Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings, Yes, that should be fine. You can also manage your licenses by signing into My.Malwarebytes.com using the email address you used when you purchased your licenses and they should show up automatically. From there you can manage them, see how many licenses/devices you have available for installation/activation and see where each is currently active/installed. The information in this support article shows you how to sign up, the info in this support article shows you how you can manage your licenses, and this support article shows you how to deactivate a license if you need to move it from one system/device to another. If you have any trouble with your licenses or problems getting any of them activated you may contact Malwarebytes Support directly using the form found on the bottom of this page and they will assist you.
  2. Yes, unfortunately for a full/custom scan that's pretty normal (depending on how much data is on your drives of course) because while its default Threat scan is highly optimized for performance, when it's scanning other areas it tends to take a lot longer just because it loses that performance tuning which does seem to slow down its file analysis, at least based on my own observations with my own systems.
  3. Indeed, I'm glad they are getting it sorted for you. Thanks for the status update. Hopefully it won't belong before the issue is fully resolved.
  4. You're welcome, I'm glad to be of service By the way, in case you were not aware, Malwarebytes actually has a browser extension which is available for both Chrome (and other Chromium based browsers such as Microsoft's new Chromium Edge browser, SRWare Iron and Vivaldi) as well as Mozilla FIrefox. If you wish to learn more and possibly download it you can find out more at the links below: Chrome Firefox
  5. I'm not sure what it could have been then and I don't know any way of finding out. That said, if you are concerned that you may be infected with some kind of threat then you may follow the instructions in this topic and create a new topic in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking your system for threats and removing any that are found.
  6. It's pretty typical, especially for any extension that alters any of the content that appears on webpages such as ad blockers, link checkers and the like. It's generally not a big deal as long as the company behind the extension is reputable, though it is advisable to read their terms of use and privacy statements to make certain they are not collecting/sharing/selling any of your information, especially for marketing purposes (assuming you'd have a problem with that, which I certainly do).
  7. This is true. Malwarebytes synchronizes its config files/data with the actual date/time so when a system restore or reimage occurs that data is put out of sync between the real-time/actual data and the data on disk/in the registry resulting in the program discarding them as corrupt and requiring resynchronization (on top of the fact that it obviously counts against your installations; likely a result of the resynchronization).
  8. Greetings, As long as it is the legitimate Adlbock Plus browser extension then it's fine (such extensions require that level of access to be able to block ads on websites so that's quite normal). The real/legitimate Adblock Plus can be found at the following pages; if the one you got was named slightly differently or came from a different site/source then it may be a risk: https://adblockplus.org/ https://chrome.google.com/webstore/detail/adblock-plus-free-ad-bloc/cfhdojbkjhnklbpkdaibdccddilifddb
  9. Greetings, If you haven't done so already, please sign up at My.Malwarebytes.com using the same email address you used when you originally purchased Malwarebytes (instructions on signing up can be found in this support article) and then deactivate any inactive devices/installations and that should free it up so that you may activate it on your current device/installation. You can find more info on how to manage your licenses/devices in this support article and details on how to deactivate a license/device in this support article. If you still have trouble or it doesn't work for some reason then please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you via email to get the issue resolved. Please let us know if there is anything else we might assist you with. Thanks
  10. Yes, please follow the instructions in my post above to create a topic in our malware removal area and one of our malware removal specialists will assist you in eliminating it from your browser permanently (along with any other threats that might be on your system if there are any).
  11. You're very welcome That's good to hear. I hope that none of you seeing these detections are actually infected by anything and so far it sounds like most of you have an idea of how these settings were modified so that's good news. FYI, I also just read in a recent topic related to these detections that they were in fact added to the database recently and it was indeed due to the fact that some malware infections do change these settings so for anyone that is positive that they did not change these settings themselves and you didn't run any kind of anti-telemetry or tweaking tool known to change these settings please follow my advice above and post in the malware removal area, especially if your system is behaving strangely in any way.
  12. Yes, I do believe this detection was added recently to Malwarebytes (this would explain why we're only now seeing these reports from users such as yourself about the detections) but I don't know that for certain; that's just my speculation and no one from the Malwarebytes Research team has confirmed that yet to my knowledge. What's odd is, if it isn't an infection or 'privacy'/'anti-telemetry' type application changing these settings, I wonder what it could be? It's very odd, and I'm certain it isn't Microsoft doing it because they're the ones who publish a new build of MRT every month for the express reason of trying to clean up users' PCs from common threats that their research team is targeting. If they didn't want it to be downloaded each month and run they would just pull it from the monthly updates/patches because they're the ones who update and publish it through Windows Update each month.
  13. You're welcome, and for further info, anything detected as PUM (which stands for Potentially Unwanted Modification) isn't an actual threat, it's just a setting/configuration option that has been modified from its default which may render the system less secure or less usable in some way. These are special signatures that target things like policy restrictions and security functions in the operating system, particularly in group policy and the registry, that look for such settings changes that are often made by malware to render a system less secure and/or less usable by the user to possibly prevent detection and/or removal of the actual threat (for example, disabling access to Task Manager so that the user cannot try to terminate the infection's processes running in memory or disabling access to regedit to prevent access to the registry to try and eliminate a loading point for the infection that allows the threat to run on boot). You'll find some common examples of PUM detections in this support article. The presence of a PUM can be a sign that the system may be infected, however it isn't a guarantee as a user may have modified these settings deliberately or if in a business environment your systems administrator may have changed these policies to limit access to certain critical system functions for security reasons and to prevent their users from accessing certain OS functions and settings.
  14. Yes, it's certainly possible. In fact the entire reason this is a detection in Malwarebytes is because a threat may disable MRT to prevent malware scanning by the tool in case MS adds detection for the threat in the future. If you are concerned that you may be infected then please follow the instructions in this topic and then create a new topic in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking and cleaning the system of any threats as soon as one is available. Even if you don't believe the system is infected it could be a good idea just for peace of mind to make sure.
  15. Part of my concern is that I believe there may actually be some write activity in scanning. If you have a tool to monitor this it may illuminate the issue; something like Process Monitor or the like. I seem to recall that a component of scanning is to see if certain objects exist on disk related to certain threats by attempting to create files with the same name in the same location, and if Windows prevents it because an object sharing the same name/location exists this confirms the object's existence. That information is very old though so it may no longer apply. There's also the question of rootkit scanning, assuming you have it enabled. That level of scan is much deeper than a normal file/disk scan and again may do more than a standard read analysis would, but of course most modern disks aren't prone to failure as early as older disks so I may be concerned over nothing, I just thought I should voice my concerns just in case you were not aware. I think I'll also submit the idea of 'saving' a custom scan configuration. Even if they do not implement CLI support, it might make it easier for users like yourself to have an easily accessible saved scan configuration to execute on demand to scan whatever locations you choose. I think that might be a fair compromise if they are against the idea of implementing full CLI support.
  16. By the way, for anyone that does wish to have these items excluded by Malwarebytes all you need to do is perform a Threat scan and once the scan completes, uncheck the boxes next to any detections you do not wish to have quarantined by Malwarebytes and click Next. When asked what to do with the remaining detections select the option to always ignore them and they will be added to your exclusions so that Malwarebytes does not detect them in future scans.
  17. It's up to you, but Malwarebytes is not 'broken'; MRT has been broken by these applications by configuring Windows/MRT to a non-default setting which prevents MRT from being downloaded or run. MRT is nothing more than a monthly updated malware detection and removal tool updated and distributed by Microsoft to deal with common threats that infect Windows users. It is not part of the massive telemetry collecting initiative initiated by Microsoft with the launch of Windows 10 so if these 'anti-spying'/'anti-telemetry' utilities are messing with MRT then they are overstepping their boundaries in my opinion, because MRT is simply doing the same things it has done since it was first offered all the way back to the days of Windows XP. It checks for common threats on the system and if found, it removes them and informs the user. It does indeed report its findings back to Microsoft's threat research team as it has always done, but that's not the same thing at all as Cortana, CEIP or any of the other massive telemetry collecting efforts employed by Microsoft in Windows 10 to allow them to become more like Google, Facebook and other corporations that use telemetry collection as a business model. In fact, assuming those 'anti-telemetry'/'anti-spying' tools are blocking the telemetry collection servers/hosts as they should, then there should be no need to disable MRT from running anyway, even if you don't want it 'phoning home' because the servers it reports back to should be blocked anyway. Running MRT is no different than using Windows Defender as your antivirus or even simply running Windows Update; while these tools do collect some level of telemetry data, it is nowhere near the level of data Microsoft attempts to collect in tools like the new search and voice utilities in Windows 10 and they are nowhere near the level of privacy compromise as say using Google Chrome as your browser (that's not to say that you do use Chrome; I have no idea, but if you do then your browser is a far greater risk to your privacy than running MRT will ever be).
  18. Greetings, This thread is nearly 2 years old so any conflicts or issues mentioned likely do not apply at this point since both products have been updated many times since then. That said, if you wish to exclude Kaspersky from Malwarebytes all you need to do is follow the instructions under the Exclude a File or Folder section of this support article, click the button to Select Folder... and in the dialog that opens browse to the location of Kaspersky's program folder (most likely located under C:\Program Files or C:\Program Files (x86)) and select it by clicking on it once and clicking Select Folder. You may also exclude any data folder(s) belonging to Kaspersky, likely located under C:\ProgramData. The list of items to exclude for Malwarebytes in Kaspersky can be found in this support article. I don't have Kaspersky myself so I do not know the exact instructions for excluding items, but in my experience most AVs have some kind of option to exclude individual processes and that's generally the best way to exclude Malwarebytes to help reduce the chance of a conflict by excluding Malwarebytes' executable files located under C:\Program Files\Malwarebytes\Anti-Malware; the main process to exclude would be MBAMService.exe.
  19. Greetings, What webpage are you referring to? Do you have the Malwarebytes browser extension beta installed and is it the block/redirect page from that extension or is it something else?
  20. You may use the form on the bottom of the page I linked to above, however it would be best to seek help either there or in your own topic since this topic is specifically about license issues, not about possible infections or duplicate IP addresses on a network. If you suspect that it may be related to an infection you may either contact Support as mentioned or seek help in the malware removal area by following the instructions in this topic and then creating a new topic in the malware removal area by clicking here including the logs and information requested in the first link and one of our malware removal specialists will assist you in checking your system for threats and removing them if found.
  21. You should hear back soon, hopefully tomorrow (I assume that they don't have many on staff during weekends), but if you haven't heard from them by tomorrow evening please post back here to let me know and I'll try to escalate the issue with a member of Support. You should contact Support directly via the form on the bottom of this page. They will need to make the necessary changes to your license/account to connect it with a current/available email address (I'd do it myself, but unfortunately I only help here on the forums and therefore do not have any such access). For anyone else having a similar problem contacting Support via the form at the bottom of the page I linked to here will be your best bet. Please be patient as Support gets pretty busy and has to work through support tickets on a first come, first served basis, but they should respond and they should be able to assist.
  22. Generally speaking, the symptoms of a possible conflict can vary greatly, however it is usually something fairly obvious such as system hangs, slower than normal performance, particularly during system startup and/or shutdown, and especially when executing a new process in memory. Sometimes less obvious symptoms may show themselves such as slower than normal web browsing or trouble connecting to the internet. Another sign may be if one of the programs or both is unable to complete a scan. With all of that said, the Malwarebytes QA team tests a wide variety of third party AV/IS solutions for compatibility with each version of Malwarebytes that is released and whenever any sort of conflict is discovered it is reported to the Malwarebytes Developers and will usually get documented by the Malwarebytes Support team, either in the support knowledgebase on the main Malwarebytes site, here on the forums, or both. I personally have not seen any recent conflicts that I can recall between Malwarebytes and any AVs, however if you wish to reduce the chances of any sort of conflict you may exclude each application from the other as this will often reduce the risk of any potential conflicts and issues between the two and can even help overall system performance. The list of files and processes to exclude in your antivirus for Malwarebytes can be found in this support article and the procedure for excluding your antivirus in Malwarebytes can be found under the Exclude a File or Folder section of this support article. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  23. Greetings, Unfortunately there is no command line support in the consumer version, however as you already mentioned, the scheduler is an option (with the caveats you mentioned of course). That said, I'd strongly advise *against* using a full system scan daily as that is going to take a very long time and put unnecessary strain on your system disks as Malwarebytes is designed to look in all of the locations where threats are known to hide and install themselves and it also checks every process and module loaded into memory, so even if a threat is running from some unorthodox location for some reason Malwarebytes will still detect it as it checks all threads in memory as well as their associated files on disk along with all the other loading points in the registry, startup folders and other locations used by active threats to launch/persist on boot. This is actually the primary reason that no default 'full scan' option is made available, and instead only the choice of a Custom scan where the user selects all objects on the system to be scanned via the provided checkboxes are provided and why the Threat scan, which checks all the items and locations I mentioned (in addition to many others) is the default scan type provided. In fact, whenever any new location is found to be used by malware, the Malwarebytes Research team will add that location to the Malwarebytes threat databases so that once the signatures are updated, that new location will be included in all subsequent scans so it doesn't even require any new code by the Developers or any new version/build of the product to change where the product scans by default using the Threat scan. With all of that said, I will still submit your request for CLI functionality to the Product team for consideration, however that is not a guarantee that they will implement it as the decision is not mine to make.
  24. In addition to the details that Maurice provided above, the Web Protection component in Malwarebytes Premium that blocks known malicious websites and servers is completely browser agnostic as it hooks directly into the network stack using WFP so it not only protects every browser, but every process as well as the entire system by preventing access to or from any website, server or IP block which is contained in the Web Protection block list. Additionally, the Exploit Protection component protects most popular browsers including Internet Explorer, Edge, Chrome, Maxthon, Opera, Seamonkey, TOR, and many others, though it protects some in different ways depending on whether or not it is allowed to inject its DLL into the browser's process (a recent change in Chrome prohibits this so alternate methods of shielding that browser were developed and deployed by the Malwarebytes Developers). Beyond that, I'll echo the sentiments of Maurice above regarding browser extensions as many of them are quite useful, especially for security. In fact, the vast majority of web based attacks and threats don't even use extensions or plugins any more and instead employ built-in browser functions including tech support scams as well as many exploits that target a browser's code directly, though many can be mitigated, not only through the use of solid malware and exploit protection (such as the multiple layers of protection provided by Malwarebytes Premium) as well as safe surfing habits, but also through the use of reputable browser extensions such as Adblock Plus, uBlock Origin, Ghostery, NoScript, Easy WebRTC Block, Privacy Badger, Disconnect, and of course the Malwarebytes browser extension beta Maurice mentioned above which is available for Chrome and other Chromium based browsers (such as SRWare Iron and Vivaldi) as well as Firefox. Much more problematic are legacy applications and extensions such as Flash Player and especially Java (more info about them in this topic), and even Adobe Reader installs a browser plugin which some would argue isn't even necessary since most modern browsers and office applications are capable of opening PDFs for viewing without the need for a dedicated app or browser extension as such plugins do indeed increase the attack surface for exploits and scripting malware (as do office applications themselves actually; one of the reasons Malwarebytes protects many of them out of the box as well via its Exploit Protection component). Also keep in mind that the Exploit Protection in Malwarebytes also shields all extensions/plugins that run within your browsers, so things like Flash and Java exploits are far less likely to execute successfully when Malwarebytes Premium is active, the same as with browser exploits that target your web browser directly.
  25. Greetings, I'm glad that you were able to resolve the issue using the Support Tool. If there is anything else we might assist you with please don't hesitate to let us know. Thanks
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.