or ComboFix would be a better place for this. I don't know, but I suspect it has a pretty small set of dependencies as it is, as it's already quite portable and I believe much of its internal structure is essentially scripts, though that's based on what I know of much older versions (prior to Malwarebytes' acquisition of the tool) so that may have changed, but I think Malwarebytes being cross-platform (which it essentially is, with versions for Mac and mobile platforms already) would be the place for requests like this, especially since they've already stated that they plan to discontinue this tool eventually once its capabilities have been fully integrated into Malwarebytes (that's also a big reason not to invest too much time/effort/cost in developing new major features for it etc.) 50/50 on this one. Every program that has a splash screen gets complaints about/requests from users to disable/remove it because they think it wastes resources that could better be used to get the program loaded faster. I don't care much either way, though I'm not really the biggest fan of them either as I see little use in them (and I can always check Task Manager to determine if a program is running/loading etc. anyway if I really want to). Again, protection/prevention is beyond the scope of this tool. As above; not a protection/prevention tool/product. Same as before; this tool is for one-time cleanups, not advanced prevention/diagnostics etc., and it would seriously cannibalize the business products to include such a feature in a free end user tool. Probably not; refer to comments about the limited shelf-life of this tool/its planned integration into Malwarebytes Don't know about colorblindness, I think it's already pretty good in this regard, but improved DPI scaling would be good for accessibility. I could go either way on this one. While I see the advantages, it's another one of those "nice to haves" that might not be worth the effort, especially if this tool isn't going to be around much longer. As long as they display On/Off I see little value in this. Why? I'm not opposed to using a PNG (actually, I think they already are, though I may be mistaken), but I'd only want these changes if they required minimum effort, again, due to the likely short-term lifespan of this tool. This tool is relied upon by forum helpers throughout the world too frequently to switch from a basic text formatted log that can easily be copy/pasted/read on forums so I'd advise against this. No need for auto-updating documentation since users are required to download an entirely new copy whenever a new build is published given the fact that it's a standalone and virtually portable tool. Not sure about this one since again, forums, and many helpers like the logs just copy/pasted into replies, not zipped/attached and it's not like they take up all that much space anyway, nor is space at a premium these days given the ever dropping cost of SSD's per GB and increasing sizes available. Nah, it's used outside Malwarebytes too much for this to be of much value. Before Malwarebytes acquired it, it was and remains a very popular tool on help forums as I mentioned previously. See my thoughts above regarding drive space, free RAM and I'll also add that generally speaking, internet speeds are also quite fast these days and getting faster (fibre, 5G etc.) Totally not worth it in my opinion for such a basic, fast tool that's specialized to detecting PUPs/adware on Windows (only 1 Researcher/Developer as far as I know also) and the gains would definitely not be worth the effort (hardly anyone would notice any performance boost from it, especially given its quite basic functionality which is way more disk speed limited than anything else, not CPU/architecture/memory limited), and again, a lot of work for such a short-term tool. It doesn't install; it just extracts a few things and runs, using static storage locations for convenience more than anything, and it does work offline as it includes a full set of databases (though obviously it's always best to update when possible to get the latest/best detection capabilities). All connections should be encrypted as I understand it. Anything beyond that would likely not be worth the effort. What update packages? It downloads signatures, that's it, otherwise if a new version is available then the user needs to download that instead (an entirely new copy of the tool), but if they just downloaded it then they should already have the latest one. This isn't a tool designed to keep around on a system constantly; it's a portable, disposable tool to detect/remove PUPs/adware. A security vendor exploiting/violating UAC or any other OS level security is a bad look and a poor practice. We're the good guys, not the bad guys so probably not gonna happen. And again, standalone/portable/disposable tool, not a long-term tool to keep around and run every day. Probably counterproductive since I suspect it uses a deliberate order that tracks with certain heuristics functions and signatures built into the tool (lots of "if a=n then b" type stuff I suspect), and again, it's pretty fast as it is. It's already pretty widely known so not much use in this, plus it probably doesn't meet MS' requirements for going up on the Windows Store nor would it be worth the efforts to make it so. Also, Malwarebytes is a company, they don't accept donations. If someone wishes to support them/their efforts financially they can purchase a license for one of the products, such as Malwarebytes Premium. Probably not necessary, especially since any adware likely to be blocking this tool would need MBAR to detect/remove the rootkit components first anyway (SmartService Yelloader etc.) and there are ways to use Chameleon to protect other tools... What for? ADWCleaner is a really specialized tool primarily designed to target active/installed PUPs/adware, not a full AV scanner that needs to scan every drive/folder on the system (that's why there's no option to select where to scan). Not useful since ADWCleaner itself is newer than the operating systems and threats the pre-date it's current supported technologies (no signatures for really old PUPs/adware); I'd recommend an old copy of Spybot S&D and/or Ad-Aware SE for such systems/threats which actually did exist back then. ? Way beyond the scope of this tool. Some of this would be good for (and is already integrated into) Techbench. Probably doesn't happen frequently enough for it to be worth it, but for Malwarebytes maybe (assuming those types of issues are still at all common in that product, which I don't believe they are these days). Again, not a protection tool. hpHosts is freely available for anyone who wishes to use it, plus I'm sure many users would be upset if ADWCleaner started editing their HOSTS files/blocking sites without their consent or knowledge all of the sudden when they run it.
  7. Hornsj2

    Is my computer ok?

    I am not authorized to help you with anything. That being said if you got an email telling you to pay bitcoins for some hack ignore it and make sure you don't reuse any passwords across sites. Never pay or respond to these emails.
  8. Thank you for your response exile, I disabled the fast startup, I'll let you know if the problem comes back. Thank you for showing me this option, I did not know. In addition it seems that the fast startup is bad for the SSD.
  9. I finally got it. Thanks >) now if we can catch this intruder
  10. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  11. Experiencing a hard freeze on two of my systems after the 1.0.58. These are a hard freeze with the mouse, keyboard and desktop screen froze. Requires pressing the power button to shut down. Problem does not correct itself if let to wait it out. The latest system was my laptop which has had two hard freezes and one soft freeze. With the soft freeze the keyboard and mouse were still functional and I was able to crtl - alt- del to Task Manager for a reboot. The shutdown / Restart button was un-responsive during the soft freeze as well as the desktop icons. The screen was responsive when opening Task Manager. The logs from the laptop are attached. This laptop has..... Dual boot with Windows 7 Home x64 and Windows 8.1 x64. The 1.0.58 upgrade has not been done with the Windows 8.1 install. Windows Security Essential is my AV. The 1.0.508 update was done today on the laptop and the soft freeze problem occurred when I tried shutting the system down after that update. The two hard freezes then happened later as I used the laptop. The were no previous problems with this laptop. My other system is a home built desktop that dual boots Windows 7 Pro x64 and Windows 10 Home x64. This was updated to 1.0.58 when that update was first released. In the last two weeks I have experienced two hard freezes that required pressing the power button to shutdown. I had no problem previous to this. In Windows 10 I have yet to experience any problems with 1.0.58 so I'm guessing it is a Windows 7 issue. Again Microsoft Security Essentials / Defender is used on the desktop system. I will submit logs if the problem occurs again on the desktop. Thanks for your review! mbst-grab-results.zip
  12. If anyone is interested, I installed in Sandboxie and only things I could see is it tries to install McAfee Web Advisor and Opera. A scan with MB3 and Emsisoft after install did not pick up anything.
  13. I got a whole bunch of different suggestions today, but the majority of them individually they should not take too much time to implement if done so one-by-one. Some of them will understandably take a lot more time to develop. [Quality of Life] On installation and/or first run, execute the PowerShell command that enables the Windows Defender PUA Protection (only applicable on Windows 10.) [Quality of Life] Block the various Anti-AdBlocker things on websites. You can check uBlock Extra and Nano Defender on the Chrome Web Store for more information. Credit the authors of these Chrome extensions in a Special Thanks tab. [Quality of Life] Partner up with STANDS to reroute navigation to/from advertising sites (via proxy edits to the HOSTS file, or something) through the same service which powers their Fair AdBlocker. Can also help with Windows 10 and Skype advertisements outside of browsers. Be sure to credit them in the Special Thanks tab. [Prevention] Hire the guy who made Unchecky, and incorporate it into AdwCleaner to reduce the risk of accidental installation of Adware (extra checkboxes in installers will be unchecked by default, and rechecking them will display a warning notification.) Credit him and link to his website as well, on the Special Thanks tab. [Optimization] Get in touch with the guy who made CleanMem and incorporate it into AdwCleaner, since Adware can use up considerable memory at times. CleanMem also improves system memory usage in general by effectively acting as garbage collection. As before, credit the author and link to his website on the Special Thanks tab. [Cleanup] Automatically audit any registry changes made by installers when they run (as well as taking before/after snapshots), as this can significantly help in cleaning up any Registry Debris when removing Adware. (My own special thanks to Bitsum for introducing me to the term Registry Debris; the term 'garbage data' is just lame in comparison.) [User Guides] Link to the Dark Patterns website and Twitter in the Special Thanks section: By educating users so they can recognize the shady tactics frequently used by many Adware developers, you can further reduce the risk of getting infected and help to slow the proliferation of Adware. An ounce of prevention is worth a pound of cure. [Optimization] Use Large Memory Pages, and make the program and driver fully PAE-aware (along with other optimizations for large address spaces). This has the potential to significantly optimize the CPU usage of the application as page writes can be significantly reduced, and even in 32-bit mode the program will be able to access additional physical memory that it otherwise couldn't due to being integrated so tightly with the driver. This also helps to improve stability by making it less difficult to avoid bad RAM sectors through smart allocation (Memtest86+ can output a config file identifying these bad sectors). [Detection] Embed de-obfuscation routines into Registry and Filesystem searching to help decode things such as XOR/ROT loops, Base64 (with or without modified alphabets), manual linguistics encoding (Smoldering Tongue for example, which I'll explain elsewhere), uncommon ASCII codepages, and so on [Compatibility] Compile the program using the portable .NET Core Runtime to minimize its dependence on external libraries, especially on earlier versions of Windows. This would also have the side benefit of making the program easier to port over to other platforms in the future (and it is worth noting that the Malwarebytes Support Tool would also benefit from this). Who knows, it may even allow archaic operating systems like Windows 2000 to benefit from a small sampling of the latest .NET runtime features. [Aesthetic] Display a splashscreen while opening the program, so that it doesn't feel like it is just doing nothing when the user is waiting for the GUI to appear... Which admittedly should not take very long anyway. [Prevention] Automatically scan freshly downloaded installers and self-extracting archives with VirusTotal and the online OPSWAT API, and notify the user of the results. If Adware or signs of a trojan are detected within a packed installer, then attempt to sanitize the installer if at all possible. [Prevention] Sandbox installers when they run and virtualize any changes they make to the registry, scrubbing them to remove malicious registry alterations before committing the changes [Remediation] When an installer runs, cache all of the changes that it makes to the Filesystem in order to aid in future cleanup (a feature roughly based on the Ransomware Rollback feature in the MBAM Business line). Also use Sandboxing to Audit and Redirect any attempts by an installer to alter a protected file or folder. [Accessibility] Use GDIPP in the GUI, or better yet, get in touch with Daniel Georgiev at IrisTech for his FontFocus renderer. On top of significantly improving the appearance and readability of rendered text, this also allows linking multiple fonts together to provide enhanced support for displaying multilingual text [Accessibility] Implement the Dyslexie typeface, to make everything easier to read for dyslexic individuals.This one might actually be a bit tricky because of licensing costs. [Accessibility] Make the GUI more colorblindness-friendly and DPI aware. [Accessibility] Make the GUI easier to interact with when only using a Keyboard [Accessibility] Show O and I labels on the toggle switches [Accessibility] Provide audio feedback when hovering over or clicking on certain buttons, completing certain operations, receiving alerts, etc. [Optimization] For the .ICO file used by the program, use a Progressive PNG graphic (optimized with pngquant followed by pnggauntlet) instead of a raw bitmap (as Windows supported PNG-based ICO files since Vista). This can potentially make the file significantly smaller, and allow a low resolution preview to display immediately while the full icon is still loading, instead of just seeing a blank placeholder. Also use the driver to force NTFS compression on the .ICO file [Forensics] Use an XML-derived file format (XML + HTML5 + SVG) for storing scan logs; the logs are still primarily XML, but can be viewed as offline webpages. Each detected item is marked by two SVG-based Identicons, one Blocky and one Abstract, for easy identification. All relevant data is organized relationally, and also color-coded to indicate various aspects. [User Guides] A binary-compiled version of this same XML/HTML5/SVG hybrid format would allow for an Offline version of the Help Resources to be built-in to the program, along with extra features such as providing limited interactivity to help demonstrate things to the user, and the ability to update the documentation automatically to keep up with new information [Optimization] Automatically pack the scan logs into a ZIP archive, and also automatically perform NTFS compression on the AdwCleaner folder itself [Forensics] If using Windows 10, include an option to automatically transfer the logs to to the system's OneDrive Folder, with Symbolic Links left in the former location of the original file. Logs could also be automatically uploaded to the Malwarebytes servers for analysis, especially helpful if they contain Debug information as well [Optimization] Pack the executable using PECompact, provided by Bitsum. Not only can it significantly reduce the size of the executable for portability, it can also protect it from reverse-engineering without the program being marked as suspicious by other Anti-Virus vendors (as PECompact is specifically designed to work with Anti-Malware providers). If necessary, you could modify the built-in unpacker to only unpack portions of the program as needed as a means to conserve working memory. It also lets you customize different codecs for compression. [Optimization] Compile native x86, x64, IA-64 and ARM64 versions of the program, with a single installer that detects your current hardware and installs the correct version, and utilize a compiler with OpenMP/OpenACC support to squeeze every last ounce of additional performance out of the program. [Quality of Life] Use an Online-enabled, Offline-capable installer, giving you the benefits of Offline Installation while also having the ability to receive the most recent updates before you even begin the installation process. The installer executable could itself also function as a portable version of the program, no installation required. [Quality of Life] Securely connect to the Malwarebytes servers via HTTP/3 (HTTP-over-QUIC), Proxies (circumventing firewalls), Dynamic Compression (saving bandwidth wherever possible), and Smart Encryption (encrypting any sensitive data, but also leaving non-sensitive data as is). [Quality of Life] Update packages should be able to download in the background and later be installed at a moment's notice, even when offline. There can also be the ability to share update packages over a Peer-to-Peer LAN. [Quality of Life] Abuse the Task Scheduler to prevent annoying UAC prompts every time the user tries to launch the program, including automatic tweaks to the various shortcuts on the Taskbar, in the Start Menu and Quick Launch, and on the desktop. (You can abuse the task scheduler to do other useful things too, but nothing comes to mind at the moment.) [Optimization] Scan files and folders on NTFS partitions in the order in which they would appear in the filesystem, to speed up scans on mechanical drives by minimizing head seeking. [Availability] Make AdwCleaner available on the Windows Store and the Software section of the Steam store, to make the program accessible to as many people as possible. Maybe include a donation link in the program itself, along with links to the main Malwarebytes website, the blog, the forums, and other such stuff. [Remediation] Create an AdwCleaner version of the Chameleon self-protection driver. [Detection] Enable scanning of DOS-based and JAR-based installers/archives. [Optimization] Enable scanning of multiple physical drives simultaneously, performing different types of heuristics in parallel, and even optimizing some drives or checking them for errors while others are still being scanned. [Compatibility] Use legacy instructions such as MMX, 3DNow! and the original SSE on older systems where SSE2 instructions are not available. Performance and accuracy will understandably suffer, but it is better than not having the program at all. [Optimization] Utilize Hardware-based Context Switching when possible, instead of relying on software. [Quality of Life] Include a tab where you can see the current program version, third-party licensing information, the currently running executable's hash and file location, whether you're running portable or Installed, which architecture you are running it on, and lastly a detailed overview of your hardware and OS installation, providing the same information that you would get out of CPU-Z and GPU-Z. [Optimization] If the execution threads for the application begin to hang or stall, such as if they are waiting on something, temporarily lower their Thread Priority and change their Core Affinity (also disable Core Parking when this occurs). Credit once again goes to Bitsum for this, look into Process Lasso for more information. [Quality of Life] Automatically amend HOSTS file with blacklisted domains retrieved from hphosts. -=-=-=- I've been trying to write this for a while now. Think I'm gonna finally submit it, I'll link the various stuff I mentioned next post.
  14. Please run the following updated fix. It will run a DISM command to check and verify the Microsoft Windows store files and repair if needed. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt After the reboot we'll run another fix Thanks Ron
  15. Thanks. Ran "fix" and re-booted No errors opening Chrome No warnings from Malwarebytes Still showing 3 iterations of svchost.exe in \SysWOW64\, two of them trying to connect thru the network as shown in TaskManager attached FixLog Fixlog.txt
  16. FeeDee

    Licence Problems

    H mbam_mtbr Thank you for your reply and advice,it is greatly appreciated.I just checked the FAQ ans found nothing new to help me sadly.I will now proceed to contact support staff for further help.I will close this thread now and if I need to contact you I will start a new thread.Thanks again for your assistance. Kindest regards.
  17. Wardster

    Can't enable Ransomware Protection

    The computer is new; had McAfee on it. Uninstalled that before running the clean then re-install of Premium.
  18. Wardster

    Can't enable Ransomware Protection

    Ran a repair, then a clean and re-install; got a few similar messages but all seems sorted now.
  19. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks Ron
  20. Hi @Smarion1, You may want to try contacting our support staff. They will be able to resolve this issue. Nathan
  21. mbam_mtbr

    Licence Problems

    Hi @FeeDee, You may want to start by checking our Malwarebytes on Android FAQs. If that isn't helpful, I would suggest contacting our support staff. They will be able to resolve this issue. Nathan
  22. Wardster

    Can't enable Ransomware Protection

    Did that. Got two unauthorized changes blocked messages. Another message roughly saying Unable to create the log.
  23. MysteryFCM

    Remove site from blacklist

    There is still malicious content present. e.g. hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/ hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/auth/ hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/25GB/ hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/baaa.php hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/dirty.c hxxp://hvh-mpl.dk/modules/mod_ariimageslidersa/g.php
  24. Hi @Kiri777, You can use the methods highlighted here to remove: Also, if you send an Apps Report I can look further into this infection and provide guidance. To send an Apps Report with Malwarebytes for Android use the following instructions. 1.Open the Malwarebytes for Android app. 2.Tap the Menu icon. 3. Tap Your apps. 4. Tap three lines icon in upper right corner. 5. Tap Send to support Choose an email app to send Apps Report. Your email app will open with the Apps Report included. Send the Apps Report to create a ticket. PM me the email used and/or the ticket number assigned. Nathan
  25. Malwarebytes

    Can't enable Ransomware Protection

    ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  26. I can't enable ransomware protection. Fully updated.
  27. Yesterday
  28. The scanner show premium on both of my devices but when I try to register my license online it will not work. Can anyone help? I'm using a note 5 and a Samsung 3 chromebook.
  1. Load more activity
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.