lmacri

Hi Erix: Thank you for your response. Sorry for the late reply but I updated to Malwarebytes Premium 4.4.10.144-1.0.1499 on 05-Nov-2021 and wanted to monitor my system for a week or so to see if there was any change in CPU consumption by my Malwarebytes Service (the short answer is no). Just note that Security | Windows Security Center | Always Register Malwarebytes in the Windows Security Center is always OFF in my Malwarebytes settings and MS Defender is my primary antivirus. I've also attached a new set of mbst-grab-results.zip logs I collected today if anyone's interested. mbst-grab-results.zip So far I can't see any noticeable change in CPU usage. I still see high CPU activity by the Malwarebytes Service when Windows Update is searching for and installing my Windows Defender virus definitions every morning, but that could just be a coincidence. I shut down my computer every night and when I power up in the morning one of the first things that Windows does is to check for MS Defender virus definition updates, so it's possible that several pending background tasks (e.g., Windows Update checks, Malwarebytes update checks or missed Threats Scans, etc.) are all trying to run simultaneously. That said, the system resources used by the Malwarebytes Service still seem unusually high at times throughout the day [e.g., CPU activity >25 %, CPU temp ramps to 90 deg C quickly and triggers my high speed fan (which is very noisy on my Inspiron 5584), high power usage in Task Manager]. If anything, the high CPU usage is even more noticeable with Malwarebytes v4.4.10 because my daily Threat Scans (scheduled to run at 6:00 PM) are now taking 5 to 6 min to run to completion and the noise from my high speed fan during these scans is quite loud. I might try a clean reinstall of Malwarebytes v4.4.10 to see if that helps, but if there's no change I might reduce the frequency of my scheduled Malwarbytes update checks and Threat Scans. I noticed that MSimm1, who also shuts their computer down at night, has disabled their scheduled Threat Scans because of the high system resource usage by Malwarebytes at boot-up (see their 04-Nov-2021 thread Not Fully Protected Because No Scheduled Scan) so I'm not the only user that's concerned about the impact of Malwarebytes on system performance. __________________________________________________ Here's a few images I captured during my November 2021 Patch Tuesday update by Windows Update, which took several minutes to run to completion since I have a slow internet connection. In general, power usage by Service Host: Windows Update was usually Low (and would briefly jump to Moderate) during the search and download of updates, and I could see short periods where the Malwarebytes Service would jump to High or Very High. I believe this image was captured while KB5007186 (2021-11 Cumulative Update for Win 10 v21H1, OS Build 19043.1348) was downloading. During the installation of KB5007186 by the WMI Worker I again saw short periods of High or Very High activity by the Malwarebytes Service ... ... but Malwarebytes activity was generally Low or Very Low during most of the installation. ----------- 64-bit Win 10 Pro v21H1 build 19043.1348 * Firefox v94.0.1 * Microsoft Defender v.4.18.2110.6-1.1.18700.4 * Malwarebytes Premium v4.4.10.144-1.0.1499 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

The stable version of Malwarebytes v4.4.10.144-1.0.1499 was released to the general public today and Erix's 04-Nov-2021 release notes <here> still include the following ... I haven't installed the latest v4.4.10 patch yet, but can anyone at Malwarebytes provide more information about this bug and how it manifested itself in Malwarebytes v4.4.9? For example, did CPU activity for the Malwarebytes Service increase significantly during manual and/or automatic Windows Updates on all Win 10 machines due to a conflict with the Windows Update Agent at C:\Windows\System32\wuaueng.dll, did the bug actually prevent the Windows Update service wuauserv from launching on occasion and logging a DistributedCOM error in Event Viewer, etc., and how was this bug was first detected? ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v94.0.1 * Microsoft Defender v.4.18.2110.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Is there any update on the status of this fix? The release notes <here> for the latest Malwarebytes v4.4.10.144-1.0.1499 (rel. 04-Nov-2021) state in part ... ... but I'm not clear if that fix is related in any way to the anti-exploit false positive (Office WMI Abuse Prevention) for MS Excel 2019 that I reported in my original 16-Sep-2021 post <above>. ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v94.0.1 * Microsoft Defender v.4.18.2110.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 * MS Office Home and Business 2019 C2R v2110 (build 14527.20234) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Thanks for the feedback. I'll check the release notes for Malwarebytes v4.4.10 once the stable version is released, and if there's still any mention of "WU searches" or Windows Update like the BETA release notes <here> I'll do a bit more testing to see if I can figure out what's triggering my intermittent high CPU activity. I did notice a few application and system errors related to Malwarebytes in the FRST Additions.txt log, so I'll keep an eye on those and see if they persist after Malwarebytes v4.4.10 is released. Is there any specific reason why you suggested I uninstall Bonjour? I always have the Start Type of my Bonjour service set to DISABLED and can't see mDNSResponder.exe running in Task Manager or Process Explorer. If I uninstall Bonjour I believe it will just reinstall the next time I update iTunes for Windows (I use the installed edition of iTunes, not the app from the Microsoft Store) so I normally leave Bonjour installed (but disabled) just in case I ever purchase an Apple device that requires this service for syncing to iTunes. I've never had the "standard" CCleaner installed on my computer but I do keep an up-to-date copy of CCleaner Portable on a removable USB stick. It looks like the CCleanerSkipUAC task is pointing to the executable on my USB stick at D:\Portable\CCleaner\CCleaner64.exe and is related to the setting at Options | Advanced | Skip User Account Control Warning , which is normally DISABLED in my CCleaner settings. The task hasn't run since 10-Mar-2021 and disabling it didn't appear to affect the launch of CCleaner Portable v5.86.9258 so I went ahead and deleted that CCleanerSkipUAC task as you suggested. Acronis VSS Doctor v1.1.53 didn't find any problems with my VSS (i.e., no "Fixable Issues" button displayed). It did flag low free disk space on my small (<12 GB) recovery partitions, but that's not a concern since there's lots of free disk space on my C: drive where my Windows restore points are saved. See the attached .txt log. All the VSS event log errors in my FRST Additions.txt file are similar to the error below (i.e., they say that VSS was interrupted by a system shutdown) and all have a time stamp of ~ 10:30 PM when I normally shut down my laptop, so I'm not particularly worried about those events as long as Windows System Restore continues to create the occasional system restore point. I also use Macrium Reflect Free to create full disk images of my hard drive just in case I ever have to perform an emergency recovery, so I'll just monitor these VSS errors in Event Viewer for now and will try the Macrium Reflect VSS Repair tool you recommended if other types of VSS errors are logged in the Event Viewer. AcronisVSSDoctorReport_2021-11-02-07-58-40.txt ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v94.0.0 * Microsoft Defender v.4.18.2110.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 * HWMonitor Free Portable v1.44 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: I've attached the requested mbst-grab-results.zip file, but I'm not expecting anyone from Malwarebytes to help me diagnose the cause of high CPU temps on my Dell Inspiron - at least for now. Right now I'd just like to know if there's a thread somewhere in this forum discussing a known conflict between Windows Update and Malwarebytes where I can find more information. Erix's 28-Oct-2021 release notes <here> for the 4.4.10.144-1.0.1496 BETA suggest that there's a known conflict with Windows Update, but if a fix is imminent I'm not going to waste too much time diagnosing the intermittent high (excessive?) CPU activity by my Malwarebytes Service that I can see in Task Manager unless it continues after the stable edition of Malwarebytes v4.4.10 is released. Based on comments by other Inspiron 5584 users in the Dell forum I actually suspect that the problem is with a faulty cooling fan, and not excessive CPU activity by my Malwarebytes Service, per se. I can use HWiNFO or HWMonitor to monitor my CPU core temps but unfortunately none of the diagnostic utilities I've tried so far can measure fan speeds on my Dell laptop (a known issue according to HWiNFO developer Martin Malik's reply to my thread HWiNFO64 v7.12 - How to Monitor Fan Speeds). I know how to use the proprietary Dell Power Manager app to adjust my fan speed, if necessary, but I haven't figured out how to actually monitor my fan speed in real time. Just an FYI that I've created mutual scan exclusions for Windows Defender (but not Windows Update) in my Malwarebytes scan exclusions, and vice versa. Windows Defender is currently my primary real-time protection (i.e., Security | Windows Security Center | Always Register Malwarebytes in the Windows Security Center is OFF). mbst-grab-results.zip ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 * HWMonitor Free Portable v1.44 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi FetzBox22: I read your post yesterday (31-Oct-2021) and was able to confirm that the Security News tile was blank (i.e., was not populated) if I opened the Real-Time Protection pillar on the main GUI of my Malwarebytes Premium 4.4.9.142-1.0.1486. I can also confirm that Security News tile is now working as expected today (01-Nov-2021). My Security News tile is loading after only a short delay (~1 sec), but I rarely open the Real-Time Protection pillar on the main GUI to check the status of my real-time protection so I can't tell you if a 3-5 sec delay would be unusual on my system. ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Erix's release notes in the thread Malwarebytes 4.4 Beta for the 4.4.10.144-1.0.1496 BETA (rel. 28-Oct-2021) state in part: Assuming that "WU" means Windows Update, is this high CPU usage a known bug in stable releases like the current v4.4.9.142-1.0.1486, and if so is there a thread in this Malwarebytes for Windows Support Forum board where this issue is being discussed? For the past month or so I've noticed unusually high CPU usage whenever Windows Update updates my virus definitions for Microsoft Defender. I thought the bearings in my fan might be starting to fail because the fan is so noisy during these daily Microsoft Defender virus definition update checks, but after reading Erix's release notes for the latest BETA test version I'm beginning to wonder now if my Malwarebytes Premium real-time protection is interfering with Windows Update and contributing to the high CPU usage. Just an aside, but the only other time this loud fan noise seems to occur is when Malwarebytes runs my daily Threat Scan. ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6-1.1.18700.4 * Malwarebytes Premium v4.4.9.142-1.0.1486 * HWMonitor Free Portable v1.44 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

I have no idea what's going on, but I just checked the download link for the full offline installer at https://downloads.malwarebytes.com/file/mb4_offline to see if a new installer has been posted yet for the new Malwarebytes v4.4.9.142-1.0.1486 released today (hint - the full offline installer for v4.4.9 described <here> in the release notes hasn't been posted yet) but I was surprised to see that the installer for v4.4.8.137-1.0.1474 (originally released 08-Oct-2021) looks like it was wrapped with a newer malware definitions database some time in the past two days and renamed from mb4-setup-consumer-4.4.6.232-1.0.1474-1.0.45650.exe to a more sensible mb4-setup-consumer-4.4.8.137-1.0.1474-1.0.46162.exe. It will be interesting to see what file name is used when the full offline installer for v4.4.9.142-1.0.1486 (rel. 21-Oct-2021) is eventually posted online. ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Hi Scout94: I have Malwarebytes v3.5.1.2522-1.0.365 installed on my old Vista SP2 machine, which I rarely boot up these days since I purchased a Win 10 Pro laptop. A check for updates will only update the malware definitions database but does not detect any available updates for the main product or component package. That is the same product version offered by the official download link at https://downloads.malwarebytes.com/file/mb3_legacy that Porthos suggested <above>. I can also confirm that the Ransomware Protection module cannot be activated on a Win XP or Vista computer if you purchase a Malwarebytes Premium license that offers real-time protection. See Malwarebytes employee Erix's post Malwarebytes Support for Legacy Windows XP and Vista Operating Systems in the Malwarebtes 4 FAQs pinned at the top of this Malwarebytes for Windows board, which states in part: If your family member isn't certain if their CPU supports the SSE2 instruction set (a system requirement for Malwarebytes v3.5.1) a free utility like CPU-Z can find this information. The Wikipedia article SSE2 notes that Intel Pentium 4 and higher CPUs will support SSE2. From my Vista SP2 machine using the classic portable (.zip) version of CPU-Z that I unzipped and ran from a removable USB thumb drive: The Malwarebytes 4 FAQs also notes that "Malwarebytes 4 supports Windows 7 SP1 or newer", as Maurice Naggar noted <here>. ----------- 32-bit Vista Home Premium SP2 * Firefox ESR v52.9.0 * Malwarebytes Premium v3.5.1.2522-1.0.365 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, 256 GB Western Digital Scorpio WD2500BEVS SATA HDD, NVIDIA GeForce 8400M GS ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 * CPU-Z Portable v1.97 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

I don't recall this being an issue for the Malwarebytes v2.x and v3.x full offline installers. For example, the Malwarebytes support page at Download and Install Malwarebytes for Windows v3 has download links for the full offline installers for Malwarebytes v3.x. The full offline installer for Win 7 SP1 and higher on that page that installs a v3.8.3.2965 main product and v1.0.629 component package is clearly designated as mb3-setup-consumer-3.8.3.2965-1.0.629-1.0.13137.exe. Unless I'm mistaken, the version numbers of the main product and component package were always included in the name of the full offline installer until Malwarebytes v4.x was released. I'm simply asking if someone from the Malwarebytes Product Management team could explain why this can't be done for the Malwarebytes v4.x full offline installers as well. If it's absolutely necessary to include the version of the installer/wrapper in the file name then why not call the latest offline installer for v4.4.8.137-1.0.1474 something like mb4-setup-consumer-1.232-4.4.8.137-1.0.1474-1.0.45650.exe (where v1.232 is the version of the installer that can be changed if the installer/wrapper itself needs to be revised while the bundled components remain unchanged). ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Common sense would dictate that the latest offline installer available at https://downloads.malwarebytes.com/file/mb4_offline should be named mb4-setup-consumer-4.4.8.137-1.0.1474-1.0.45650.exe to reflect the exact main product version, component package and malware definition set that is wrapped inside the installer. Could someone from the Product Management team please explain why this can't be done (or at least why they don't want to do it)? Users have been complaining about the confusing nomenclature used for the full offline installer ever since Malwarebytes v4.x was first released and I've never seen a reasonable explanation why the file name must include the version number of the installer/wrapper instead of the actual version number of the main product it installs. I assume there must be some automated process in place that wraps the latest available components inside the full offline installer and assigns a name to the resulting .exe file, but isn't there some way this naming process could be be tweaked so users can easily tell which main product version the full offline installer from https://downloads.malwarebytes.com/file/mb4_offline will actually install? ----------- 64-bit Win 10 Pro v21H1 build 19043.1288 * Firefox v93.0.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi DERoss: There are three version numbers shown in your Malwarebytes interface at Settings | About. The main Malwarebytes product version (scan engine) is currently v4.4.8.137. The Component Package (which I believe includes additional modules for Web Protection, Exploit Protection, etc.) is currently v1.0.1474. The Update Package version is the version number for the malware / virus definitions and is updated regularly (for example, prior to any scan) and will change from day to day - my malware definitions version is currently v1.0.45716 but yours might be slightly different. If you want to know if you have the latest Malwarebytes product version and Component Package, release notes are posted in Erix's thread Malwarebytes 4.4 that is pinned at the top of this Malwarebytes for Windows board. The last entry in that thread confirms that the current main product v4.4.8.137 / component package v1.0.1474 combination was released 07-Oct-2021. When a new Malwarebytes v4.5 main product is eventually released Erix will start a new thread for the v4.5 release notes and pin it at the top of this board. See Malwarebytes staffer tetonbob's 27-Sep-2021 explanation <here> about the naming convention used for the full offline installer. The official Malwarebytes v4.x download link at https://downloads.malwarebytes.com/file/mb4_offline is currently offering an installer named mb4-setup-consumer-4.4.6.232-1.0.1474-1.0.45650.exe, where 4.4.6.232 is the installer version (i.e., the installer that "wraps" the components together, not the main product version), 1.0.1474 is the bundled Component Package version, and 1.0.45650 is the bundled Update Package / malware definition version. Most users find the naming convention that Malwarebytes uses for their full offline installers is very confusing because you would never know that an installer named xxx-4.4.6.232-1.0.1474-xxx.exe would actually install a v4.4.8.137-1.0.1474 product, but Malwarebytes has repeatedly ignored user feedback and will not add the version of the main Malwarebytes product bundled inside the installer (i.e. currently v4.4.8.137) to the installer name. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: I understood from staffer gonzo's 23-Sep-2021 post in MWB Browser Guard- False +ve or Hidden Malware?! that there is a known issue with the way that the Malwarebytes Browser Guard extension employs cache and that a modification request has been submitted to the developers. Hopefully the feedback I posted <above> about the problem I had removing the web block for https://www.whynotwin11.com/ in MS Edge (but not Firefox) will be helpful to the person who is assigned this bug fix. Reading gonzo's 23-Sep-2021 post about this issue with cached data was the reason I tried clearing my MS Edge browsing history in the first place, and I just wanted him to know that this finally removed the web block after everything else I tried had failed. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 * Firefox v93.0.0 * MS Edge v94.0.992.38 * MB Browser Guard for FF/Chrome v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: I should add that I also don't clear my Browsing History when I exit my Firefox browser, but this didn't seem to cause an issue with my Malwarebytes Browser Guard for Firefox extension. The block for https://www.whynotwin11.com/ cleared on its own in my default Firefox browser without any intervention on my part as soon as Malwarebytes revised the Web Protection block list on their end. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 * Firefox v93.0.0 * MS Edge v94.0.992.38 * MB Browser Guard for FF/Chrome v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: Yes, but only after I cleared ALL my browsing data in MS Edge (Settings | Privacy, Search and Services | Clear Browsing Data | Clear Browsing Data Now | Choose What to Clear) as I showed in my image <above>. When I exit my MS Edge browser I normally clear everything at Settings | Privacy, Search and Services | Clear Browsing Data | Choose What to Clear Every Time You Close The Browser except my Browsing History, which I like to retain for a few weeks at a time to speed up searches from the address bar. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 * Firefox v93.0.0 * MS Edge v94.0.992.38 * MB Browser Guard for FF/Chrome v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi BillH99999: Just confirming that today's manual update (Settings | General | Application Updates | Check for Updates) ran as expected and both SUMo v5.14.1 and Control Panel | Programs | Programs and Features correctly detect that I'm on Malwarebytes v4.4.8.137. Sadly, the full offline installer for v4.4.8.137-1.0.1474 that was posted this afternoon at https://downloads.malwarebytes.com/file/mb4_offline has gone back to using the old, confusing nomenclature. I was only able to tell that a new offline installer had been posted today because the file name now specifies that the Component Package bundled inside the installer is the latest version 1.0.1474, as @tetonbob explained <here>. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.8.137-1.0.1474 * SUMo Free Portable v5.14.1.508 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Just an FYI that the bug I described <above> where an update to Malwarebytes v4.4.7.134 might not display the correct product version number at Control Panel | Programs | Programs and Features has apparently been fixed. Erix's 07-Oct-2021 release notes <here> for the latest Malwarebytes v4.4.8.137-1.0.1474 state in part: ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi AdvancedSetup: I didn't go as far as restarting the computer, but restarting my MS Edge browser (with and without Malwarebytes Browser Guard for Chrome v2.3.9 disabled) didn't clear the block. I only wanted to report a false positive block of the download page so a discussion about the pros and cons of Robert Maehl's WhyNotWin11 app is a bit off topic, but I've seen several reports from users where the official Windows 11 PC Health Check tool provided by Microsoft failed to run to completion and displayed the message "Your organization manages updates on this PC" because the user had modified advanced Windows Update settings in the Local Group Policy Editor (GPEdit) of their Win 10 Pro machine - see the AskWoody.com thread Win 11 PC Health Check Aborts for one discussion on this topic. I have modified a few of these advanced Windows Update settings with GPEdit (e.g., like the TargetReleaseVersion setting at Computer Configuration | Administrative Templates | Windows Components| Windows Update | Windows Update for Business | Select the Target Feature Update Version that I use to control when Win 10 version updates like v21H2 will be pushed to my machine) so I don't think the official Windows 11 PC Health Check tool will run correctly on my machine. I'm also assuming that the official Microsoft app is an installed product (the installer is called WindowsPCHealthCheckSetup.msi) so one added benefit of Robert Maehl's WhyNotWin11 utility is that it does not have to be installed and can be run as a portable app from a removable USB thumb drive. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 * Firefox v93.0.0 * MS Edge v94.0.992.38 * MB Browser Guard for FF/Chrome v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi gonzo: Thanks for taking care of this. Just an FYI that the block for https://www.whynotwin11.com/ was removed for Malwarebytes Browser Guard for Firefox v2.3.9 in my default Firefox browser shortly after you posted. However, Malwarebytes Browser Guard for Chrome v2.3.9 continued to block this site in my MS Edge browser until I cleared the entire browsing history in MS Edge as shown below. Simply disabling and re-enabling the Malwarebytes Browser Guard for Chrome extension as you suggested <here> in another thread wasn't enough to clear the cache being used by the extension and remove the block. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 * Firefox v93.0.0 * MS Edge v94.0.992.38 * Malwarebytes Browser Guard for FF/Chrome v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

The URL https://www.whynotwin11.com/ is currently being blocked by Malwarebytes Browser Guard v2.3.9 (both Firefox and Chrome) due to a poor reputation. This site was not blocked when I visited it ~ 1 week ago. The free WhyNotWin11 utility that is available for download on this site has been recommended on several reputable sites - see Ed Tittle's How to Check If Your PC Can Run Windows 11 on ComputerWorld and Lawrence Abrams' WhyNotWin11 is a Better Replacement for Windows 11's PC Health Check on BleepingComputer for two examples. The WhyNotWin11 utility is also available on developer Robert Maehl's GitHub page at https://github.com/rcmaehl/WhyNotWin11 (site not blocked by Malwarebytes). I have no problem running WhyNotWin11 v2.4.1 (downloaded 28-Sep-2021) but the latest WhyNotWin11 v2.4.2.1 that I downloaded today is currently being blocked by Microsoft Defender's SmartScreen. The "problem" v2.4.2.1 executable of WhyNotWin11.exe that is blocked by Microsoft Defender's SmartScreen is attached as a .zip file, and scans of the .exe file with both Microsoft Defender and Malwarebytes Premium did not detect any threats. WhyNotWin11.zip ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 * Malwarebytes Browser Guard for FF v2.3.9 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi Kyle_Katarn: I ran an over-the-top update with the "old" v4.4.7 full offline installer (i.e., mb4-setup-consumer-4.4.6.231-1.0.1464-1.0.45264.exe) on 27-Sep-2021 before it was renamed and re-posted as mb4-setup-consumer-4.4.7.134-1.0.1464-1.0.45264.exe on 30-Sep-2021, and my 27-Sep-2021 images <here> shows both SUMo and Control Panel | Programs | Programs and Features were correctly detecting the updated version as 4.7.7.134. Since I already fixed the problem with the full offline installer on 27-Sep-2021 I can't tell you if a manual update with the small stub (online) installer (e.g., Settings | General | Application Updates | Check for Updates) will now change the DisplayName and DisplayVersion in the Windows registry to the correct v4.7.7.134, but Hsjafo's post today in the thread Has v4.4.7 Been Pulled? suggests that the v4.4.7 stub installer has been fixed as well. Like BillH99999, I haven't tested the v4.4.8 BETA and I'm waiting for the release of the stable v4.4.8 stub installer to see if the registry entries are updated correctly. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 * SUMo Free Portable v5.14.1.508 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi Skier: I don't know if your problem is related, but there was a known issue where users who updated Malwarebytes v4.4.6 to v4.4.7 by running a manual update check (e.g., Settings | General | Application Updates | Check for Updates) would see they had v4.4.7.134 in the Malwarebytes interface at Settings | About but Control Panel | Programs | Programs and Features would show they still had v4.4.6.132. There was apparently a glitch in the small stub installer that failed to update the program DisplayName and DisplayVersion in the Windows registry. See BillH99999's 25-Sep-2021 Update to MB 4.4.7.134 Left Wrong Version in Registry So SUMo Flagged It for more information. I fixed the issue on my own system by performing an over-the-top update with the full offline installer downloaded from https://downloads.malwarebytes.com/file/mb4_offline. Several users in BillH99999's thread, including myself, found it confusing that the full offline installer downloaded from https://downloads.malwarebytes.com/file/mb4_offline was named mb4-setup-consumer-4.4.6.231-1.0.1464-1.0.45264.exe (at least when I downloaded it on 27-Sep-2021) but was actually installing a Malwarebytes v4.4.7 product. I checked that download URL today and it appears the name of the full offline installer has been changed recently to mb4-setup-consumer-4.4.7.134-1.0.1464-1.0.45264.exe. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Someone in Product Management must have listened to @tetonbob. The name of the full offline installer for MB v4.4.7 at https://downloads.malwarebytes.com/file/mb4_offline has now been changed from mb4-setup-consumer-4.4.6.231-1.0.1464-1.0.45264.exe (the file name when I downloaded on 27-Sep-2021) to mb4-setup-consumer-4.4.7.134-1.0.1464-1.0.45264.exe. ----------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v93.0 * Microsoft Defender v4.18.2109.6 * Malwarebytes Premium v4.4.7.134-1.0.1464 * SUMo Free Portable v5.14.1.508 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi Roj9: Sorry, only Malwarebytes employees and a small group of users with advanced permissions are allowed to open attached files, so you'll have to wait for @AdvancedSetup or one of the other senior members of this forum to review your detection log. If the Protection Technique that triggered the block for your client was something other than Office WMI Abuse Prevention (I only used that as a example) then disabling Settings | Security | Exploit Protection | Advanced Settings | Application Behaviour Protection | Office WMI Abuse Prevention isn't going to stop the block. ------------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v92.0.1 * Microsoft Defender v4.18.2108.7 * Malwarebytes Premium v4.4.7.134-1.0.1464 * MS Office Home and Business 2019 C2R v2108 (build 14326.20404) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620

Hi Roj9: If you can Export the detection log found at Detection History | History to a .txt file (see the first image below) and then paste the contents in your next reply someone should be able to confirm if your client's Exploit Protection detection is a false positive, and if so, how to temporarily change their Exploit Protection settings to prevent these false positive warnings. Many users have recently reported Exploit Protection blocks for MS Office in the False Positives | Exploit board. See my 16-Sep-2021 thread MS Word and Excel 2019 - Exploit Office WMI Abuse Blocked (cmd.exe) for one example. When I view the detailed detection log at Detection History | History the Protection Technique says "Exploit Office WMI Abuse Blocked" (your client's Protection Technique might be slightly different)... ... and if I wish, I can temporarily DISABLE the Exploit Protection settings at Settings | Security | Exploit Protection | Advanced Settings | Application Behaviour Protection | Office WMI Abuse Prevention (enabled by default) to prevent these false positive detections until Malwarebytes releases a bug fix. ------------- 64-bit Win 10 Pro v21H1 build 19043.1237 * Firefox v92.0.1 * Microsoft Defender v4.18.2108.7 * Malwarebytes Premium v4.4.7.134-1.0.1464 * MS Office Home and Business 2019 C2R v2108 (build 14326.20404) Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, Toshiba KBG40ZNS256G 256 GB NVMe SSD, Intel UHD Graphics 620