Jump to content

exile360

Experts
  • Content Count

    23,239
  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings, If you haven't done so already, please create an account at My.Malwarebytes.com using your current email address (you'll find instructions on signing up in this support article) and then add your license key to your account by following the instructions in this support article. If you've already created your account but need to change your email address, you'll find instructions on how to do that in this support article. Once that's done, assuming it worked, go ahead and deactivate your license key. You will find detailed instructions on how to do that in this support article. I hope this helps, however if you still have trouble then please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you in getting everything set up.
  2. Simply click on the Download button in the upper right corner of the page and it should download the file to your Downloads folder. Then you may proceed with the rest of the instructions. I've posted an image of the button you should see in the upper right and I circled/highlighted it for you:
  3. Please refer to the information in this topic, specifically the comments from Arthi, the Technical PM for Anti-Exploit:
  4. Greetings, The latest version of Malwarebytes Anti-Rootkit beta is 1.10.3.1001 and can be downloaded directly from this page. Please try that version and see if it functions properly on your Windows 10 system. I'd also recommend using the latest version for your other system(s) as changes are made to the engine over time to improve its effectiveness and detection/remediation capabilities for the latest rootkits. Please let us know how it goes and if the issue still persists. Thanks
  5. Bill Hicks: http://www.billhicks.com/media.html 'Nuff said
  6. You may also add Malwarebytes Anti-Ransomware beta for yet another layer of defense. Beyond that, a good software firewall (my preference is towards modern WFP based firewalls as they tend to be much lighter on resources and typically have better compatibility with Windows itself and most other software, particularly other security applications). Here is a brief selection of some of my personal favorites: Malwarebytes Binisoft Windows Firewall Control Windows 10 Firewall Control (they have a free version there which is completely adequate in my opinion and it's what I myself use and have used for years, ever since the days of Windows Vista) Windows Firewall Notifier TinyWall Simplewall Free Firewall I'd also add a few additional browser extensions just to shore things up a bit more. I myself am using Adblock Plus, but you can use it or uBlock Origin depending on your preference (though I'd advise disabling the whitelist option for allowing 'acceptable ads'; just look under Adblock Plus' Settings>General tab and uncheck the box next to Allow Acceptable Ads), and for privacy I use Ghostery, Disconnect, DuckDuckGo Privacy Essentials, and Privacy Badger, and for security, in addition to the Malwarebytes browser extension I also use HTTPS Everywhere, Easy WebRTC Block, and Windows Defender Browser Protection (it's essentially their SmartScreen filter for browsers other than Edge/Internet Explorer and works even if you don't have MSE or Windows Defender installed/active). There are additional steps you can take to further secure your system such as disabling unnecessary network components and system services along with remote functions and sharing functions, however that's a bit beyond the scope of this thread so I'll just leave it at that.
  7. But then the problem becomes pre-validating the sellers. How do you accomplish this? Regarding all the software vendors working together, that's a great idea, but how is Malwarebytes, a relatively small fish in a very vast ocean, supposed to make that happen? Amazon and ebay are fully aware that Malwarebytes no longer sells/provides lifetime license keys and that they haven't for years, so if they are allowing sellers to try and sell them, supposedly with seemingly limitless supplies of them, they are either knowingly ignoring scams or they are just too busy/uninterested to do any kind of validation at all/do anything to prevent it, and they are likely just relying on their existing system to work where customers complain, and when enough incidents occur, they then take action against the seller, and I bet this is exactly what Amazon would say if any coalition of software vendors came to them with something like this. But who knows? Maybe Microsoft will decide they've had enough of these vendors selling fake/pirated copies of MS Office products and they will do something/get vendors together (or just apply the pressure on their own by throwing their own considerable weight around) to try and make a change somehow. It would be nice, but either way it is not something that Malwarebytes is influential enough to make happen.
  8. Cool, I'll recommend it to the Product team then Obviously I have no say in things; I just pass the feedback/ideas along to them and they make the decisions, but at least your voice will be heard, and hopefully they will choose to act on it (particularly since I think it's a really good idea too).
  9. If that's true, then why haven't larger companies like Adobe and Microsoft already done it? I think you may be overestimating the influence a company like Malwarebytes has. They can't just call up the anti-malware Justice League to have a meeting and get every other AV/AM vendor all in on something like this, and more than likely it would really have to come from Amazon's and ebay's side, otherwise they'd just ignore it because they are plenty large enough to get by just fine without carrying Malwarebytes (or any AV/AM software at all, or even any software period) so pressure from even a large number of vendors would likely have no effect, and that's assuming Malwarebytes even could somehow organize such a 'coming together' of all the AV/AM vendors; something I highly doubt they could accomplish (even a larger vendor like Symantec or Kaspersky would likely fail if they tried to do so). The other issue is the fact that you can't verify that every key the seller is going to provide in the future is valid. License keys just don't work that way. They either are or are not valid, and no one can tell until the customer actually receives it and tries to activate the software with it, at which point if it does not work, they contact the seller or Amazon or Malwarebytes support, then it gets taken care of based on what the situation is and the responsible party. Again, this is why sites like ebay and Amazon have such strong buyer protection policies and flexible refund policies; it's just not feasible for them to provide such a thing for a purchase that took place 5+ years ago, which I'm sure you can understand. It's not like this is happening constantly today; it isn't. Virtually all of the sellers pushing scam lifetime keys now are pretty obvious about it, at least as soon as the software is provided to the user, because it comes with the crack, special instructions on how to try and bypass validation etc., otherwise it won't even work, in which case Amazon/ebay would get tons of reports about the seller, the negative feedback would pile up and they'd be gone in short order anyway. The bottom line is, we can speculate on what Amazon/ebay etc. could or could not do, but it's a matter of what they are willing to do, and a relatively small company like Malwarebytes isn't likely going to be able to change their policies and practices, otherwise all the sellers that they've already reported and had taken down would have spurred them into action by now, but it hasn't. It all still works pretty much the same way, and I doubt Amazon/ebay are anxious to change it considering the relatively small number of bogus transactions weighed against the number of perfectly valid transactions they're able to profit from.
  10. I can understand what you're saying, but at the same time, the usefulness of this feature for vanilla consumer users seems very limited. I have no idea what it would cost to develop and roll out this kind of functionality, but I know they wouldn't want to devote the resources to it for all Premium users just to suit a handful of special use cases like this. Putting cost aside for a moment, let's assume that the price would be the same, maybe slightly more; would it be acceptable if they provided a special build for MSP's that had this capability but not necessarily with all the cloud functionality and remote management stuff? Basically just a special 'support provider' type version where it essentially just does what you said, notifying you via email any time there is a detection, maybe with something like a regular weekly or monthly report/summary just to check in on each of your clients and see how things have gone/make sure the product is still doing its job etc.?
  11. That would be nice, but unfortunately Amazon doesn't do anything like that. They don't even verify physical products. There are tons of sellers on there selling fake goods such as clothing, electronics and pretty much everything else. It's one reason I'm cautious about who I buy from and prefer to purchase from Amazon directly if possible, or at least from sellers where Amazon is the one actually shipping the product (i.e. 'FULFILLMENT BY AMAZON' listings) because then at least Amazon takes full responsibility and will make it right if anything about the product or transaction is messed up or inaccurate. Ebay and Amazon both are generally pretty good about protecting buyers, but unfortunately if the issue isn't caught pretty early during their return period then they won't do anything about it most of the time. I agree with your idea and I wish all these sites would do this sort of thing to verify goods, however it would be just as easy for a seller of the fake stuff (for software downloads at least) to start out initially selling a few legit copies just to pass validation and then start using keygens etc. for profit. With software, pre-validating every license key sold is a lot more difficult than verifying a physical copy of something, especially when we're talking about something like the old lifetime licenses for Malwarebytes, because back when they were created the online license validation system didn't exist yet so there were a LOT of keygens and pirated keys going around, but eventually Malwarebytes grew as a company thanks to their success and finally developed and rolled out a much more robust online license validation system that the pirates and scammers could no longer exploit (this is also the reason pretty much any time you see such today trying to sell them, they're either pushing long obsolete 2.x builds of Malwarebytes or they are using cracked copies of the software itself with modified binaries since they know the keys they are using won't activate/pass online validation, but it makes it pretty much impossible for users of those copies to receive updates so it has done a lot to curb this sort of thing). Basically, with the system in place as it is now these types of scams are far more difficult to pull off, so if anyone tried to sell me a 'valid' lifetime key for Malwarebytes, I'd only accept it if they were willing to send me one of the older physical boxed retail copies still sealed in the package with the license key, because anything else is very likely to be junk/a scam.
  12. I see, thanks for the additional details. I will also suggest they provide some kind of managed offering for those kinds of situations where the number of endpoints is less than 10. For someone in your business it would make sense to have the ability to manage multiple smaller clients in a single interface (assuming that would be acceptable from a security perspective, like having a separate group/section or tab for each client/group without having to login to a separate instance of the console/cloud platform for each one as that would be a lot of credentials for you to keep track of). If it were possible, would such a solution suit your needs?
  13. Unfortunately, while Malwarebytes and other vendors do their best to report these sellers to have their products removed, large sites/companies like ebay and Amazon are often slow to act and the scammers doing these things create multiple accounts and are back up and running under a new name/seller ID as soon as the original/reported one has been taken down (we have threads full of such sellers being reported on the forums here and more that get reported through Support, but it never ends as with any scam that profits those perpetrating it, just like sellers of fake goods on ebay and the like). I've seen countless scam sellers and sites taken down thanks to Malwarebytes after they were reported. Unfortunately it's a never ending battle because the scammers have nothing to lose if they get caught since the worst they'll face is having their account terminated at which point they just go and create another (or activate/start using one of the many backup/duplicate accounts they often already have prepared for just such an occasion) and since physically tracking them down/identifying them is virtually impossible, it's difficult to get law enforcement to do anything, especially since they are often operating out of countries where software piracy and selling counterfeit goods is not against the law. That said, if you haven't done so already, I'd suggest trying to create an account at My.Malwarebytes.com using the same email you used when you purchased the license if you still have access to that email address. You'll find instructions on doing so in this support article. If you no longer have access to that original email address then follow the instructions in this support article and try adding your license to your account by following the instructions in this support article. If you are successful, deactivate the license from all previous devices/installations by following the instructions in this support article using the Deactivate all function documented there.
  14. Yes, I'll definitely be providing this feedback/suggestion to the Product team for consideration, and I don't want it to seem as though it is an impossibility for this feature to be added, I just figured that with the existing functionality of Malwarebytes' cloud solutions that they may be able to fill this need without having to wait on a consumer based solution and there would be no need for any kind of managed server or on-premises solution. Thank you for the assist Alex, and thank you ktechno1 for the feedback/suggestion
  15. Greetings, Just in case no one shows up to respond to your query in a timely manner, I'd advise going ahead and creating a support ticket by filling out the form on the bottom of this page to receive priority business support which you are entitled to as a business customer.
  16. Yes, as I understand it using the consumer version in a small business environment is just fine, however anyone from the staff may correct me on that if I am wrong. My point was that, as an MSP, which it appears is essentially the role you're taking on for your clients, it may be beneficial to use one of the cloud managed solutions aimed at that particular use case since it not only has the feature you're requesting, but many other tools and advantages that should suit your needs and those of your clients, yet still retains the flexibility of being deployed without the need for any servers or centrally managed systems as it all works through a web browser online giving you the freedom to monitor and manage your clients' installations without having to remote in or use heavy installation scripts, custom tools or a discrete server on the network to do so.
  17. By the way, the Endpoint Protection product is actually designed for scenarios like this where you have fewer clients to manage and don't want/don't have a centralized server; it's all done through the cloud so you just log in to a webpage in a browser to monitor and manage them as I mentioned. You can learn more about it here as well as here (Malwarebytes Endpoint Protection, the second item listed, located in the center). It doesn't rely on a centralized network infrastructure or server; it's basically the best of both worlds with the flexibility of the standalone/consumer product with many of the manageability and monitoring features of the enterprise product without all the server/client overhead enabling you to monitor and manage your customers without needing to maintain a server or perform complex deployments. In fact, I believe you just have them download a special build of the product that Malwarebytes gives you a link for and it automatically adds the endpoint to your group of managed devices. The full user guide is located here.
  18. Have you looked into the MSP version? I believe it provides the functionality you're requesting and doesn't require the server/cloud components and is designed for use on standard endpoint/client operating systems/Windows versions. You should speak with your Malwarebytes sales rep/account manager, but I believe it is basically like the Endpoint Protection product, but just with the endpoint client software and the monitoring and management features for you, the MSP/support provider to monitor and support your clients without the need for an on-premises server so it can be used across standard endpoints without the need for a centralized corporate network infrastructure or server to manage them. You'd get the alerts via email and you could check status remotely at any time by logging into the cloud management interface and you wouldn't need to remote into your clients' endpoints either, but you'd still be able to track their status for detections, updates, scans, product versions, protection status etc. whenever you wanted using pretty much any web browser, even from a smart phone if you wanted.
  19. Greetings, The web/Marketing team at Malwarebytes has been known to test/deploy different variations of the website and landing pages at the same time, sometimes for testing, and sometimes depending on how the site was reached (i.e. direct link or from a search or linked from a specific site on the web etc.) and may also depend on region and platform (i.e. mobile vs desktop vs Linux vs Mac vs tablet etc.). Part of the reason is to monitor clicks and test different versions for improving conversion/sales rates and part of the reason is for testing efficiency (i.e. the number of clicks a user takes to find what they're looking for etc. for optimization and ease of use). It's a pretty normal thing these days that many sites and companies participate in and there are even web platforms specifically designed for this type of testing and multi-layout deployment so as long as the address is correct, it's HTTPS and the certificates etc. check out then there is no need for concern (also, for Premium users, Malwarebytes will generally blacklist/block any 'fake'/imitation Malwarebytes sites and their Legal department will seek to have them taken down if they infringe upon Malwarebytes' intellectual property/branding etc.). I realize this doesn't address the issue of experiencing different variants of the site as you did, but I hope that it at least explains the likely reason that it happened. It is something they've been doing for years and so far it seems most either haven't noticed or haven't been concerned about it as I believe this is only the second time I've ever heard anyone raise an issue with it (and the only other time I can recall was several years ago when they first started doing this kind of A/B testing). If a member of the staff has anything to add or that differs from my explanation then I'll concede to their first-hand knowledge, however based on my own past experience being a former Malwarebytes employee, this appears to be the explanation for what you observed.
  20. What a world we live in where online reviews can make or break a company and where companies (as well as individuals seeking profit, i.e. YouTubers, ebay sellers, bloggers, media review sites (i.e. movies, video games etc.) depend on and often try to manipulate and control online feedback, ratings and reviews to trump up business and make themselves look good (or hire marketing firms to do the same, or even to disparage competitors). I guess the saying is true, believe half of what you see, and none of what you hear, and perhaps it should be added: and very little of what you read, especially on the internet .
  21. Just to add to what has already been said, Exploit Protection does actually still guard Chrome/Chromium based browsers, it simply does so via alternate methods from other browsers/applications, avoiding DLL injection as required by Google. The exact extent of and nature of the protection provided I do not know, however I assume they still monitor its processes in memory to watch for malicious/exploit behavior in some way, likely similar to the methods used for monitoring system processes and components (the Application Hardening, Advanced Memory Protection, Application Behavior Protection etc. under the Advanced Settings interface; at least the ones which do not require DLL injection to enact; I know there must be some as Malwarebytes does not inject its DLL into the operating system's core services and components and yet it does shield them in many ways from many attack vectors and exploit behaviors, likely through its driver and background service).
  22. Greetings, Unfortunately this functionality is not available or planned for the consumer product to my knowledge, however if you are an MSP dealing with business clients then I do believe this option is available. I will submit a request for this feature in the consumer version, however I doubt they will add it given the fact that the user is alerted whenever anything is detected by real-time protection or scans (including scheduled scans) within the client software itself.
  23. The list of items to exclude in your AV for Malwarebytes can be found in this support article and for your AV you should exclude its folder under Program Files and/or Program Files (x86) as well as its primary data folder, likely under C:\ProgramData using the method under the Exclude a File or Folder section of this support article. As for your webcam, depending on your browser, you should be able to configure it to block access to your webcam. The Flash Player plugin specifically also has an option for this (the same goes for your microphone). Aside from that, the free version of HitmanPro.Alert includes webcam protection/alerting along with a few other useful features (including keystroke encryption for web browsers). It makes a good compliment to Malwarebytes, though I still recommend augmenting your protection with some good browser plugins such as a solid ad blocker such as Adblock Plus or uBlock Origin, something for privacy such as Ghostery, Privacy Badger, DuckDuckGo Privacy Essentials, and/or Disconnect, specialized security plugins such as HTTPS Everywhere and Easy WebRTC Block as well as Malwarebytes own browser extension beta which is available at the links below: Chrome Firefox A good WFP based firewall is also a good idea. You'll find a selection of them below (only choose *ONE*): Malwarebytes Binisoft Windows Firewall Control Windows 10 Firewall Control (they have a free version there which is completely adequate in my opinion and it's what I myself use and have used for years, ever since the days of Windows Vista) Windows Firewall Notifier TinyWall Simplewall Free Firewall
  24. Pretty cool, but I already block Facebook and all of its embedded entries across websites via my HOSTS file Useful for people who actually use Facebook and don't want them tracking them I suppose.
  25. You can just run the Malwarebytes Support Tool again and check the mbst-check-results.txt file under the Registered WFP Filters near the end of the log and look for these entries: FWPM_LAYER_ALE_AUTH_CONNECT_V4 COMODO ConnectV4 COMODO ConnectV4 FWPM_LAYER_ALE_AUTH_CONNECT_V6 COMODO ConnectV6 COMODO ConnectV6 FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT_V4 COMODO AssignmentV4 COMODO AssignmentV4 FWPM_LAYER_ALE_RESOURCE_ASSIGNMENT_V6 COMODO AssignmentV6 COMODO AssignmentV6 FWPM_LAYER_ALE_RESOURCE_RELEASE_V4 COMODO ResourceReleaseV4 COMODO ResourceReleaseV4 FWPM_LAYER_ALE_RESOURCE_RELEASE_V6 COMODO ResourceReleaseV6
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.