Jump to content

axkazex93

Honorary Members
  • Posts

    41
  • Joined

  • Last visited

Posts posted by axkazex93

  1. Hello!
    I'm a student developer and I use Visual Studio to compile my test and college projects, as well as my own application that I'm building from scratch to test my knowledge. However, Malwarebytes keeps detecting all the apps I compile as Malware and don't let me run them with its Machine Learning engine or something, it actually shows Machine Learning in the type of malware so I had to put my repos folder in Malwarebytes' ignore list but I'm concerned about my applications keeping being detected by it in case I decide to publish something. So here are two  questions:
    - Is this how it is supposed to act?
    - In case I publish anything, how can I ensure my application will be considered safe and not a potential malware? (It is really not a malware, it is just a program that manages an attached database)

  2. Hello guys!
    I just wanted to make an appreciation post cause I'm really so amazed at all of the developers of this program. I don't know their names or way to contact them, so I just want to drop this post here and say THANK YOU! REALLY! 💗

    Not only this company have (probably?) the best antimalware software around but they manage to keep its price REALLY affordable so that anyone can have it. As I live in another country which the currency is a lot undervalued, I was really surprised to see that the price is a actually affordable for me when I bought my premium license. (it usually isn't for most of the things because of how much dollar is high and etc etc economics stuff).

    So yeah i'm very happy and grateful that you guys could develop such an awesome piece of technology and at the same time keep it affordable, I don't complain much about prices of software cause I know companies have to pay their staff and also get some money to keep running and profit, but Malwarebytes need to win some award for being able to keep the price nice.

    Sorry for any english errors I'm not a native english speaker.

     

  3. Hi! I've used Malwarebytes on my phone for a very long time. Back then, it used to be free with real-time protection, but with the new version it is not anymore. However, when I first updated my app I was offered to be grandfathered into a Free+ plan that had real-time protection for being an old user. I agreed to it and it was doing fine until I had to reset my phone cause of a problem I had and now I can't get real-time protection back anymore.

    How can I get it back? Unfortunately I don't have money to pay for the subscription cause I'd have to pay around 4 times the value in my country's currency.

  4. There is no Malwarebytes, or any antimalware or antivirus for Windows 10 Mobile because it doesn't need one, due to how the system itself is built. Apps in WP runs sandboxed from the system itself, so if there is any malware at all, it will not infect the system in anyway because it simply can't get access to the environment out of the app sandbox. The malware also needs to be coded specifically for WinRT and able to run on ARM, which, in the case of Windows, I don't believe there are much around, if there is any.
    Also, I don't think Windows Phone/Windows 10 Mobile allows access to system monitoring and usage stuff to any application, which is what Malwarebytes needs in order to run.

    But, of course, you are still suscetible to phishing attacks from malicious websites or malicious coded apps to steal data you give them WITHIN the app, like for example, asking you to type your facebook login for example, but if you don't install apps from other sources other than the Windows Store, you are safe.

  5. 11 hours ago, Firefox said:

    .Changing the date of a file does not do anything to deter Malwarebytes from detecting a file.  What I mean by old samples is that if the sample/malware is not seen in the wild any more, Malwarebytes removes them from their database (mind you the heuristics may catch it).

    So are you saying that 2016 malware are too old and not being seen in the wild anymore? You gotta be kidding me. Malwares can survive in the wild for years after released even after there are definitions or heuristics that detects them. I'd agree if it is an overly old malware that can't do harm anymore but a ransomware is far from not doing any harm.

    Doesnt matter if the script was sitting on his  desktop, if it were in a malicious website or email attachment  the user would be damned because Malwarebytes wouldn't stop that ransonware from running anyway. Doesn't matter if it is "old", the anti ransomware should catch it.

    A 2016 piece of malware is too early to call it old and simply ignore it's threat specially if it is such destructive one as a ransonware.

  6. I think a moderator should get this response and pin it at the forum index in caps lock, bold and red font.

    Even though we are full of posts here from moderators that says we should use it alongside antivirus, which is a bit contradictory to what the company states in the website. But it is always good to have layered protection.

  7. I understand and agree with Malwarebytes rising the price of its software because it now includes anti-exploit and antiransomware. As I only have one computer I don't see a problem with the price for the single licence but I think that there should be a better pricing for users with many pcs because it can become a bit overwhelming for some people. But people with old licence can still pay the old price forever (I think?).

    Anyways you can always go with a free or paid av with Malwarebytes Free and the Anti Exploit Perpetual Beta and you will have a way-more-than-decent protection.

     

  8. I don't think there is a problem anymore, but to be sure you can disable anti-exploit protection for the browser you use to access your bank accounts. I remember that there was an easy workaround just by disabling a few options in the advanced settings of the anti-exploit module but I don't remember what these options are anymore, and it is not a good idea to tinker with them without knowing what you are doing.

    Anyways just disabling the anti exploit protection for the specific browser, or disabling it completely while you are accessing your account will work.

  9. EICAR works if you want to know if the signature engine is working.

    These companies only tests antivirus, not antimalware. Malwarebytes is not an antivirus, it acts way differently than antivirus so to test it you will have to elaborate specific tests with real malware, real exploits and real ransomwares on it's protection modules, which these testing companies doesn't seems willing to do so complain at them not Malwarebytes.

    What you are asking for needs real malware and ransomware, if you want to test, the only way is to deliberately infect a system with Malwarebytes installed which you can do by using sandboxes or VMs.

    Anyways wait for someone from staff to answer you they maybe can have a way for you to test the program without risking your safety.

  10. To test the ability of the program to find malware you can download EICAR test, not sure if Malwarebytes works with EICAR though. But if you want to test its ability to remediate malware then you will have to be infected for real and that's dangerous. The same with ransomware.

    If you want to test I'd advise you to do it in a sandbox or virtual machine.

  11. Not really. In my last comment in this post I was using a clean installation of the last CU4 build and the problem still persists.

    It seems that the problem is that Malwarebytes for some odd reason is unable or refuses to connect when there is an edited HOSTS file in the computer. I tested with both clean and edited HOSTS file. But the problem seems random because some other people were able to update even with an edited HOSTS file.

  12. Hi! I THINK I managed to figured out what is wrong here.

    Do your activation servers attach a installation token to a configuration when it tries to activate the software? I was wondering why Malwarebytes is not updating if the hosts file is clean. Then, I did a test: Hosts file modified vs Hosts file clean.

    With the modified hosts file, the update component simply refuses to connect. See at first updating tries in the log. I tried with: localhost, localhost and random thirdy-party server, localhost and a malwarebytes' server, and then finally a clean hosts file. The first times I tried to run update, you can see in the logs that it simply doesn't connect. And then, in the last update I ran with clean hosts file, voila! It connected!

    Also, I noticed that the it is the activation server that attributes an installation token, yes? Because, as you can see in the logs, the keystone was unable to retrieve the installation token, and it seems that the keystone component wasn't able to connect to the server either when the hosts file are modified, but after I cleaned up the hosts file, I guess it managed to get one because keystone stopped complaining in the logs about it.

     

    MBAMSERVICE.LOG

  13. 1 hour ago, Awesomegamer20 said:

    I am going to be honest, I did the host block thing so it doesn't block my lifetime pirated key that you usually get online. your probably asking why don't you just buy it! Well because I do NOT want to pay for a year licence I want it lifetime no extra charge. If you want provide me a lifetime licence that would be perfect Now i may purchase a 2 year licence. Until now I was having no issue updating the program even with the host block in place. I do apology if you think I am terrible person for NOT buying the program but I don't have money to do auto-renew. Thank you for understanding 

    You know you only have to do it ONCE every one or two years, right?  If you are pirating a program then you have no right to criticize their developers if some day they decide to block you from using their software, or parts of it. But I don't think that Malwarebytes decided to block the pirated programs... there could have lots of other measures they could use to prevent people from using their software illegally and they don't do it, as opposed to many other AV/AM companies and they never did.

    I actually think that Malwarebytes is very generous for not caring very much on blocking pirated copies of their software, allowing people to use it because they really could block the program when it recognizes during a scan that their domain in the hosts file, or when the program recognizes that it can't connect to the key server... Different from other av companies, Malwarebytes is not too aggressive on this matter. But it doesn't mean that people should be encouraged to pirate their software, because it really costs time and specially MONEY for the company to research, develop their softwares, thirdy-party licenses, paying their employes, and all... so yeah if you really like the software, please do buy it, unless you really, reeeeaally really really really REEEEAAAALLY can't.

  14. @dcollins Yup I'm still having issues with it. Same HTTP 400 error.

    03/26/17	" 02:33:08.277"	99640750	0ba8	1590	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest	"UpdateControllerImplHelper.cpp"	3382	"Signature successfully validated"
    03/26/17	" 02:33:08.665"	99641140	0ba8	1590	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::ValidateDBManifest	"UpdateControllerImplHelper.cpp"	3386	"DB manifest successfully validated"
    03/26/17	" 02:33:08.665"	99641140	0ba8	1590	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::CheckDbManifest	"UpdateControllerImplHelper.cpp"	3507	"Validated DB manifest - success"
    03/26/17	" 02:33:08.665"	99641140	0ba8	1590	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::Update	"UpdateControllerImplHelper.cpp"	362	"Update - Starting check for updates"
    03/26/17	" 02:33:08.666"	99641140	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate	"UpdateControllerImplHelper.cpp"	452	"DoUpdate - Starting check for updates (manual)"
    03/26/17	" 02:33:08.666"	99641140	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate	"UpdateControllerImplHelper.cpp"	454	"Checking for: Installer=[No], SDK/Ctlr=[No], DB/CLS=[Yes]"
    03/26/17	" 02:33:08.667"	99641140	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions	"UpdateControllerImplHelper.cpp"	956	"Installer package --> [mbam-c.installer.consumer], current version: [3.0.6]"
    03/26/17	" 02:33:08.667"	99641140	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions	"UpdateControllerImplHelper.cpp"	969	"SDK/Controller package --> [mbam-c.ctlr.64bit], current version: [1.0.75]"
    03/26/17	" 02:33:08.667"	99641140	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::GetInstalledPkgVersions	"UpdateControllerImplHelper.cpp"	985	"DB/ClsEng package --> [mbam-c.dbcls.64bit], current version: [1.0.1394]"
    03/26/17	" 02:33:10.136"	99642609	0ba8	0ec8	ERROR	HttpConnection	mb::common::net::HttpConnection::SendRequest	"HttpConnection.cpp"	229	"HTTP request failed, status code: 400"
    03/26/17	" 02:33:10.136"	99642609	0ba8	0ec8	ERROR	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::CheckForUpdates	"UpdateControllerImplHelper.cpp"	655	"HTTP status code: 400"
    03/26/17	" 02:33:10.136"	99642609	0ba8	0ec8	ERROR	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::CheckForUpdates	"UpdateControllerImplHelper.cpp"	661	"Err_ResponseStatus:  "
    03/26/17	" 02:33:10.136"	99642609	0ba8	0ec8	ERROR	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::CheckForUpdates	"UpdateControllerImplHelper.cpp"	662	"Err_ResponseMessage: "
    03/26/17	" 02:33:10.137"	99642609	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate	"UpdateControllerImplHelper.cpp"	484	"Checked for updates - no updates available"
    03/26/17	" 02:33:10.137"	99642609	0ba8	0ec8	INFO	UpdateControllerImpl	mb::updatecontrollerimpl::CUpdateControllerImpl::DoUpdate	"UpdateControllerImplHelper.cpp"	495	"Update check is complete."

    I also found out that resetting the hosts file could help but in my case, everything is the same.

  15. If I remember right, the system that the pirates blocks in the hosts file is the key server, which (I believe) has nothing to do with the update servers.

    If Malwarebytes is not working well with other domains blocked, then the problem is in Malwarebytes, in the software or the servers, not in the users' hosts file. I always had a modified hosts file and never had any problems with Malwarebytes updating until it suddenly appeared, so no, the problem is not on the hosts file unless you are actually blocking Malwarebytes' update servers.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.