Jump to content

exile360

Experts
  • Content Count

    25,826
  • Joined

  • Last visited

Everything posted by exile360

  1. Not really, but that's probably because I'm not a software developer The closest thing I've ever done to writing code is to compose my own batch files to make various tools/tweaks/automated fixes etc., but that's about it, nothing too deep.
  2. It already has extensive exploit protection capabilities for Java and both Adobe apps. The only one not shielded by Exploit Protection out of the box is Skype, though a user could add protection for it if they wished using the custom shield function (it should be classified as a browser in the settings for the best results). Given how extensive the exploit protection for those apps/plugins is, there's no need for sandboxing, at least in my opinion (a LOT of the techniques and technologies that Exploit Protection is based on are focused on exploits that target those 3 applications/plugins).
  3. You may also keep Malwarebytes free installed if you wish to keep it around for occasional scans to get a second opinion/verify that your system is clean. The free version doesn't run in the background or load on boot so it won't conflict with Avast AV at all.
  4. I didn't read the whole thread, but is there a particular reason you're scanning with the outdated version 3.5.1 of Malwarebytes rather than the latest 3.6.1? If not, then please download and install it from here, then try running a Threat scan with rootkit scanning enabled to see if it still detects the rootkit. Thanks
  5. OK, there's definitely something up with your system. At this point I'd recommend working with one of our specialists to check the system for infections and other issues. To do so, please follow the instructions found in this topic, skipping any steps that you are unable to complete, then create a new topic in the malware removal area including the requested logs and info by clicking here and one of our malware removal specialists will assist you in checking the system, and hopefully in the process will determine what's causing these problems and correct it or at least find more clues as to what's going on to cause these issues.
  6. Greetings, After creating a support ticket you will be contacted via email. You will then respond via email while being assisted, and as long as that first confirmation email got through, which you already confirmed, then there should be no problem receiving future emails once a member of Support has replied to your ticket. Please let us know if there is anything else we might assist you with or if there is anything else you have questions about and we'll do our best to help. Thanks
  7. Greetings, Please do the following so that we may take a look at what's going on with your Malwarebytes installation and hopefully it will reveal the cause of this issue: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
  8. Greetings, It appears that your DPI settings are set to 96% which is likely what's causing the issue. Please try changing your DPI settings to 100% to see if that corrects the problem. You can find instructions on how to do so on this page. Additionally, I also noticed that you have User Account Control disabled, and while that likely has nothing to do with this issue, it isn't very secure to have it turned off, not to mention the fact that Malwarebytes, along with virtually all modern software has been designed to be fully UAC compatible and compliant meaning having it disabled can cause issues with some programs. I would highly recommend turning UAC back on, and if you wish to do so you may find instructions on how to do that on this page. Please let me know how it goes and if the display issue still persists. Thanks
  9. Greetings, You should be able to roll back by installing the version found on this page. Once installed, disable the following options to ensure you aren't offered the problematic Component Update again:
  10. I hated seeing most of the new GUI stuff MS had planned/implemented in early Longhorn builds when Vista finally arrived and to see straight up regression in 8/8.1/10 to something that looks more archaic than Windows XP, but it happens unfortunately.
  11. No, they're not stolen/active keys. They get blacklisted all the time without impacting legitimate users/licenses. Again, a password could be used for new licenses, but any change to activation/validation cannot affect existing licenses, especially older 1.x/2.x format keys. As for activating your existing key, yes, they activate with 3.x, however 3.x validates it through the online licensing system to verify that it is a known key (not just a properly formatted one, but one that the company knows they actually issued, thus not created by a keygen).
  12. That's the problem, their junk keys still activate 1.x/2.x versions, so they install and activate with those versions then install v3 over the top (they generally include downloads/instructions for this procedure) which allows them to activate then try to validate with v3. Of course as soon as they hit the v3 license validation server it tells them that their license key is invalid, then the user usually contacts Malwarebytes Support who explain to them what the deal is and recommends they contact ebay/PayPal to get their money back and avoid such sellers in the future since lifetime keys haven't been available for several years now. For current valid licensees, it wouldn't work because of the internal licensing system which isn't designed to process 3 inputs/strings, just the max of 2. Again, they might be able to do something going forward for future v3 license keys, but it wouldn't be backwards compatible with older MB3 program versions and existing/past license keys (especially since even trying to do so would create a massive barrage of instant support requests from existing licensed users asking what's going on with all this new password stuff). It would be a logistical nightmare, and the bad guys would just do the same thing they've been doing to try and pirate keys/sell bad keys by blocking the validation servers in the HOSTS file and using older builds of Malwarebytes to activate which make it seem to work until the user upgrades to the latest build and tries to validate/activate (either getting an error that it can't contact the license server if blocked via the HOSTS file, or being told their key is invalid if they used the 1.x/2.x activation method without a server block).
  13. Because to change anything for validation for older format keys, the code would have to be changed in the older versions of MBAM that they were originally created for (1.x/2.x) which isn't going to happen (and the sellers would still be providing pre-patched/older versions that didn't include the new validation checks even if they did create a new build of each older version for this purpose). It would only be useful for the online validation system for newer format license keys in the current online validation system which already handles full license key validation anyway which renders the entire purpose of another validation check moot, at least for the case of those fake/keygen created license keys like you find on ebay etc.
  14. OK, then in your case it must be the Web Protection component causing the issue. If you disable that and find that it no longer crashes then I'd suggest installing the Malwarebytes browser extension beta to supplement your browser protection while Web Protection is disabled as mentioned in my above post.
  15. Right, and since they're older keys nothing implemented after would work for validation so adding a new password validation to licenses/subscriptions would only affect newer 3.x format keys/subscriptions (the ones with no ID's) so it wouldn't change anything for you, or for the sellers on ebay trying to push outdated license keys from keygens etc.
  16. Unfortunately most of the bad keys being sold on ebay and the like are coming from keygens and aren't even current 3.x license keys. They deliberately use older style 1.x/2.x license keys to attempt to bypass the modern license key validation systems that Malwarebytes has implemented in 3.x, hoping that they will work/import over to the 3.x version once they update/upgrade to the latest version (this is where many of them fail and stop working because they can't validate online via the 3.x licensing system since it tracks all license keys that are issued/sold anywhere, including by legitimate 3rd party sellers).
  17. It includes databases. Malwarebytes doesn't use databases hundreds of MB in size like many products do because it relies so heavily on powerful heuristics, machine learning and other technologies that make it efficient and effective against large numbers of threats, both known and unknown.
  18. Ah, I see. Yes, unfortunately if a license key has been stolen then you would need to contact Support (and you'd need to anyway, really, since they could have easily copied the license key info to use elsewhere/in the future, even if they weren't able to automatically reactivate the device(s)). Basically, if a key has been compromised, any number of people might have access to it at that point, so the key should be cancelled/blacklisted and a new license key issued to the owner to replace it, otherwise repeated incidents of unauthorized devices being activated will be very likely, especially if it's someone malicious (i.e. a hacker who publishes/sells license keys and other data on the dark web etc.).
  19. Greetings, The latest installer for Malwarebytes 3 can be found here. I'm not certain how up to date the included definitions/signatures will be, but I do believe they update it pretty regularly.
  20. You can exclude any item detected by ADWCleaner by right-clicking on it in the scan results and selecting the option to ignore it. This is also made easier by the fact that detections are grouped by family, so if multiple detections came from a single program having many traces/components detected, you can right-click on the parent entry and exclude it along with all child entries below it.
  21. You should already be able to do this as long as you're signed up at My.Malwarebytes.com as documented here and here. You can see all active devices/subscriptions and manage/deactivate each individually or all at once and accessing the site is obviously password protected and also requires an email address.
  22. You're welcome @nikhils can you please take a look? (nikhils is a member of Malwarebytes Support who has been analyzing this issue).
  23. Unless I am mistaken, I believe unprovisioned just means that it isn't active/configured which means no one would be able to use the IME chip to remotely power on and control the system (which is a good thing in my opinion; I just wish there were a way to fully disable/deactivate the thing or that Intel would stop integrating it into every CPU they produce, especially their consumer/enthusiast chips which aren't typically used in business machines anyway).
  24. Just FYI, until this issue is resolved, rather than disabling Exploit Protection completely you can just disable protection for those specific MS Office applications which are affected by following the instructions found in this post. Other users with this issue have already confirmed that this works and it will allow you to keep Exploit Protection active for all of your other applications which is especially important for your web browsers; the most frequently targeted applications by malicious exploits.
  25. Basically the only way those applications can get infected would be if you were to open a specially crafted malicious MS Office document like an infected MS Word doc containing an exploit from a malicious/spam email etc. You don't have to worry about anything being exposed to the web like through your browsers or anything like that because your browsers are still fully protected/shielded. Also, with regards to the process being slow to turn off individual app protection, yes, this is expected. It's because the way Exploit Protection works is to inject a DLL into the shielded processes/applications for monitoring purposes so that when an exploit attack is attempted, it sees it happen and can stop it in its tracks before the exploit can successfully execute. When you turn it off it has to unload that DLL from memory/from those processes which takes a bit of time (similar to stopping a service or driver that is running in memory).
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.