Jump to content

treed

Staff
  • Content Count

    1,361
  • Joined

  • Last visited

Everything posted by treed

  1. Sounds like it could be a variant of the malicious configuration profiles mentioned here: https://forums.malwarebytes.com/topic/236261-how-to-remove-weknow-malware-and-others/ Try the solution for the profile issue mentioned there. If that doesn't help, try the other suggestions, and if it still won't go away, let us know.
  2. /usr/sbin/ is on the system volume in Catalina. See: https://eclecticlight.co/2019/10/08/macos-catalina-boot-volume-layout/
  3. If you have upgraded to macOS Catalina and have installed the corresponding update to Malwarebytes for Mac 3.9.32, you may see a problem where the app will tell you that you need to enable Full Disk Access. However, when you follow the directions provided, you will not see Malwarebytes Protection in the list where the directions say to look for it. We are still unsure exactly what changed, and whether this is a Catalina bug that will be fixed in a future release, or whether we need to change something. We are investigating. In the meantime, you can fix the problem by downloading the Malwarebytes for Mac installer and reinstall it manually. There is no need to uninstall Malwarebytes for Mac first, you can simply install on top of your existing copy. Once you have done this, you should see Malwarebytes Protection on the list of apps to give Full Disk Access to. Download the Malwarebytes for Mac installer here: https://malwarebytes.com/mac-download Technical background It seems that something changed between the Catalina betas and the final release, and it is triggered by installing the Malwarebytes for Mac update via the installer process located at /usr/sbin/installer, as opposed to the Installer app located at /System/Library/CoreServices/Installer.app. When installing via the former, Malwarebytes Protection will not appear on the list. When installing via the latter, it will. We have also observed cases where Malwarebytes Protection will disappear from the list, even though it has already been given Full Disk Access. Despite not appearing on the list, it will nonetheless continue to have Full Disk Access, and will remain capable of detecting and removing threats from locations that are not accessible without Full Disk Access. This is definitely a Catalina bug, which leads us to believe the other problem may also be a related bug.
  4. That is not supposed to be necessary. The instructions work as written... or, at least, they did. It looks like something may have changed between the Catalina betas/GM and the official release, but we're not sure what yet. We're investigating.
  5. The updater does work, and is working as intended. In the initial stages of a new release, it's throttled so that only a limited number of people get the update. Checking manually overrides the throttling and gives you the update now.
  6. From the information provided, that does appear to be a legitimate copy of the installer.
  7. Feel free to report those kinds of unsolicited numbers. Just be cautious about numbers from companies you've done business with before. I wouldn't recommend reporting those unless you've asked them to remove you from their list and they haven't.
  8. We can't really comment on the exact process, but suffice it to say that the mere fact that you report a number is not sufficient to get it added to the database. It may be a legitimate number being spoofed by a scammer, or you may be reporting your mother-in-law's number because you don't like her. However, regardless of what we do on the backend, if you report a number, it'll get blocked by the app in the future on your phone.
  9. For beta, yes. When we put out the public release, that will probably be limited to a couple specific countries initially, but if all goes well we will hope to expand it globally as soon as possible.
  10. That has never been a feature of Malwarebytes for Mac, and our free browser extension (now called Browser Guard) has never yet been available for Safari. If you were running something in Safari that was using a Malwarebytes logo, I'd be very interested in finding out what that was.
  11. Awesome! Glad to see this finally went through. I guess we posted the link to swiftly and it wasn't ready yet.
  12. As Al pointed out, Malwarebytes for Mac never has done ad blocking, and it has never had a Safari extension. You mentioned that "Malwarebytes is no longer present on search windows," but I don't know what that means, as Malwarebytes should not show up in any way on your search windows in Safari (unless you're searching for something Malwarebytes-related and it shows up in the search results). Another alternative to Ka-Block that should work on Catalina is 1Blocker. It's a bit pricey compared to other ad blockers, but IMO is worth the cost.
  13. You definitely shouldn't be using any kind of "cleaning" apps... they are completely unnecessary on a Mac. These apps "clean" files that don't need to be removed. In fact, some of the files they remove (cache files) are there to keep your Mac running as fast as possible, so removing them is actually counter-productive. If you ever have any cache file corruption - which is quite rare, as I've only seen it happen once in decades of using Macs - there are ways to fix that manually. Once upon a time, the Mac was not as good at maintaining itself, and cleaning tools had their uses. Today, the necessity of these tools is a complete myth, but is unfortunately a myth that continues to be spread.
  14. Hi, all, I'l pleased to announce the release of the Malwarebytes Call Protection beta. If you are interested in trying this app out, you can claim a spot in the beta (seats are limited) here: https://play.google.com/apps/testing/com.malwarebytes.antiscam This app brings back the features that we were forced to remove from our Malwarebytes Security app, and will eventually be available free of charge. If you have questions or comments about the beta, please respond to this topic. We're eager to hear about any problems!
  15. I'm not sure what might have happened, other than to say that it's exceedingly unlikely to be due to malware. The last time I can think of that malware actually caused a machine to become unable to start up was with the Genieo adware nearly ten years ago, and in that case it was only caused if you removed it incompletely. (In fact, it was that incident that caused me to start working on automated ways of removing all traces of such things.) My advice, if you continue to have problems, would be to talk to Apple support about that. It may be some kind of hardware issue, for all I know.
  16. Nope, that's it. As you notice, the RTProtectionDaemon component is now called Malwarebytes Protection (although it's still the same process, still called RTProtectionDaemon under the hood, which is why is shows up for you as already checked). That process is responsible for all scanning - manual, scheduled, and real-time.
  17. It's completely normal to see this change, both due to changes in the number of files in locations of interest on your computer and changes to the detection rules. I honestly question the value of showing that number, as this is normal but causes people anxiety.
  18. Hi, all, We have a beta ready for testing with macOS Catalina, and would love to have your eyes on it. If you have turned on Beta Application Updates in the Malwarebytes settings, it will show up as an update in the app. Otherwise, you can download from here: https://ark.mwbsys.com/mmac.installer.consumer/v3.9/beta Testing is not restricted to Catalina! Although we definitely want to see people testing it on Catalina betas, we also appreciate testing on any other systems. Not much has changed, except for a message on the dashboard in the app about allowing Full Disk Access for anyone using Catalina. (That really wasn't important for Mojvae, but it has become more important in Catalina.) Please test, and if you see any problems, let us know by replying to this topic. Thanks!
  19. None of this sounds like malware. It actually sounds more like the encrypted partition was damaged. Yosemite has a small - and shrinking - install base, and is unlikely to be a target for malware. However, it's also worth pointing out that Yosemite cannot be considered a secure system any longer, so if someone did want to target Yosemite users, it wouldn't be hard to do so. If that happened, though, it wouldn't be likely to look like what you saw.
  20. Ahh, yes, that sounds like a notification, rather than a full page loading. Sites can request permission to send you notifications, and it's very easy to accidentally allow it. If you do, they can pester you constantly until you remove those permissions in the browser.
  21. That doesn't sound like adware. Adware won't install just by visiting a website... if it did, that would be malware behavior, and we would detect it as such. And it would be big news, as that doesn't happen often on Macs! Instead, this sounds like it's probably due to either malvertising (malicious advertising that has gotten into some sites' advertising feeds) or an overlooked tab or window open in your browser that is spawning the new window. (I actually saw something that myself just this morning... one of the many tabs I had open spawned one of those "You have a virus" scam pages.) The best solution is to install some kind of ad blocker in your browser.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.