[Malwarebytes Free Won't Remove Threats]

@WildcatTech like @exile360 mentioned, it sounds like our Malwarebytes Techbench program and the Malwarebytes Toolset would really be beneficial for you. That would include the right licensed version of Malwarebytes to provide remediation services to your clients plus reseller access to protect client devices with Malwarebytes products.

I actually manage the Toolset and co-manage the Techbench program. If you want to learn more, feel free to DM me.

[svchost.exe RTP Connection blocked]

@Infernus the most recent block is also from an IP used to perform brute force RDP attacks. Like the previous one, Malwarebytes was able to successfully prevent the inbound connection from occurring.

Unfortunately, this could be a situation where your current IP provided by your ISP is on a list of potential exploitable victims and the attackers are just trying to connect by any means necessary. I know that can be annoying, but there isn't much we can do here since the attempts are happening and we are keeping you safe.

Like I mentioned in my previous post, you may want to see if your router provides an SPI Firewall as that can help prevent brute force and DDoS attempts.

[svchost.exe RTP Connection blocked]

3 hours ago, Infernus said:

Alright, I have added this ip to windows firewall protection as a blocked ip. Hope it works.

Good call. It doesn't hurt to have that extra layer of firewall protection.

With that being said, I can help answer your original follow up question. Essentially, you are seeing an alert where Malwarebytes successfully blocked an inbound connection attempt from a known compromised network used for brute force RDP attacks. The connection attempt was with an instance of the Windows Service Host Process (svchost.exe) which is used to run Windows Services. In turn, Remote Desktop Services (TermServ - termsrv.dll) is an example of a Windows Service that is hosted within svchost.exe.

Lastly, I'm not sure what your local network is comprised of, but it would be a good idea to make sure you have a quality router that provides an SPI Firewall and has options to help block incoming RDP connections. Most routers from companies like Linksys, Netgear, and Asus include these types of security features.

[Malwarebytes says expired HELP!]

@yoMuzicMan glad to hear everything is resolved!!

[Malwarebytes licenses from Newegg - can we discuss?]

@bjm sounds like some simple mis-communication from the Newegg support staff OR  they just don't have access to that level of information and therefore cannot truthfully answer it.

We do not have a public list of authorized retailers, resellers, etc. Generally speaking, any major retailer can sell Malwarebytes products and several major online retailers (e.g. Newegg, Amazon, etc.) can too along with select reseller partners (e.g MSPs, IT service providers, computer repair shops, etc.) and distributors. Our support staff can help verify a purchase if you question it.

With that being said, eBay themselves are not an authorized reseller nor a retailer. They are a bidding/3rd party marketplace. All authorized resellers are not allowed to resell Malwarebytes using any 3rd party market place system (e.g. eBay, Amazon Marketplace, G2A, etc.).

[Malwarebytes licenses from Newegg - can we discuss?]

@bjm Newegg is a retailer that is authorized to resell certain Malwarebytes products. They offer the boxed, key card, and digital versions for retailers.

As already stated, this is similar to other authorized resellers and retailers like Amazon, Bets Buy, Staples, Office Max/Office Depot, and more.

[Reactions and Mark As Solution]

Earlier this month, we started slowly enabling features like "Mark as Solution" and the "Reputation and Reaction" system. Today we are formally announcing that these things are on and enabling two widgets on the main index to help showcase users' content that are impacted by the features.

Reactions
Similar to other social network platforms, you can now add a reaction to any comment/post. Simply click the icon on the lower right of a post and select the reaction you want to use. Below is a screenshot of what that looks like:

Here are the current available reactions:

•  Like (positive)
• Thanks (positive)
•  HaHa (positive)
•  Confused (neutral)
•  Sad (netural)

 

Mark As Solution
We have enabled the ability for the original poster, moderators, and administrators the ability to select a post as the solution in a topic. This will highlight the solution inside the topic itself as well as highlight that the post itself has been solved. This makes it easier for users to quickly get to a solution and highlight the help from our forums community members.

To use this feature in a topic you have posted, simply click the Mark As Solution link in the lower left of a post. Below is a screenshot of what that looks like:

New Widgets for Reactions/Reputation and Mark As Solution

1. Popular Contributors - This widget highlights users who's content is getting the most positive reactions.
    
2. Most Solved - This widget highlights which users have the most posts marked as a solution.
   

[Malwarebytes says expired HELP!]

@yoMuzicMan just wanted to give you an update - our home support team isn't back in until tomorrow, but I tried taking a look at things since I have limited access to some of the systems the support team does.

According to our licensing system, the key that is showing in the screenshots you sent in is not expiring and was renewed on 09/06/2020. Its still good until 2021.

Also, the 2 other keys you mentioned in your emails are alias keys for the primary key in your screenshot. Using one of those keys should work but the UI will revert to the primary key which is in your screenshot.

If you are still seeing a message the the license is temporarily extended, then I would recommend hanging on until support can work with you on that. Keep in mind that your license is still valid and your computer will still stay protected while support figures out what is causing this potential UI bug.

[Malwarebytes says expired HELP!]

@yoMuzicMan I have reached out to get this escalated.

[How to permanently stop unauthorized use of license]

@Don0819 I have reached out to get this escalated. 

[Malwarebytes 4.2.1 Digital certificate problem]

@Malebox that's really strange. Can you gather some technical logs so we can diagnose how this may have happened?

1. Download and launch the Malwarebytes Support Tool: https://downloads.malwarebytes.com/file/mbst
2. Click Yes if a User Account Control prompt appears, and click Accept when the EULA prompt appears.
   Select Advanced from the left side menu
3. Click the Gather Logs button
4. Wait for the utility to create a MBST-grabs-results.zip file on the Desktop
5. Attach the resulting MBST-grabs-results.zip in your next reply

[How to permanently stop unauthorized use of license]

35 minutes ago, Don0819 said:

@AlexSmith Thanks! If I was Malwarebytes I would really want this license terminated. I have been writing down device names just sorting in the last hour, and I'll keep a list - all are Windows, all have different registration dates, I have seen no repeats but 3 different devices using it so far - and I am sure earlier today I saw other device names but did not write them down. They are random names too, not like LAPTOP-WC004, LAPTOP-WC005 etc., which might indicate a company purchase or something. 

You will have to wait for Support to follow up and research this completely. I am only seeing a single device on the key you submitted in the ticket, but like I said I only have access to some of those systems.

With that being said, I see you have another ticket about using some of your legacy lifetime licenses on macOS. While new subscription licenses are multi-platform (Windows, macOS, Android, Chromebooks), Legacy Lifetime licenses are for Windows only. See the details here: https://support.malwarebytes.com/hc/en-us/articles/360038516814

[How to permanently stop unauthorized use of license]

@Don0819 I have limited access to some of the Support team stuff. Let me see what I can uncover for you.

[on Beta CU 1.0.1053]

On 9/24/2020 at 4:22 AM, SPDIF said:

Latest update required a restart on all my devices. Getting errors in firefox on some machines with web protection enabled. It says in a big screen that malwarebytes is blocking Firefox.

Disable web protection fixes the issue. Not all webpages are giving this error, sometimes i see a short error screen then it quickly restores to normal. My wife wanted to install another language in firefox and it could not download it. Had to disable web protection to be able to download it.

@SPDIF thank you for sharing your experience!!! This bug is now fixed in our latest beta Component Update (v1.0.1056). Simply go to Settings and perform a "Check for Updates" to grab it.

More details on this beta update are here: 

 

[Malwarebytes 4.2.1 (Beta Enabled) - Digital certificate problem]

@Aridane Thank you for sharing your experience with the beta!! We just released a new beta Component Update (v1.0.1056) which should resolve this issue. Can you go to Settings and perform a Check for Updates then see if the issue still occurs?

Details on the new beta update are here: 

 

[MB4 Beta causes Firefox to block websites]

This issue has been resolved with our latest Beta Component Update v1.0.1056. Please perform use the Check for Updates option in Settings to force update.

More details are here: 

 

[Malwarebytes 4.2.1 Digital certificate problem]

7 hours ago, Malebox said:

This issue no longer concerns just the beta version.

Stable updated to 4.2.1.89 - 1.0.30376 - 1.0.1053 experiences the same behavior.

If Web Protection is ON - all websites fail to get certificates from smart cards on both chrome and IE11.

Disabling it is not an option as it compromises a protection layer.

Users cannot disable it themselves even as it requires administrator elevation.

 

Needs to be fixed ASAP. Imagine explaining to management how a software they pay for is preventing all access to banking, government and other institutions which require smart-cards.

@Malebox Thanks for sharing your experience!! Malwarebytes v4.2.1.89 with Component Update 1.0.1053 was only available to beta testers. We just released component update 1.0.1056 which should fix this issue. Simply go to Settings and do a manual Check for Updates to grab it.

If you continue to experience issues with Component Update v1.0.1056, please let us know.

For more details on the beta Component Update, go here: 

 

[Forum Replies is a Negative Number]

@1PW and @exile360\

This issue was resolved a little bit ago, but I forgot to update this specific thread.

The reported problem was caused by an unexpected plugin compatibility issue due to IPS moving our platform to their new infrastructure which they performed shortly after updating our forums to IPS v4.5.3.

Essentially the users would encounter a 500 error attempting to post content that was analyzed for potential spam. The post link would get created but with no content resulting in a corrupted post that both exists and doesn't exist.

If you see any additional -1 posts, let me know since we have to manually delete them.

[New version of the forum! Feedback]

7 minutes ago, Gt-truth said:

I am unable to figure out where is the "mark as resolved" option . can someone show me where is the option

It will appear in the lower left side of a comment in a thread if that feature is enabled for that area of the Forums.

So if you are not seeing it, it's likely because that area of the Forums does not have the feature on yet or its an area where having it on doesn't make sense.

Feel free to let me know where you are seeing that as most off our help/support areas should have it on.

[Changes and Known Issues after IPS 4.5.3 Update]

UPDATE - ISSUES RESOLVED

The following recent issues have been resolved:

• Some posts contain no content and produce the following error: "There are no posts to show Error code: 2F173/L"
• Posts appear as a negative number in sidebar widgets
• Attempting to post, reply, or private message may result in Error 500 depending on the contents of the post/reply/message

If you encounter a post with the "There are no posts to show Error code: 2F173/L" error still, please send me a private message with a link to the post.

[New version of the forum! Feedback]

4 minutes ago, John L. Galt said:

Q:  Can you ask if they reverted the setting where using the "Mark all forums" link sent you back to the main forums page, or did that setting simply revert on the install of 4.5.3?

 

Because I, for one, found that extremely helpful, since I use the notification bell to find posts I need to look at....

Not right now. It's low on our priority list of things to tackle.

[New version of the forum! Feedback]

Update - We were made aware that users may have had issues posting and replying again due to encountering Error 500. IPS has just fixed this issue and we are keeping an eye out for it.

[Forum Replies is a Negative Number]

@1PWwe have reported this to IPS and hope to get a solution soon.

If anyone encounters this and can recreate it please PM me or if that fails email me at alsmith@malwarebytes.com. 

[Forum Replies is a Negative Number]

The posts don't seem to fully exist..this is strange...

[New version of the forum! Feedback]

Just a quick note - IPS updated our forums to version 4.5.3 today and made some backend adjustments.

We also encountered a bug due to the upgrade that caused the Editor to not be accessible which prevented posting and replying. This was resolved shortly after being discovered.

Thanks for keeping the feedback coming!!