Jump to content

exile360

Experts
  • Content Count

    22,292
  • Joined

  • Last visited

Everything posted by exile360

  1. Absolutely Just search for any threat by name (as identified by Malwarebytes in your scan/protection log or the UI from the detection) here and there are tons more useful resources accessible from the Malwarebytes homepage (malwarebytes.com) under the Resources menu (that's where that little gem I linked to was located along with the blog that I pulled those articles from). If you ever want to kill about a good solid week or two just reading about security, threats, scams, privacy and all sorts of other techie goodness it's a great place to dive into to learn. They also update the blog regularly with the latest security news about scams, data breaches, threats/infections as well as many of the various goings-on at Malwarebytes.
  2. I dug up some additional information from Malwarebytes official support portal that you should find enlightening: What is Exploit Protection Vulnerability exploits Malwarebytes Anti-Exploit protects against Applications Malwarebytes Anti-Exploit Shields Malwarebytes Anti-Exploit new user FAQ Malwarebytes Anti-Exploit vulnerability prevention details Much of that information is pretty basic, but you should be able to hopefully glean at least some useful/new info from all of it, at least that's my hope. Also, here are screenshots of all of the Exploit Protection settings tabs in Malwarebytes 3 (note that these are NOT configured to the installation defaults as I have deliberately enabled all of them save for one setting which was actually disabled a while back to correct a known issue with MS Office which prevents it from being enabled, even manually in current Malwarebytes builds):
  3. Sorry for not responding sooner. Unfortunately since I am a Windows 7 user myself I can't dive too deeply into the differences/enhancements etc., but I do know that at the very least Malwarebytes does shield many non-Microsoft/non-OS programs including third party web browsers, office applications and media players; something I don't believe the functions in Windows 10 do, at least not to nearly the same extent. Malwarebytes also contains specific OS hardening techniques, at least some of which I'm fairly certain are not included in Windows Defender just based on the fact that there are a LOT of them. If you haven't done so already, take a look at the various options in the interface of Malwarebytes 3 for its Exploit Protection component assuming you have a license (or if you have it available, the 14 day trial). I'm not certain what the UI looks like for the standalone Anti-Exploit Beta these days so it may not expose as many of the functions/settings that Malwarebytes 3 does but I believe there is parity between them, at least for the most part at the moment. You can also take a look at the information in this Malwarebytes documentation as it reveals at least some of the functions included with it (there are 3 more tabs that it doesn't reveal as well as additional shielded applications which are not shown due to them not fitting in a single page so one would need to scroll through that dialog in Malwarebytes 3 to see them all). I'm certain that there is at least some overlap between the two, however I have seen and know many knowledgeable users running the two of them together quite happily and I recall hearing some of them express that the exploit shielding provided by the two applications was diverse enough to keep both running/active, though of course that was a while ago and Microsoft may have made further additions/changes since then, though I have not heard any claims from anyone that it rendered Malwarebytes' Exploit Protection obsolete/redundant in any way. I realize that wasn't exactly the level of detail you were hoping for, but I hope that it helps nonetheless.
  4. I'm sorry that you've had a bad experience with the software. I can definitely relate being a Windows 7 user myself and having to deal with the various issues that have arisen throughout various Malwarebytes 3 releases in the past (including the recurring system shutdown/startup delay/occasional hang/freeze issue which was there, then fixed, then back again, then fixed, then back yet again on several occasions throughout the past year+). I haven't experienced too many problems with the most recent release save for a compatibility issue with one of my system manufacturer's hardware control/overclocking applications which I was thankfully able to resolve by configuring Malwarebytes to delay the startup of its protection for 30 seconds (my system is pretty fast as you can see from the specs listed in my signature, so a longer delay may be required for others, but 30 seconds works for me because that gives all my other apps plenty of time to start/become resident and settle down before Malwarebytes starts): I realize you've opted to uninstall the software, but just in case you decide to give it a shot on your own system (and of course for any other users who might be affected by a similar problem) I wanted to post the setting just in case it is of any use to you. One more thing worth mentioning is that if you have a lifetime license and don't want it to completely go to waste you can simply disable protection from running at startup and just use the scanner and scheduler as an automatic second opinion scanner, and of course you may test with disabling the various individual protection components to see if any one or combination of settings resolves the issue for you since some protection is still better than none (as long as it is stable, obviously).
  5. Ugh, yes, I hate it when companies do things like that, especially when you've actually paid for the software. It's like paying for the privilege to have PUPs installed/be advertised to. It's at least somewhat understandable (though not excusable or really acceptable in my opinion) when 'free' software bundles in such additional 'gifts' as a means of generating revenue from their free products, but when they do so with their paid offerings that's just messed up. You paid for the thing once, why should you have to pay again by (potentially) harming your system's performance, risking your security/privacy etc. (depending on what they're bundling, of course), and even have to deal with any of this additional junk taking up space on your drive when you already handed them money? I guess that explains why Malwarebytes detected it, and I suppose Revo is the variable in the mix that caused things with Malwarebytes to go awry (not that there's anything wrong with Revo; it's quite a handy tool, though obviously some caution is required when using it just in case it wants to remove anything not directly related to the software you're attempting to uninstall which does happen, though not too terribly often in my experience thankfully). Anyway, if there is anything else that we can help with just let us know, and good luck with seeking your refund. Hopefully they won't give you a hard time about it or make you jump through too many hoops to get it done, but if they do, as long as you paid via PayPal, credit card or ATM/debit you should be able to contact your bank/card issuer/PayPal to have the transaction charged back/refunded to you, particularly if you explain the situation as I'm sure they'd agree that this is not acceptable behavior considering you paid for the thing and all and didn't ask for this bundled registry cleaner to 'enhance' your experience. By the way, in case you're curious as to why Malwarebytes may have detected it (aside from it being a bundled app, obviously, which is typical PUP behavior), they also aren't great fans of registry cleaners as expressed in this Malwarebytes blog article. That particular article is actually the first part of a 3 part series on PUPs. The second, which deals with driver updaters can be found here and part 3 which is more focused on PUPs in general and the practice of 'bundling' (very much like the situation you yourself encountered) here. Those articles give great insight into the mindset of Malwarebytes' Researchers, and the company as a whole with regards to their aggressive policies against PUPs and why they are so zealous about it. In my opinion it really is just another shady way for companies (as well as actual malware authors in some cases, as they'll use malware to install PUPs to generate revenue as affiliates/resellers) to turn a profit at the expense of users' systems.
  6. I have no idea, but you can try Windows Update and check Intel's website, but unfortunately Intel has become pretty bad of late about abandoning hardware and older operating systems much sooner than they used to ever since their agreement with Microsoft to cease support for pre-10 Windows versions for their latest chips/hardware.
  7. Greetings, I found the information located here regarding the detection of Systweak, however that may be a different application from the one you mentioned so it may indeed be a false positive. If you do believe this detection to be a false positive then please review the information in this pinned topic as well as this pinned topic and create a new post in the false positives area by clicking here and including the requested information in your post so that the Research team may investigate, respond and take any necessary action to correct the issue if it is a false positive. If the item is no longer located under the Quarantine tab and you are attempting to reinstall it, then you may do any of the following to do so: OPTION 1: Temporarily disable protection and install the program, then create exclusions: First, right-click on the Malwarebytes tray icon and click on Malware Protection: On and click Yes if prompted by User Account Control to temporarily disable Malware Protection to prevent the program's installer from being detected Install the program Open Malwarebytes and click the Scan Now button located on the Dashboard tab to perform a Threat scan and allow it to complete Once the scan completes, if any of the program in question's files, folders and/or registry entries have been detected, click the checkbox at the top of the list of detections to clear all of them and click Next When prompted, select the option to always ignore the remaining items from the scan and they will be added to your Exclusions (you can verify this by visiting the Exclusions tab under Settings) OPTION 2: Manually exclude the program's installer and then create exclusions: Download the program in question again, but do not attempt to launch its installer yet Open Malwarebytes and navigate to Settings>Exclusions and click Add Exclusion Leave the Exclude a File or Folder option selected and click Next Click on the Select Files... button and navigate to the location where you saved the program's installer (most likely your Downloads folder by default for most web browsers) and double-click the file to select it then click OK Install the application and then exclude its folders/files by using the Threat scan mentioned above in OPTION 1 or you may do so manually (though be aware that some items may not be excluded and may still be detected by a future scan, especially registry items and program shortcuts so the scan method is recommended) You may also change how Malwarebytes handles detections in the future. If you would prefer that Malwarebytes not detect PUPs or prompt you on how to handle them when they are detected then you may open Malwarebytes and navigate to Settings>Protection and under the Potential Threat Protection section, use the first drop-down menu to change how Malwarebytes handles Potentially Unwanted Programs. Warn User will have the program prompt you with an alert and options to quarantine, ignore once, or ignore always (exclude) any PUPs that are detected by real-time protection and they will be unchecked/not quarantined by default for scans (including both manual and scheduled scans), and Ignore Detections will have Malwarebytes refrain from detecting anything classified as PUP in the future by both scans and real-time protection. You may also change how Malwarebytes handles all detections by its real-time protection, including both PUPs as well as items detected as actual threats so that it prompts you on how to handle them. To accomplish this, open Malwarebytes and navigate to Settings>Protection and under Automatic Quarantine toggle the option to Off and from now on you will receive an alert notifying you when a threat (or PUP) has been detected by real-time protection and you will have the option to quarantine the detected item as normal, allow the item to execute once, or to ignore the item always which will add it to your exclusions (similar to the option mentioned above for PUPs). If there is anything else we might assist you with please let us know. Thanks
  8. An advisory from Intel warns users that they should immediately remove and discontinue use of their longtime offered Intel Matrix Storage Manager software solution provided with many Intel chipset based products, including many Intel platform based motherboards. The company is discontinuing this software and advises that users remove it from their systems immediately. The vulnerability in question allows a privilege of escalation attack by a local authenticated user (i.e. someone with local device access with malicious intent who knows how to exploit the vulnerability). This update comes at the same time as a series of other major advisories including a vulnerability in their integrated graphics drivers as well as one in their USB 3.0 Creator Utility. Updates for their graphics drivers which patch that vulnerability are available either through Windows Update or directly from Intel's website for supported devices/chipsets and operating systems. Thankfully, none of these vulnerabilities seems to have any impact unless the attacker has direct, physical access to your device, but it's still a good idea to take action and patch as soon as possible.
  9. Yeah, trying to hack compatibility for an in-memory protection program like the Exploit Protection in Malwarebytes is a recipe for disaster and unlikely to do much to increase the security of the device in question.
  10. By the way, this is a prime example of the direction that Microsoft is taking. Obviously that applies to businesses, not consumers, but I assure you that consumers won't be far behind (they tend to test things out on the business side before the consumer side for most major initiatives). The smart phone market is pretty much already there, with many phone service providers offering leases for their overpriced devices which gives the consumer the option to never own their phone, just to lease it and have it replaced every year or two when the new one comes out. It's silly if you ask me, but I guess I can understand wanting to have the latest and greatest tech being a PC hardware enthusiast; I just don't like the idea of perpetually paying for hardware that I never actually own and paying for so-called 'upgrades' that don't really offer new, exciting, innovative features any longer (the mobile market has stagnated of late, especially for the company that starts with the letter 'A' in my opinion; though they are about to have these new folding phones which is ironic considering that modern smart phones replaced phones that flipped open/closed with dual screens in the past, one of which I still own and use in lieu of a touch based smart phone ).
  11. Yes, as I mentioned, Linux is definitely on my very short list of considerations for the long term future. That said, I have no plans to migrate away from 7 any time soon. Given the extensive measures I take on my devices to secure them and either disable, turn off/deactivate, remove or outright break any components and aspects that present a potential exploit risk or security hole, combined with all of the measures I take using third party security tools as well as near constant software and performance monitoring to look for any suspicious, out of place or malicious behavior, I am certain I can keep 7 secure for a long time to come, even after Microsoft ends support for the Operating System early next year. A great deal of the major exploits for Microsoft Windows, Internet Explorer and other common components and programs that I use have been useless against my system from day-0 and prior due to that fact. To cite a well known example, EternalBlue, the now infamous SMB v1 exploit utilized in the WannaCry/WannaCrypt0r ransomware attacks. I was immune to this attack vector (and any other SMB related exploit for that matter) since long before the Shadow Brokers group ever exposed it to the public, and likely before the NSA ever even developed this exploit/attack measure simply because I had already removed/disabled SMB capabilities from all of my network connections and I'd already disabled or deleted any of the Windows Firewall rules allowing such connectivity to my system (or from it for that matter, so even if I were infected, I could not infect others on my network with any worm attempting to exploit SMB as a connection mechanism). In fact, I don't even have IPV6 enabled yet just because it has not yet become necessary and hasn't been adopted as the primary standard/protocol yet, though obviously I will once the world finally gets off of IPV4 (at which point I'll likely disable IPV4 so that only the primary/most secure protocol remains active). Anything related to remote control/remote access is either disabled, removed or broken (including patching and disabling Intel's own Orwellian IME hardware remote access/control functionality embedded in virtually every chip they've manufactured for the past decade or so; that one was tough without my system manufacturer's willingness to provide a patched BIOS, but I accomplished it nonetheless). I don't mess around when it comes to security, and while I definitely do NOT recommend others do so since I'm certain most likely aren't nearly as thorough or paranoid as I am, I will most likely be sticking with an 'unsecured' OS, at least for the foreseeable future. Honestly, as long as the software is compatible that I use (which shouldn't be a major obstacle until Microsoft makes some massive, sweeping changes to hardware/driver compatibility in a later version of Windows 10, which will necessitate breaking compatibility with current versions of Windows 8/8.1 and 10 as well as 7 since they all currently use the same underlying core driver/hardware APIs save for those new ones which only apply to Windows 10 such as ELAM), I have no reason to fear that my system will suddenly become so vulnerable to attack that it cannot be mitigated, either through my own pre-emptive countermeasures or those in play from third party software tools such as Malwarebytes. Those generic, behavior based/signature-less protection mechanisms go a long way to securing a system against many potential existing and as yet to be discovered vulnerabilities. At the time that XP support ended this really was not the case, as technologies such as anti-exploit, active keylogger monitoring/detection and other strictly behavior based protection mechanisms in that area were either very much in their infancy, or hadn't reached nearly the level of availability and reliability that they have now. It's also a different world out there from the bad guys' perspective. Microsoft Windows is no longer their primary target of choice; in fact, I've seen several reports in recent years that the largest botnets are now composed of IoT devices, not PCs which is something that has never happened until now. Mobile devices are now much more prominent, as are 'smart', always online IoT devices that almost all run some flavor of Linux, not Windows, and these are the main targets for those who seek to infect as many targets as quickly as possible, especially with their lackluster security offerings compared to desktop operating systems which have a plethora of security tools, suites and offerings available for free and paid to help keep them secure. A time will soon come that Malwarebytes and other AM vendors will see for the first time ever the number of threats discovered throughout the year to be primarily for devices that are NOT running Microsoft Windows. It's only a matter of time, and that time is fast approaching.
  12. And in 7, I don't have to turn any of it off because there's nothing to turn off, and I also don't have to trust that they are not only honoring the settings that they do expose to the user to control, but that they aren't likely hiding other areas of concern for which there are no settings to control. I've seen reports in articles, videos and from users about ads embedded in the live tiles in the START menu and how apps will reinstall themselves after being removed, and that privacy settings will revert following updates to the OS. It just seems more trouble than it's worth, especially knowing what I know of Microsoft's initiatives to follow the business models of the likes of Google and Facebook who essentially make their entire living off of gathering user data and selling advertising.
  13. Yes, it's a world full of adware and spyware. What was once called spyware is now referred to as 'telemetry', and what was once called 'adware' is now referred to as 'targeted advertising' but it's all the same stuff that brought companies like Safer Networking, Lafasoft, Webroot, and eventually, Malwarebytes, into being.
  14. Dude, I cited Google as my reference point for my concerns regarding Microsoft; I'm all too aware of their operations with regards to advertising and privacy. I don't use a console for gaming so I've never seen those ads you mention for Amazon. I block all ads so I don't even see any of the ads when I watch videos on YouTube, but I know that they're supposed to be there; I just don't tolerate them, the same as with other sites.
  15. Really? I haven't seen any, at least not on any of the content I've purchased.
  16. I have lots of faith in humanity; it's corporations (like Microsoft, for example) that I do not trust, and likely for good reason since one of their primary motivations is the monetization of user data/telemetry, not to mention their own privacy policies which state that they will retain and turn over any and all private messages, data, emails and other info to any authorities that request it. Heck, my ISP fought harder for privacy and they're AT&T; a mobile carrier, and we all know how bad they tend to be when it comes to privacy, yet they're better than Microsoft. My lack of faith is because while I do believe that most people are genuinely good and that they try to do the right thing, money tends to get the better of them too often, and in many cases not everyone within an organization knows everything that all the others are up to, and of course the word they're fed down from the top is often spun with a friendly sounding message that what they're doing is somehow for the benefit of their users/customers (telemetry is quite often justified this way, even when it is being used for marketing and sales purposes). Of course, there's also articles like this and you'll find countless others if you search for anything like "Windows 10 privacy", "Windows 10 backdoor", "Windows 10 security", "Windows 10 spying" or anything else along those lines. Never have I seen an OS release get so much negative light shined on it over privacy and security concerns. And all of that is on top of the fact that Microsoft continues breaking their own OS by making compatibility breaking updates that are insufficiently tested before being forced out to users via Windows Update (something I've never experienced on 7, even after installing Service Pack 1, which was a major update to the OS) and the fact that it's designed with users of phones and touch enabled devices in mind first, and users of keyboard and mouse interfaces second (though it's still much better than 8 in that regard, but only because they received so much negative feedback and press over it). You have to understand that the biggest problem here isn't some set of options in the OS or even the fact that Microsoft has straight up said that they would cooperate with authorities to expose user data/systems (though those are certainly things to be concerned about); it's that Microsoft is literally looking to get out of the endpoint software business, meaning that eventually they want to make profit from serving up software and services from 'the cloud' just like Google. They want all sales to go through their app store, all data to be stored on their servers (including any private data, especially anything containing useful info such as other users' email addresses and contact info as that just adds to the people they can potentially advertise/sell to) and they want everyone to get comfortable with the idea that no matter what they do on their devices, it all gets saved and stored for them by Microsoft, who just so happens to be constantly seeking out new ways to profit from it, be it through paid advertisements embedded in the START menu, browser, instant messaging app, games or whatever, or through direct sales of their own software and services to users of their operating system which serves as little more than an 'always on' Microsoft storefront. They want Xbox to become the same thing which is why with the next version they're going to be pushing hard for gaming as a service with more streaming than physical media and I'm certain it won't be long before we see advertisements embedded in the games we play (some of them are already doing this, actually, but it will get worse). I HATE advertisements. I hate them so much that I cancelled my cable TV because I got so sick of the constant ads being forced on me, even during programs not just commercial breaks when I was paying for the privilege. I can understand if something is free, someone using ads as a means of generating revenue, but once I've paid I've earned the right not to have any more products and services pushed on me. That's also why I block the ads on the internet. I wouldn't if they weren't so obnoxious, but it's really gotten to the point that the web is practically useless without a good ad blocker, and that's sad. That's also why I'm more than willing to PAY for services like Amazon, Netflix and Vudu just so I can have access to the content I want WITHOUT any advertisements. I would rather pay a premium for content to receive it ad-free and without restriction than to have countless advertisements and little 'gotchas' in there for the company to try and profit from using the lure of supposed 'free' content as the bait.
  17. Greetings, I believe Torch is a web browser; one that is known to often be bundled with potentially unwanted software such as unnecessary browser toolbars and search engines. It is up to you whether or not to keep it, however if you did not install it on the system then it may have come bundled with some other software you installed previously and you may have ADWCleaner remove it if you wish.
  18. Yes, Windows 7's time is coming to an end, but I won't be abandoning it for the gaping security hole filled, spyware riddled, backdoor harboring, adware infested sad excuse for an OS that Microsoft calls Windows 10. I plan to stick with 7 for as long as possible, and if the day comes that I am no longer able to keep it secure using my methods (the same methods that have kept me infection-free for over 20 years and counting across every device I've ever administered) I'll assess my options and make a decision on what to run next; probably some variant of Linux, and hopefully by then their compatibility with Windows based games will be better than it is now (though it is improving all the time from what I hear). In my honest opinion, security updates or not, 7 is still a far more secure OS than Windows 10 will ever be. There is a good reason 10 is the only OS Microsoft has ever given away for free and even tried to force on users through Windows Update. I understand that Microsoft's goal is to change to a 'software as a service' model (including using their OS to push sales through their Windows Store, Xbox and embedded advertisements) and to become a data harvesting telemetry giant like Google, collecting data and tracking everything that everyone does, but those goals do not align with my personal beliefs in privacy and my requirements for security. One day clever hackers will discover the backdoors Microsoft left open in Windows 10 and will exploit them, and no amount of enhancements to their built in Windows Defender will stop the bad guys from using the open gates they left in their own OS for themselves and the organizations they have chosen to pander to.
  19. Greetings, Yes, folder exclusions in Malwarebytes are recursive, so anything contained within 'C:\folder' would be excluded, including any files, sub-folders, files within sub-folders and folders/files within any deeper sub-folders.
  20. While I agree that it could be better, I don't think any kind of 'show details' option is a solution as filenames and paths can still be extremely long. In my opinion the solution would be for the columns to actually behave like proper columns do in other applications (including Windows Explorer, Task Manager and countless others) where you can easily set the column width to that of the longest item in the list with a double-click rather than having to awkwardly drag each column out to the right by hand to the desired length. That would provide an easy way to see the full details of all detections without having to invent some additional UI element (which itself would no doubt suffer from the same issues given the fact that the lengths of the items could still exceed the available space in any additional hypothetical dialog/window).
  21. Greetings, Depending on the size of the queue it can take a day or so to get a response, though I suspect the reason you hadn't received a response yet was likely due to the weekend as I believe they generally only respond to tickets on weekdays. If another day passes without a response please let us know and we will try to get someone to look into and respond to your ticket. Thanks
  22. Sometimes they do, but usually that only happens when there is a major change such as the update servers being moved or the database syntax being changed to the point where the older version can no longer read them. As for the trouble you've had with new versions, it's possible that whatever the problem was it may have been addressed in one of the releases since the versions you had trouble with; at least we would hope that's the case. You can find the release history for the various versions of Malwarebytes on the right side of this page and if you let us know the kinds of problems you've had, hopefully we can let you know if those issues have been addressed or not in the releases since the version you have now.
  23. Yes, I'm using MSE alongside Malwarebytes here myself and I've seen no such errors. Whatever it is that may be causing this issue, I suspect it's far more unique than that.
  24. Have you tried disabling Ransomware Protection in Malwarebytes? This particular component monitors filesystem activity closely (including I/O/write operations like those that would occur when watching/recording TV via MCE). It might be worth a try disabling it to see if that makes any difference. Risk of infection when disabling that particular component is rather low anyway since it is much more of a reactionary solution than a proactive one as it awaits live ransomware activity from an already installed threat to try and detect and stop it before it is able to encrypt the files on your system; the other modules, especially Exploit Protection and Web Protection would be far more likely to stop any ransomware threat much earlier in the attack process due to the fact that the vast majority (if not all) of ransomware threats rely on exploits and the like to infiltrate systems in the first place.
  25. That's great, thanks. Hopefully he'll be able to determine what might be going on and if not, he'll provide it to the Devs so that they may investigate the issue further but hopefully it's just a matter of some incompatible software or driver that needs updating to resolve it.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.