Jump to content

exile360

Experts
  • Content Count

    28,402
  • Joined

  • Last visited

Everything posted by exile360

  1. Yeah, unfortunately many banks and other online services require you to set up such security questions, meaning if you happen to provide too much info on social media, you're ripe for the picking by criminals who do their homework.
  2. Greetings, Please follow the instructions in this post to provide the required information to get these FPs corrected. Thanks
  3. Greetings, You should be able to accomplish this by updating your payment information in your account at My.Malwarebytes.com. Instructions on doing so can be found in this support article. If you haven't already signed up for an account, instructions on how to do so may be found in this support article. If you are still unable to make the desired changes then please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  4. Greetings, You should receive a response from Support soon. They are short staffed on the weekends so it typically takes a while longer to get a reply to tickets created over the weekend. You will likely hear back from them within the next couple of days depending on how large the current queue of tickets is. If there is anything else we might assist you with please let us know. Thanks
  5. It probably happened during an update or while the system was shutting down. It is uncommon but it can happen. Malwarebytes stores most of its settings and options within configuration files stored in its data folder, so if one of them becomes corrupt it can cause issues but it's usually fixed by reinstalling the application.
  6. Excellent, thanks Bob It will be nice to have my MB Web Protection back again
  7. Understood, Malwarebytes Support will have to assist you then as they have direct access to the licensing system.
  8. As with many critical services, most password managers rely heavily on additional validation of your credentials to make sure that you are you to avoid giving access to all of your passwords to anyone who should not have them. This generally includes some form of two-factor authentication (2FA), however 2FA isn't always quite as secure as it may seem. Aside from the fact that phones themselves are vulnerable, 2FA has additional issues of its own even when a cell phone is not the method used for one of the 2 factors for validation of your identity, not to mention the fact that Password Managers themselves have their own downsides. Social engineering, brute force attacks, phone number hijacking (which requires no physical access to your phone; just the right info about you to convince your phone carrier that they are you so that they can port your number to the device of their choice that they possess), and of course the usual backdoors/hacks/exploits and Trojans can all render even the tightest, most stringent security absolutely useless. With data breaches on the rise, including at least one breach of one of the top password managers, users need to be more proactive than ever in how they handle their passwords, their devices, and especially their data. PRO TIP: Don't go blabbing on your Facebook profile what your mother's maiden name is, what high school you went to, where you met your partner, or anything else you might have once used or might use in the future as an answer to one of those so-called 'security questions' that you're asked as a method of additional authentication for many online services, banks and other services. In fact, if you want to be truly secure, don't use any real answers for any of those security questions; instead, make your answers random strings of words/things that don't make any possible sense so these questions/answers simply become like additional passwords that only YOU will know the answers to so that even someone who has intimate knowledge of your life would find it impossible to provide the correct responses, and just as with actual passwords, never use the same nonsense answers across multiple sites/services in case there is any sort of data breach to prevent incidentally compromising other sites/services. Just make sure you don't forget them or they won't do you any good! Now to be clear, my name isn't Chicken Little and I am NOT saying that the sky is falling; I'm just recommending that maybe we should get our heads out of our devices and look up every once in a while to see what is going on around us, because being aware of the potential dangers and risk factors can go a long way in helping you to avoid becoming a victim of bad actors with evil intent. So no, the sky is not falling, but it has been known to rain from time to time, lightning does strike (even in the same place twice, contrary to the popular saying/belief), and even the occasional baseball sized meteor does actually make landfall on occasion and all it takes is being in the wrong place at the wrong time in the crosshairs of the right attacker or threat. It's a jungle out there, so stay frosty Malwarenauts! Oh, and don't forget your umbrella, you know, just in case
  9. I just saw this rather disturbing video on YouTube. It's a talk from a speaker at Black Hat 2013 documenting his discovery that virtually every IP camera whose firmware he has been able to get his hands on has proven to be extremely vulnerable to attack and remote hijacking by anyone even remotely knowledgeable in basic web scripting in most cases, and unfortunately it looks like little has changed in the years since as most vendors either aren't aware as they're using copied firmware from other vendors and because most users never update their firmware for such devices. Unfortunately most of the exploits he describes are actually hard-coded into the firmware of these devices so no amount of proper password security and secure setup will render them immune to remote access and hijacking. It's a 33 minute video, but I highly recommend watching it as he does an excellent job of explaining how it all works and why it is so widespread and unlikely to be fixed. For reference, his talk took place in 2013 and the initial vulnerability was actually reported way back in 2011 and at the time of his talk, the majority of vendors still had not done anything to patch the vulnerabilities: For more recent news on the subject, please refer to this article from 2017; just 2 years ago which cites many of the same vulnerabilities as still existing at the time across many devices as validated and reported by AV-Test whose original writeup on the subject can be found here. A more recent report on the issue, this time from just last year can be found here and data pulled from Shodan listing vulnerable as well as already hacked/backdoored cameras can be found here, though be advised they may possibly be biased as they are also promoting certain brands/products via their own camera search/recommendation page/tool, though they do seem to be more of a general surveillance resource than an actual promotional/SEO affiliate type site (i.e. they appear to have real content, not just scare tactics etc. to promote sales) but a grain of salt is still advised and I'd recommend doing your own research if you aren't sure about your own cameras if you have any or if you are considering purchasing any. This highlights the ongoing issues with relatively insecure IoT devices across the net and the world, with cheaply manufactured products using poorly written software and firmware, yet designed to have total access to and control over many things in our daily lives to make things more secure or more convenient, we've let these devices into our lives, into our cars, into our places of business and even into our homes. Some people even use online baby monitors which, just as with the IP cameras, are somewhat notorious for poor security and vulnerabilities meaning you may not be the only one keeping an eye and/or ear on your children (and such devices also come in super handy for any would-be burglars who want to determine when you aren't home and what your daily schedule is to know when you're likely to be away for long periods of time, as well as how to get in and the general layout of the place (in the case of cameras in the house and outside), as well as potentially where many of your valuables may be kept, and if vulnerable, they can twist these devices to their own purposes and conceal their nefarious actions from you, making it appear that everything is completely normal while they ransack your home). Malwarebytes Labs recently did a series of articles on the subject of stalkerware and the role it can play in domestic abuse situations, leaving their mark long after the abuser is out of the home of the victim, and vulnerable IoT devices and even devices where the victim has simply failed to remove, replace or at least change the access codes/usernames/passwords to can also be exploited for this purpose, potentially giving an abuser full access to monitor and potentially further psychologically torment their victims. In fact, CBC did a rather startling report late last year on this very subject discussing vulnerable IoT devices and the dangers and risks they can present and you can view it on YouTube below: Just some food for thought. It's scary that devices we may be using to make us feel more secure could be the very things exposing us to the greatest risks.
  10. Greetings, I'm sorry that you're having this issue, but hopefully we'll be able to get the problem corrected for you. Looking briefly at your logs, the only item I noticed was that Windows shows that your system has crashed a few times recently. I don't know if it is related or not, but it certainly could be, particularly if it caused your installation to become corrupted somehow. If it was only Malwarebytes that was corrupted and not Windows itself, then fixing it shouldn't be too difficult. Please do the following and let us know how it goes: Run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Hopefully that fixes the problem, but please let us know and we'll try something else if it still isn't resolved.
  11. Yes, it's based on QT. I see your points, I guess I'm just not used to seeing so many detections in Malwarebytes as I don't typically allow any PUPs onto my machine if I can help it. I am submitting this feedback to the team for review though.
  12. Greetings, Unfortunately installing over the top of a previous version tends to cause problems with the beta builds for the moment. Please try a clean uninstall/reboot/reinstall to see if that resolves the issues: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall the latest beta build Please let us know how it goes and if you still have any issues. Thanks
  13. True, it's only really useful if you wish to remove or exclude all or most of the detections listed. If the ratio is about half and half then it's still quite tedious. Another issue is that, even if Malwarebytes did include this functionality, it is often the case that different components of the same program/PUP may be classified differently under different detection/vendor names due to the signatures used to detect them, as some are specific signatures for that particular PUP/program, while others may be more generic for multiple PUPs or across families of PUPs using similar components that can be targeted more generically. Unfortunately for such cases even the functionality you describe would not eliminate the issue, though it would still at least help with much of it I'm sure.
  14. Greetings, If you haven't created an account at My.Malwarebytes.com yet you can still do so. Simply follow the instructions in this support article to do so using, if possible the same email address you used when you originally purchased your license. If your key doesn't show up in your account, then please try adding it manually by following the instructions in this support article. Once that is done, if you were successful, try using the Deactivate all function to reset your license key/devices so that the key will be freed up once more to activate on your current device/installation. If you still have trouble and your license still will not activate on your device then please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you further. I hope this helps, and please post again if there is anything else we might assist you with. Thanks
  15. Greetings, If you haven't done so already, I'd highly recommend signing up at My.Malwarebytes.com to manage your license(s). You'll find instructions on how to do so in this support article and instructions on adding a lifetime license to your account can be found in this support article. Once that is done, it may help to try resetting your license key using the Deactivate all function, then trying to activate the software with your license key once more. If that does not resolve the issue then please await a response from Malwarebytes Support to your ticket and they should be able to assist you in resolving the issue. I hope this helps and if there is anything else we might do to assist you please let us know. Thanks
  16. Hehe, yep, I suspect you're right about that second page; the tool they recommend for 'fixing' the associated error is itself detected by Malwarebytes as a PUP (Potentially Unwanted Program).
  17. Does anybody know what it actually does/how it works? I'm curious just because I still suspect that one of Malwarebytes' other components might actually detect this threat when it is actively attempting to infect a system (we'd likely need a dropper for it rather than just a DLL, as malware seldom shows up as just a single DLL file and usually starts with some kind of script/exploit or executable file to install/initiate).
  18. It is also possible that just the specific Malware Protection/scan engine component didn't detect it but that one of the other modules which are more heuristics and behavior based might since VT only uses the scan engine to check files. The Malware Protection/scan engine component actually makes up a very small part of what Malwarebytes Premium uses to detect threats and prevent infections. It is a layered solution with many different methods to stop attacks and you can learn more about how Malwarebytes works by reviewing the information on this page. In this particular case, since the file in question is a DLL, it can't self-execute (it would have to be an executable file such as an EXE, COM, SCR or other executable file format to do that) so it is probably designed to try and inject itself into another process or to be loaded by another piece of executable malware; behaviors which Malwarebytes should detect via other means such as Exploit Protection.
  19. Agreed. I wouldn't mind seeing it as an option possibly, but I would prefer they not install it automatically and I don't think they will. Yes, in most browsers the extensions/add-ons are updated automatically.
  20. I haven't heard any plans to integrate it at this time. I suppose it depends on whether the browser extension is deemed ready for release and whether or not they plan to integrate the browser extension with Malwarebytes 4.
  21. Good, I'm glad that you finally found a solution. If there is anything else we can help with please let us know. Thanks
  22. Excellent, I'm glad you were able to get the issue resolved. If there is anything else we might assist you with please let us know. Thanks
  23. This is the expected behavior. A scan is a very resource intensive process. This is also why scans are now faster in v4 vs v3, however scheduled scans still run with lower priority to allow better multitasking and of course if manual scanning is too intensive on your system you can always deprioritize it using the provided option to allow for better multitasking. With that said, I have no trouble performing other tasks while a high priority scan is running, however I do have a pretty powerful CPU (i7 7700K, overclocked to 4.6GHz across all cores).
  24. I'm not sure what Windows behavior you are referring to, but I just tested both in Chrome and Windows Explorer (in Windows 7; it may differ in 10) and the scroll bar goes to where the mouse pointer is. As for detections, while it is true that there is no way to select all detections related to a specific application/infection, you can use the empty checkbox at the very top of the list to select all/clear all checkboxes so if you have a PUP detection you wish to exclude, just click that checkbox and everything in the list will be unchecked, then click 'Next' and select the option to always ignore the remaining items and they will be added to your exclusions.
  25. Yes, there are actually a lot of functions missing in the UI for v4, however I've been assured that it is still a work in progress so I expect that most if not all of the v3 functionality we were all used to will return by the time the new product is released.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.