Jump to content

exile360

Experts
  • Content Count

    25,286
  • Joined

  • Last visited

Everything posted by exile360

  1. Sounds good, hopefully those exclusions resolve it, but if not then please move on to testing the various protection options I mentioned and let us know how that goes. Hopefully we can find a fix for this.
  2. The first one; exclude it from all modules. That's the setting you should use for AV exclusions for the best results.
  3. Greetings, I'm sorry that you're experiencing performance issues with both programs running, but hopefully we can find a solution to the issue. To start, if you haven't already, I'd recommend excluding ESET from Malwarebytes. I saw that you mentioned excluding Malwarebytes from ESET but didn't see anything about excluding ESET from Malwarebytes so that's worth a try if you haven't done so already. To do so, open Malwarebytes and navigate to Settings>Exclusions and follow the instructions under the Exclude a File or Folder section in this support article and exclude the program folder for ESET which should be located under C:\Program Files or C:\Program Files (x86) as well as its data folder which should be located under C:\ProgramData. You should also verify that you have excluded Malwarebytes files as listed in this support article if that wasn't the list you were using for your exclusions in ESET just to make sure that everything is excluded that can be. Next, if that does not help or if you already had those items excluded, please try disabling individual components in Malwarebytes to see if we can determine which component might be causing the issue. Begin by right-clicking on the Malwarebytes tray icon and clicking each of the four protection components listed one at a time and testing to see if the performance issue is resolved. If disabling any individual component does not resolve the problem then open Malwarebytes and navigate to Settings>Protection and below the Startup Options section toggle the Enable self-protection module setting to Off and see if things improve. Please let us know how it goes and if any changes to these settings eliminates the issue and we'll go from there. Thanks
  4. Yep, that's a good idea. The only potential issue would be if the original BIOS contains vulnerabilities and/or bugs that need to be patched since it can't be written to/updated.
  5. exile360

    tfu.info

    Cool, thanks Rakesh
  6. Hehe, I pretty much have no life. Being social isn't a driving force in my life. I spend most of my time alone and I'm quite content with that existence and have no desire to change it, but I'm definitely an outlier.
  7. Yes, just open a new post in that area I linked to with the domain and IP and they will investigate and respond and remove the site from the block list if it is a false positive.
  8. By the way, while not related to this precisely, it is still pretty cool as it has to do with cloud and systems management, I thought you might find this interesting. They are leveraging Amazon Alexa Home to provide access to cloud data from the managed business product for those customers.
  9. I have no idea as I'm not a Developer, I just know that the functions and APIs used for scanning and file analysis in Windows are very different from the machine learning/AI models and other functions used in the scientific projects managed by OpenACC. It's not something that was designed for AVs on a single system scale, though certainly for the machine learning components leveraged on the server side used by the Research team such technology would apply, but I don't know what the scale of their work and data set are there, so it would depend on that. The whole point of technology like GPU compute is to make massive workloads that are too large for a single CPU/system scale vertically so that you can apply multiple specialized processors (the GPUs) to those large data sets and workloads to substitute a setup with many PCIExpress GPUs for a massive set of systems/servers as it's more cost effective and GPUs are better at working with certain types of operations/functions and calculations, but that technology doesn't work for every type of workload because of the limits to the capabilities of GPUs compared to x86/x64 CPUs. This is actually a subject I've been learning a lot about lately as I've always been into hardware and over recent years the whole mining thing with GPUs, the emergence of big data and various machine learning models and the specialization of AMD/ATI and NVIDIA in the compute side of things have brought these technologies more into the mainstream so I read and hear about them a lot. It's just that when all you have is a single system of files to analyze by an engine designed to function in a single CPU environment using standard APIs and protocols, it doesn't translate well to the kind of specialized work and more massive data sets that GPU scaling was designed for. Basically it's not the kind of workload that this technology was designed to help with if that makes sense. But again, on the cloud side where the Research team is analyzing massive sets of data from users and resources like VirusTotal for classifying known and unknown files as threats or clean using machine learning algorithms it absolutely makes sense, and they may well be using such a solution for that work (I don't know as I'm obviously not on the Dev/Research team).
  10. Yep, I knew what you meant. Such setups are more of a specialized scenario though I think and not really a common use case, but I do still see the value in adding detection for other threats to each product/engine as it does simplify things and help to keep from spreading malware to other systems and environments. I don't know if they will ever implement such functionality, but they may as time goes on as they expand their portfolio of products into more platforms.
  11. OK, yes, that's very similar to the high contrast theme in previous versions of Windows. I figured that was the idea but wanted to make sure. Basically dark windows and controls with light colored text. Thanks
  12. Greetings, You can find many of the domains and IP addresses which are blocked by Malwarebytes in the hpHosts database which is run by the lead Malwarebytes Web Protection Researcher. It does not list all of the sites that are blocked by Malwarebytes however, as the HOSTS file database maintained there doesn't work in the same way that the Web Protection component in Malwarebytes does. If you wish to report a Web Protection false positive then please review the information in this topic as well as this topic and then create a new topic in the Website Blocking false positive area by clicking here and a member of the Malwarebytes Research team will review the site(s) being reported and respond as to whether it is a false positive or not/why it is being blocked and will act accordingly to remove the site(s) from the block list if it is a false positive. Please let us know if there is anything else we might assist you with. Thanks
  13. Greetings, It sounds as though your system could be infected. Please read and follow the instructions in this topic and then create a new thread in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will help you to check and clean the system of any threats as soon as one becomes available. Good luck, and I hope that the issue is cleared up promptly for you. Please let us know if there is anything else we can assist you with. Thanks
  14. It wasn't the NSA that published/released them to the public, it was The Shadow Brokers group. They published that one along with several others. Nope, they haven't been rolled up, at least not the ones published before that time, during the era of Windows 8/8.1 and the early phase of 10 when they started pushing all their GWX (Get Windows 10) and telemetry garbage. I can tell because those updates still show up offered separately. This means they haven't been integrated into their monthly rollups (yet). I don't have a video as I'm no programmer, but I did create some simple images of it and descriptive text. I submitted it to one of the Malwarebytes Devs at one point just to get his feedback and he said it was a perfect solution for a touch/keyboard & mouse hybrid interface and I told him that's exactly what I was shooting for. Basically the idea is that you have a series of horizontal rows, each one containing a set of icons and/or folders and they are laid out vertically in a semi-3-dimensional way where you can scroll your mousewheel or drag it with your finger to rotate it to expose more of them. The whole thing works like a bunch of gears on a wheel and when you open a folder or program on a row, it can expand to occupy the entire row horizontally and can also expand that row to fill the screen vertically and you can manipulate it to change how much of the screen it occupies. You can also drag the icons/folders horizontally for folders/layers that are too wide to fit onscreen all at once (similar to how you scroll horizontally on a wide image, webpage, or folder) and you have your normal START menu at the bottom of the screen, with this 3D contraption above it. It's a 3D expansive, interactive interface that can adapt to screens of any size and layout thanks to the flexibility inherint in its design. You can think of it like almost a 3D version of the old Windows Media Center interface, kind of similar to how the UI in the Playstation 4 works if you've ever seen that, except you have more control over the layout and how much space folders and applications occupy. I even came up with the idea for themes for it where you could have gears on the sides or wheels or whatever to fit with the way that it moves and is laid out.
  15. Actually, since there already are Malwarebytes engines based on Linux as well as Mac OS, and even products on several mobile platforms I doubt they could do much in the way of optimization beyond what they already have, at least nothing they'd learn from building a bootable version, especially if it were based on WinPE, which would probably be necessary for effective/efficient malware removal on Windows platforms (especially for dealing with file-less threats that use the registry). As for detecting threats from other platforms, they haven't implemented that yet as far as I know, however as long as each device has Malwarebytes running on it then it shouldn't matter because each device will protect itself against cross-contamination from connections and transfers from other devices.
  16. OK, sounds good, just please remember what I said about backing up your data first because even though chkdsk may fix the issue, it could also result in lost data if any of your files are in bad sectors and can't be recovered, and if what's going on is being caused by a failing drive then all of your data could be at risk. I'm not trying to scare you or anything, I'd just hate for you to end up losing any important files if it turns out that the drive is failing.
  17. No problem at all. It actually used to be a lot more common that bootable tools were required to remove threats, however over the past several years things have changed a lot in the threat landscape with most infections looking to either silently siphon data, scam the user with false claims (like the frequent tech support scams we see these days), or to exploit the user's browser or other software in order to download and execute some kind of malicious script, most of which don't even try to gain administrator access to the machine (because they want to avoid any User Account Control prompts that could present an opportunity for the user to easily intervene and stop the attack in its tracks), so most threats can now be dealt with inside Windows, either from the infected account, or by logging into another user account, or even by simply booting into Safe Mode and scanning from there, and with the DoR technology I mentioned, as long as Malwarebytes detects a threat and marks it for removal, it doesn't matter how early the malware tries to launch during the boot process to protect itself, it will fail because of other things that Malwarebytes does in preparation for the system restart/removal process (like breaking the files it has detected so that they can't run again and creating a cleanup script and driver that automatically execute as early as possible in the boot process to remove the detected malware from the system). That said, should the need arise again for an offline scanning environment, I have no doubt that the Malwarebytes team will look into creating a solution for it. This is actually something that Malwarebytes has investigated and worked on in the past multiple times, however each time they ended up finding an alternate solution that proved much simpler for users (since it didn't require creating a separate bootable tool/disc etc.) and just as effective at eliminating the threats they were targeting that were proving more difficult than usual to deal with from within Windows. This is also where projects like Malwarebytes Chameleon came from, which has since evolved into the self-protection platform now used by the Premium version of Malwarebytes to guard against threats terminating or altering Malwarebytes' components and processes. Originally it was a set of utilities that would get Malwarebytes running in hostile/infected environments when threats were attempting to block Malwarebytes from installing or running on the system and would keep Malwarebytes alive long enough to scan for and remove any threats from the system while suspending malicious processes in memory to prevent them from preserving themselves. If the need arises, I'm sure they will resurrect that technology for Malwarebytes 3, but at the moment the threat landscape seems to be shifting towards cross-platform and mobile threats now that more users than ever are accessing the web via mobile devices using browsers that run on both Windows and their smart phones as well as other platforms like Mac OS and Linux. Those threats aren't quite as difficult to deal with, but they are sneakier and much easier to make, so they're much more common. This is also why technology like the new Malwarebytes browser extension beta and the Exploit Protection in Malwarebytes Premium are so important, and I'm anxious for the browser extension to come out of beta so that more users will become aware of it.
  18. I don't use any social networking platforms like Twitter etc. so no, I'm not familiar with them unfortunately, but you mentioned it's easier on the eyes so I'm guessing it likely is like the high contrast mode I mentioned (a feature that's been available in Windows since at least the 9.x days as I recall), so if it is like that then I do understand what you are referring to, but a screenshot would certainly help. Thanks
  19. Greetings and welcome, Yes, this detection is the result of a generic heuristics detection to target a known PUP which creates that folder on the user's desktop. Since you know that the contents of the folder are safe, I would suggest excluding it. You may do so by performing a scan and then right-clicking on the detected item and selecting the option to exclude the selected item so that it will no longer be detected by future scans. A member of the staff will need to address the FP consideration, as that is beyond my control, however I would suggest that users creating such a folder is very unlikely and that most users who do, such as yourself, would be aware that they created the folder and that its contents are safe and would therefore have the option to exclude the folder accordingly, while users who are afflicted by the PUP this signature was designed to detect would best be served by continuing to detect and remove the folder if created by the PUP in question, however there may be another way to accomplish this (again though, that's up to the Research team to determine, obviously). I realize this doesn't completely resolve the issue, but I hope that it at least helps in the meantime so that you don't have to be wary each time you scan with ADWCleaner about allowing it to remove what it detects.
  20. Greetings, Thanks for the suggestion. I will submit it to the Malwarebytes Product team for review and consideration.
  21. Greetings, Thanks for the suggestion. While Malwarebytes does not currently have an offline boot disc/utility, they do use several features that help to thwart malware that attempts to load early in the boot process to protect itself, including several features of the remediation engine such as the DoR (Delete on Reboot) technology built into Malwarebytes for removing persistent threats, as well as the Anti-Rootkit engine which is used for not only detecting and removing hidden/active/embedded rootkits, but also for repairing the fallout/damage caused by many rootkit infections to core Windows components and services like Windows Update, Security Center/Action Center and even Windows Defender itself if damaged by malware. Malwarebytes also uses self-protection to guard its files, processes and data from being modified, terminated or deleted by unauthorized processes and users to prevent infections from stopping Malwarebytes from being able to remain active.
  22. Malwarebytes does participate in VirusTotal, so they do share samples with other vendors and have access to all the files uploaded there for analysis. They also have a new cloud component in Malwarebytes which leverages data from VT and other sources, as well as Malwarebytes' own machine learning technology to further enhance Malwarebytes' detection and protection capabilities. Definitions/signatures/heuristics/database syntax however cannot be shared between vendors because that information and technology is proprietary to each vendor and would compromise each vendor's intellectual property, business viability and potential effectiveness if such data were shared.
  23. You might try the Malwarebytes browser extension beta. It blocks many ads, trackers, phishing sites, PUPs, clickbait links, tech support scam sites and much more and works perfectly alongside the Web Protection component in Malwarebytes 3 Premium. It is currently available for both Chrome (and other Chromium based browsers like SRWare Iron and Vivaldi) as well as Mozilla Firefox. You can find out more and download the extensions at the following links: Chrome Firefox
  24. I too believe that the password protection feature is sufficient, but would like to see it expanded to also cover the uninstaller or add a captcha function to the uninstaller to guard against unwanted removal of the product.
  25. Please pardon my ignorance, but what is "Dark Mode"? Is that anything like high contrast mode for visually impaired users?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.