Jump to content

exile360

Experts
  • Content Count

    22,270
  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings This is most likely due to the technologies in the Malwarebytes engine which utilize several methods of optimization to decrease scan times. Additionally, while the realtime protection components do guard against script based exploits, infected documents and multimedia files, the file scanning engine in Malwarebytes which uses more standard threat signatures, file pattern heuristics algorithms and infection installation pattern recognition does not scan non-executables. This is because in order to identify such non-executable based threats effectively and accurately, Malwarebytes needs to see the malicious behavior when those kinds of threats attempt to run and try to infect the system. Additionally, specifically with regards to raw performance, Malwarebytes is also multithreaded and optimized to use multi-core and multi-threaded CPUs such as the vast majority of chips from both Intel and AMD produced over the past several years. I hope that helps explain things and if there's anything else we might assist you with please don't hesitate to ask. Thanks
  2. Come on, really? Just ask MRG to clarify it. Ask them point blank if they are testing the Premium version of Malwarebytes or the free version. The grey area in the wording isn't mine, it's theirs. They refer to it as an on-demand product. I don't know what that means to you, but to me it means that it is only checking for threats on an on-demand basis, meaning when the user scans with it manually. If I am wrong, that's fine, but I haven't seen any references to any component of Malwarebytes which is included in the paid version. I have seen where they talk about things like web filters, exploit guards and other realtime protection components in their tests in reference to some of the other products they've tested, but not once have I ever seen them make such a reference in regards to Malwarebytes on any of their tests and that's because I do not believe they've ever purchased a license for testing and have only ever tested it as a second opinion, on-demand scanner running in free mode without any active protection layers. I agreed with you that I'd like to see the testing also; I'm not making excuses or saying that they shouldn't participate in the tests as I would love to see it myself regardless of the methodology used because I truly believe Malwarebytes 3 Premium would do extremely well given its current lineup of layers.
  3. They actually call out the fact that it's an on-demand scan by placing it in a separate chart from the other active products and refer to it as such. They didn't activate a paid license which is also why they always only ever refer to it as "Malwarebytes" or "Malwarebytes Anti-Malware" and never ever refer to it as "Malwarebytes Premium" or "Malwarebytes Anti-Malware Pro". That's also the reason Malwarebytes does so poorly so consistently on the tests where they do use any testing against actual exploits and ransomware because those components aren't active in the free version. I do wish they'd test using the free trial of Premium, but to my knowledge they haven't done a test that included Malwarebytes since the developers removed the option to opt-out of the trial during installation (though they could disable protection or deactivate the trial post-install, but hopefully they wouldn't do that).
  4. Sure, you're right, but a big part of the reason is due to the fact that many of the files being scanned in those tests aren't binaries and therefore aren't even scanned by the signature based malware detection engine used in the scanner (the anti-exploit realtime protection component would target such threats, but as I said, they only test the free version to my knowledge). Still though, you're absolutely correct, testing should be done and as I said, I too would like to see it for myself. I've been pushing for it ever since they began marketing Malwarebytes 3 as an AV replacement and I still believe it's an important thing to illustrate their effectiveness by an outside, independent testing lab.
  5. Excellent, I'm glad we got it working for you and thanks for the kind words, they are appreciated If you ever have need of our assistance again please don't hesitate to let us know and we'll do our best to help you out. And of course, thank you for choosing Malwarebytes to keep your systems (and suspect hard drives) safe. Just don't forget that if that drive has an active Windows installation on it, that you should also run a Threat scan on it once the drive is booted into its own Windows installation again because a lot of the heuristics in Malwarebytes depend on it so if it is infected, you'll be likely catch more threats when the system is live (and I'd also advise activating rootkit scanning if you haven't already once that Windows installation is active; you'll find that setting under Protection>Scan Options).
  6. Hehe, agreed. Also please bear in mind that while I'm obviously with Malwarebytes on the issue of comparative testing and its relevance, I'd still really like to see them participate in these tests with their Premium version, especially since the most recent builds of Malwarebytes 3 now include something that, to my knowledge, hasn't been in any of the builds tested to date which is a new heuristics malware detection engine custom built late last year and only recently turned on in the product (the new "signature-less anomaly detection" component listed under Scan Options (it also applies to realtime protection even though it's listed under Scan Options) as I believe it will have quite an impact on such tests (plus, if they're using the Premium version I believe the Anti-Exploit component in Malwarebytes would really kill it if they perform accurate real-world tests that begin the infection routine from the earliest point in the attack chain which is where exploits usually come in being one of the first steps in the vast majority of malware attacks these days, regardless of the eventual payload be it a rootkit, ransomware, Trojan or pretty much anything else).
  7. I suspect that if it had a greater impact on sales than it currently seems to, they would, not that money is their primary motivator, but they do want to provide their products in a way that both appeals to as well as meets the needs and expectations of their customers/potential buyers, so if the majority of users were relying on these kinds of comparative tests to make their final buying decisions as I believe they did at one time (though that was some years ago), then I'm confident it would be a higher priority for them than it currently seems to be. That said, yeah, you're right, it isn't easy to test Malwarebytes (or many of the current AV/AM products) accurately. Malwarebytes isn't the only product not being adequately measured for performance as a great many vendors these days use some quite similar protection technologies to some of what Malwarebytes currently offers and I don't believe any of them are being adequately tested. I believe the entire testing industry needs to evolve far more than they have in the past several years now that it has become far more common for security products to utilize a layered approach to protection and have begun to rely far less on raw file detection and malicious file binary hash identification techniques (techniques which are virtually useless against any modern threat as the vast majority are now polymorphic, often changing from one download to the next). edit: By the way, I went ahead and visited the Malwarebytes heatmap I linked to in my previous post when writing up my last reply and from then to now, here's what it shows so far (remember, this data is live so it only started counting from the moment I clicked the link to visit the page myself and doesn't include any older data from any previous days/times): Also note that I only included AVs which had missed 10 or more threats in the time I had the page open.
  8. Actually, I just checked your log and it shows this: MISSING FILE!: MBSHLEXT.DLL So it looks like the file isn't even installed. Please try reinstalling Malwarebytes 3. You don't need to uninstall the existing version first, just go ahead and install the latest on top of it then reboot if prompted and see if it works. You can find the latest release version here or you may try the latest beta instead which can be found here.
  9. Yes, it certainly sounds like it, either that or something is blocking it from registering correctly such as an issue with the permissions on that registry key or something along those lines. There should be an installation log called Setup Log YYYY-MM-DD.txt under %localappdata%\Temp which will show what occurred during install. You might check it out or post it here if you wish to see if it reveals anything relevant. If you see any error code 5 type errors, that means Access Denied which is what would likely show up if there were a permissions problem.
  10. Nope, the primary reason is due to the fact that they seldom (if ever) actually replicate true real world attacks (even though they claim otherwise), but that is neither here nor there. Besides, it is my understanding that many of these testing organizations expect vendors to pay them for their tests, which means it is entirely possible that the samples and methods they choose may be designed to deliberately favor one product over others. Also, if you notice, the second and third tests you linked to pre-date Malwarebytes 3, which was when Malwarebytes initially began marketing their product as an AV replacement (due to the integration and advancement of several new protection layers). The first test, and the only one which occurred during a relevant time frame, only tested the free/on-demand scanning version of Malwarebytes which only utilizes the much less effective signature based components of Malwarebytes (standard malware detection signatures and heuristics; none of the more advanced signature-less components which stop attacks much earlier in the attack chain, prior to any malicious binary actually reaching the target endpoint). If you want some true real-world data, take a look at this. That isn't even static content like the PDFs you linked to; it's real-world data from right this second. Even better, it ONLY shows where Malwarebytes' scan engine (meaning the on-demand scanner that did so poorly in those comparative tests you linked to) has detected malware (PUPs are excluded) on a system where each listed AV is present (it also does not include any data from any of Malwarebytes' realtime protection components such as Web Protection, Exploit Protection or Ransomware Protection). In my opinion that shines quite a different light on these tests, especially since I pretty much know that any time I visit that page I'll no doubt find a long list of highly rated AV products missing actual threats that an on-demand scan by Malwarebytes 3 has detected. Regardless, the last I heard from the team, they actually do intend to participate in some comparison tests, however I suspect they haven't yet due to other work that they're doing on the product right now (you might notice they've had quite a few releases lately, both for bug fixes as well as new features) but I do look forward to the time when they finally do get some comparative testing done because I'm anxious to see the results myself.
  11. I believe it should be in the log(s) stored here, assuming the build you're using utilizes the same folder structure as the build I have installed: C:\ProgramData\Malwarebytes\MBAMService\AeDetections. If it isn't in the log(s) stored there, then it might be in this log (again, assuming the structure is the same as my own build): C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.LOG.
  12. Greetings and welcome The right-click context menu scan option should still function in Malwarebytes 3. Please try turning the setting off and then on again to see if that corrects it. If it doesn't, try rebooting the system after toggling the setting off/on. If that still doesn't correct the issue, then please download ShellExView by Nir Sofer from this page (select the version appropriate to your Windows installation if using the portable build, otherwise download the installer version which should work equally well on both 32 bit and 64 bit systems). Once downloaded and extracted to its own folder or installed, run ShellExView and look for the MBAMShlExt Class which should have the Malwarebytes icon to the left of it and verify that in the Disabled column it says No. If it says Yes in the Disabled column, right-click on it and select Enable Selected Items then try right-clicking on a file or folder in Explorer to see if the option is now present and functional. Please let us know how it goes. Thanks
  13. Here's an easy means of determining if the update Firefox mentioned above is installed on your system or not. It will also automatically attempt to uninstall the update if it is found (I also attached a copy in case you have any trouble creating it on your own): Create a Batch File: Please copy and paste the following text exactly as written into notepad (not wordpad or any other text editor): @echo off SYSTEMINFO>"%userprofile%\desktop\info.txt" DATE /T>"%userprofile%\desktop\KB.txt" find /I "KB4074852" "%userprofile%\desktop\info.txt" if %errorlevel%==0 ( echo KB4074852 FOUND, ATTEMPTING UNINSTALL>>"%userprofile%\desktop\KB.txt") else ( echo KB4074852 NOT PRESENT>>"%userprofile%\desktop\KB.txt" DEL /F /Q "%userprofile%\desktop\info.txt" "%userprofile%\desktop\KB.txt" DEL /F /Q "%userprofile%\desktop\KB.txt" DEL /F /Q %0 ) DEL /F /Q "%userprofile%\desktop\info.txt" SYSTEMINFO>"%userprofile%\desktop\info.txt" find /I "KB4074852" "%userprofile%\desktop\info.txt" if %errorlevel%==0 ( echo KB4074852 UNINSTALL FAILED!>>"%userprofile%\desktop\KB.txt") else ( echo KB4074852 UNINSTALL SUCCEEDED!>>"%userprofile%\desktop\KB.txt" DEL /F /Q "%userprofile%\desktop\info.txt" "%userprofile%\desktop\KB.txt" DEL /F /Q "%userprofile%\desktop\KB.txt" DEL /F /Q %0 ) DEL /F /Q "%userprofile%\desktop\info.txt" "%userprofile%\desktop\KB.txt" DEL /F /Q "%userprofile%\desktop\KB.txt" DEL /F /Q %0Once you've done that click on File and select Save As... In the Save dialogue box click on the drop down menu next to Save as type and select All Files Name the file KBCHECK.bat(the .bat extension is very important) Save the file to your desktop and double click it to run it. Once it finishes it will open the file it created in notepad, please copy and paste the file's contents into your next reply. If the update wasn't found or if uninstalling the update didn't resolve the issue, try pausing the protection in Avast! and attempting to install Malwarebytes again. If it still fails, please proceed with the following so that we may try to rule out infection as the cause: Run Malwarebytes Anti-Rootkit [MBAR]: Download Malwarebytes Anti-Rootkit from here and save it to your desktop Double-click on mbar-1.10.3.1001.exe to run it and follow the onscreen instructions to perform a scan Once the scan completes, remove any threats detected and restart your computer if prompted NOTE: If MBAR failed to run, please try again by logging into Safe Mode with Networking once more and running MBAR from there. Please let us know how it went and if any threats were detected by MBAR if you ran it as well as any error messages you received if MBAR failed to run. KBCHECK.zip
  14. Nasty stuff, thanks for the info David I assume Malwarebytes 3 protects against this attack. I know the anti-exploit component would stop the malicious Word doc and I assume it would also nail the malicious .JS, and if not, MB3's heuristics would most likely nail the malicious .SCR file since it's not actually a screensaver but actually a malicious binary. I guess I could check with Research the next time I get the chance to chat with one of them (I still hear from Mieke and Steven every once in a while).
  15. That's great, I'm glad to hear it and you are most welcome Please don't hesitate to let us know if there's anything else we can assist you with and thanks for choosing Malwarebytes to keep your system safe.
  16. OK, please try installing Malwarebytes in Safe Mode to see if it is then able to install: Boot into Safe Mode with Networking: Restart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with the Windows XP Advanced Options menu. Select the option for Safe Mode with Networking using the arrow keys. Then press Enter on your keyboard to boot into Safe Mode with Networking. You should then be presented with the Windows XP Login screen. Log in to Windows and when it prompts you about Safe Mode and asks if you'd like to continue click Yes. Once in Safe Mode, go ahead and install Malwarebytes. If it installs OK, go ahead run a scan and remove any threats that are found and restart your computer if prompted and allow it to start normally this time. If no threats were found in the scan or Malwarebytes didn't install or run correctly, go ahead and restart your computer and allow it to start normally then please try installing the latest beta of Malwarebytes from here to see if it resolves the issues. Please let me know how it goes. Thanks
  17. If Adblock updated their database in the past couple of days to include the sites that the Malwarebytes extension was blocking, that could explain it.
  18. Do you happen to know what registry key/value it listed? If not, would you mind trying again and making a note of it? Also, can you check the following location for any files called Setup Log YYYY-MM-DD.txt?: %localappdata%\Temp If you find any, please zip and attach them to your next reply. Also note that if you installed the program from a different user account, then the file will be under that user account's local appdata folder rather than your own.
  19. Please try installing the latest beta version from here and hopefully it fixes the issue for you as it has for others with this problem. Please let us know how it goes. Thanks
  20. Greetings Please follow the above instructions to post the requested diagnostic logs (FRST & MB-Check). That will aid us in determining what's going on with your Malwarebytes installation. Once you have those logs, I'd then suggest going ahead and doing a reinstall of the software by downloading and installing the latest version from here. Once the software is installed and opens, make sure it's the Premium version, and if it isn't, go ahead and activate it with your license key. Please let us know how it goes and if you have any additional issues. Thanks
  21. Thanks for posting the logs and dumps. Hopefully they will aid the team in getting this issue corrected. You may be right, it could very well be that this issue is being caused by a new bug introduced in the latest Windows 10 release. Every time there are changes in code, whether it's in the operating system or some other software on a system, there is the potential for a new issue to emerge. Hopefully it's a bug in Malwarebytes that the team can track down quickly and correct. Please let us know how things go with the new beta. Hopefully it resolves the issue.
  22. You may contact Support via one of the options on this page and they should be able to assist you in seeking a refund for your remaining subscription. I'm sorry it has come to this but I totally understand. I'm certain they will have this issue corrected eventually, but in the meantime you don't want to have to deal with this problem every time you shut down your PC and I do not blame you. Hopefully the issue will be fixed soon and you'll consider giving Malwarebytes a second chance, but until then we wish you all the best and if you have any further issues, questions or feedback please post and we'll do all we can to help. Thanks
  23. That's great news. I'm glad that this information helped you as well If there's anything else we can do to assist, please don't hesitate to post. Thanks
  24. Excellent, I'm glad to hear it. If you have any further issues or questions please don't hesitate to post and we'll do our best to assist
  25. Excellent, thanks for the information. I believe that adequately addresses the user's questions.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.