Jump to content

exile360

Experts
  • Content Count

    25,031
  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings, I'm sorry that protection isn't working properly for you. Please do the following and hopefully the issue will be corrected: Run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Once that's done and Malwarebytes is reinstalled, try rebooting to make certain that it starts up normally and that protection starts as it should. If it doesn't then please let us know. Thanks
  2. Excellent, I'm glad to hear it If there is anything else we might assist you with please let us know. Thanks
  3. Greetings, Malwarebytes does not scan for these types of items, the reason being that it is far too trivial for the bad guys to modify malicious scripts/macros to evade detection (including using methods such as encryption as well as simply altering a script's content to re-order/change its commands sufficiently so that it is no longer detected by existing signatures). This being the case, Malwarebytes instead relies on behavioral detection of items of this type since they are exploits so they should be detected by the Exploit Protection component in Malwarebytes Premium whenever the file attempts to execute/open the malicious macros/script in question. You can find out more about how the various layers in Malwarebytes function to detect threats during the various phases of the attack chain by reviewing the information in the diagram on this page and you can learn more about why signature based detection of malicious scripts is a less effective countermeasure by reading the information found in this article. To put it bluntly, signature based detection of modern threats, especially script based threats like exploits, malicious macros and the like, is an unquestionably futile effort and will fail just as soon as the bad guys catch on (which they do rather quickly as they have access to automated scanning systems similar to VirusTotal and the like for this very purpose), they'll make a quick change to their code and it will no longer be detected until the AV vendors capture samples of the new variant(s), after at least some users have already been infected by it, and after the AV vendors publish new signatures to detect the new variants. This is a reactive approach to security that falls short of the standards that the Devs and Researchers at Malwarebytes hold themselves to which is why they rely on more proactive solutions like Exploit Protection more so than signature based components like the scan engine to deal with such rapidly evolving threats.
  4. You're welcome If you still aren't sure how to provide the contents of those keys, all you have to do is open regedit and go to the keys one at a time and for each, right-click on it and select Export and give it a name and save it somewhere convenient where you can easily locate it such as your desktop and after doing so, select all of them and right-click on one of them and hover your mouse over Send to and select Compressed (zipped) folder then attach the resulting ZIP file to your next reply in this topic. That should give them all the info they need to troubleshoot and correct this issue.
  5. I don't know if it's of any use to you, but I did find the following information on booting into Safe Mode in Windows 10: https://support.microsoft.com/en-us/help/12376/windows-10-start-your-pc-in-safe-mode https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10 If you do with to pursue a refund then you may refer to the information in this support article which provides contact info for the various e-commerce vendors who handle billing/transactions/refunds for Malwarebytes online subscription purchases.
  6. Excellent, I'm glad to hear it. I hope that everything remains functional and stable and if there's anything else we can help you with please let us know. Thanks
  7. @AdvancedSetup, @dcollins would you guys take a look and assist please? Thanks I've alerted them to return to your topic herre so hopefully you'll be hearing from one or both of them soon. Thank you for your patience and I hope this issue is resolved quickly for you.
  8. Greetings, Yes, it appears that the installation failed to complete properly resulting in a corrupt install of the software. Please do the following and it should correct the issue: Run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Please let us know how it goes and if the issue persists or if any additional issues occur. Thanks
  9. Just for additional info, I would also highly recommend giving the Malwarebytes browser extension beta a try. It works similar to the Web Protection component in Malwarebytes Premium, but it also has behavior based blocking for tech support scam sites (those fake Microsoft etc. lockscreen sites that tell you you're infected and try to get you to call for their "tech support") in addition to blocking many ads, tracking servers (to guard your privacy), clickbait, as well as the same malware and PUP (Potentially Unwanted Program) domains/IPs Malwarebytes Premium blocks. It is fully compatible with all protection components in Malwarebytes 3, including Web Protection, and works within your web browser to enhance the protection you have from Malwarebytes 3 if you have it installed, and the extension also works by itself even if you don't have a Malwarebytes Premium license. The extension is available for Chrome (as well as other Chromium based browsers like SRWare Iron and Vivaldi) as well as Mozilla Firefox. Microsoft Edge and Apple Safari versions are in development last I heard, however those two versions are not yet available. You can find out more and get the extension at the following links for each browser: Chrome Firefox
  10. Excellent, I'm glad that it's working now It could have just been a temporary quirk caused by something such as a corrupt config file or something (whatever it is that Action Center uses to read/display status info; I know Vista used an XML file for Security Center but I believe more modern Windows versions' Action Center feature uses more complicated means of storing/reading/displaying status info, though only a Dev familiar with working with it would know for sure, such as one from a security software vendor who registers with Action Center (like Malwarebytes)).
  11. I found this post on Intel's support forums which may prove helpful. I also did a search for disable optane and the results may be found here. If you can't find the answers you need there you can try creating a topic on their forums to see if anyone else has experience with your specific device/setup and can help walk you through what needs to be done to disable/remove Optane.
  12. Excellent, I'm glad that it's functioning normally now. If you have any future issues please let us know. Thanks
  13. Greetings, I didn't see anything obvious that jumped out at me in your logs so please give this a try as it could just be a matter of one or more of Malwarebytes components being corrupted in which case a clean install should fix it: Run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Once that's done, please try launching Malwarebytes again and let us know if the issue persists or not. Thanks
  14. You could just physically remove the Intel Optane chip/SSD from the motherboard if you really want it disabled, assuming it isn't required for the system to boot (and it is my understanding that it shouldn't be required for booting; at least if it is being used to boost drive throughput as it was originally intended by Intel). You might lose a bit of performance, but if it isn't stable with it then I'd personally just go without it.
  15. Yes, it should be the same for all those affected. While I don't know all of the technical details, it appears that there's a problem with the driver not shutting down properly when the shutdown command is called which results in the error, however I haven't seen any reports so far of it impacting performance or stability in any way so it seems to be a minor issue and I expect it will be corrected in the next release (the affected version is the recently released 3.6.1).
  16. If you use the Immunize function in Spybot Search & Destroy or Spywareblaster then these are false positives. You can verify this by checking the registry entries. If they show the value data as 4 then they are FPs as zone 4 is the restricted zone. You can learn more by reviewing the information on this page. If these entries were set to 2, meaning the trusted zone, then they would not be false positives, however there has been a longstanding known issue with ADWCleaner detecting these types of entries. Most were corrected in the last 2 releases however it appears that some of them still linger (assuming they are configured to 4 on your system). The following is a quote from the Microsoft page linked above:
  17. That's correct. In fact, you can test this yourself if you wish. Aside from verifying that the Chameleon driver is running, you can also try terminating any of Malwarebytes' processes via any tool such as Task Manager and you should receive an "access denied" error from Windows (you won't see this error if self-protection is disabled and it will allow you to terminate them if self-protection isn't running which you may also verify if you wish).
  18. I just confirmed this issue on my own system running the latest build (3.6.1). I will report it to the Product team. If you come across any additional issues please let us know. Thanks
  19. Greetings, Until one of the Research team members responds, I believe I can offer some additional information that may prove helpful. I looked up the IP address of the sites being blocked and found a listing for it here on hpHosts which is a site run by members of the Malwarebytes Research team and includes a lot of the same information used for the Web Protection component in Malwarebytes 3: https://hosts-file.net/default.asp?s=198.54.117.211 I also checked the IP address itself by pinging it and discovered that Malwarebytes is actually blocking the IP address (198.54.117.211), not specifically your newly registered domains meaning any site hosted on that IP address will be blocked unless the Research team makes an exception (which they are likely to do if either the server is no longer a threat, if it is a false positive, or if there is a way to block the malicious content found on that server without blocking your specific domains as well however I do not know what course of action they can or will take so we'll have to await their response).
  20. Yep, that's exactly right. And this is the same reason that when you have a normal AV installed, that if, for example, you disable its HIPS component or some other ancillary protection component included in the product, Windows Security Center/Action Center will most likely not display any notification/prompt or change its status. It only checks for whatever the vendor reports as the primary "malware protection/detection" component (usually called "virus protection" in most AVs, though some have modernized their terminology and now more accurately refer to it as "malware protection") and whether or not databases are up to date as well as whatever module the vendor reports as their "anti-spyware" component (if they have such a dedicated module and if they are reporting to the Security Center/Action Center as both an AV and AS solution). The same goes for firewalls for example in Internet Security suites and the like if they have Windows monitoring their firewall status. It lacks the granular monitoring capabilities to report on modules outside of its very basic 3 types of protection so for a product like Malwarebytes which uses several diverse layers of defense in a single solution/product, Windows' monitoring capabilities aren't really that useful, especially since the Malware Protection component in Malwarebytes really isn't the most proactive/effective component in its arsenal, especially given how prominent exploits are today as a primary infection mechanism for virtually all types of threats now, be they standard Trojans, rootkits, spyware, and of course ransomware, which has also become quite common.
  21. By default (unless you disable them) Malwarebytes will also notify you from the tray whenever it is out of date or any protection component is disabled. I believe the interval for databases to be considered outdated is around 24 hours and this is the same duration that Security Center/Action Center would use to determine whether it's up to date or not.
  22. You're welcome For what it's worth, the last I heard they did plan on adding the ability to use custom block lists eventually, however it hasn't been implemented yet. In the meantime using your HOSTS file is a reasonable alternative (I use a rather large one myself, in addition to Malwarebytes). Just note that if you do end up going the HOSTS route, that if you end up using a large HOSTS file (in the neighborhood of hundreds or thousands of entries or more) then please be sure to disable the DNS Client service otherwise you'll have major system performance issues. It's not an essential service anyway; it's primarily used for DNS caching which is completely optional and doesn't go well with a large HOSTS file resulting in massive constant CPU usage unless you disable the service. You can learn more about it here.
  23. Hehe, not my pockets, at least not any more I only use AT&T DSL now and have no complaints (except that it isn't fiber, but at least I get around 7 megabits instead of the 6 I actually pay for/which is the highest they offer; used to get around 8 but it wasn't super stable so the techs at AT&T fixed it, and while I did lose a bit of speed downstream, it is perfectly stable now and my upstream speed is 2~3 times what it used to be).
  24. Yeah, I freaked out today when my phone suddenly made that annoying sound and immediately killed it after seeing what it was then took to the net to find out what was going on. A useful tool in a real emergency I suppose. I just hope they don't start doing regular tests of it as frequently as they used to on my former cable provider (I cut the cord years ago, so no idea how it is now) which used to be at least 2-3 times a week (even though they always claimed it was only weekly).
  25. You may also find the following links to be of use. They cover everything from registry cleaners, to system optimizers, driver updaters, tweaking tools and many others as well as some common PC performance myths: https://www.malwarebytes.com/pup/ https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/ https://blog.malwarebytes.com/threats/registry-cleaner/ https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/ https://blog.malwarebytes.com/malwarebytes-news/2017/11/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court/ https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/ https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/ https://decentsecurity.com/#/registry-cleaners/ https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/ https://lifehacker.com/5482701/whats-the-registry-should-i-clean-it-and-whats-the-point https://lifehacker.com/5033518/debunking-common-windows-performance-tweaking-myths https://www.howtogeek.com/198758/never-download-a-driver-updating-utility-theyre-worse-than-useless/ https://www.howtogeek.com/233115/the-only-way-to-safely-update-your-hardware-drivers-on-windows/ http://www.tomshardware.com/answers/id-1857635/good-free-automatic-driver-updater.html http://www.tomshardware.com/answers/id-1974868/trusted-driver-updater.html https://www.howtogeek.com/172839/10-types-of-system-tools-and-optimization-programs-you-dont-need-on-windows/ https://computer.howstuffworks.com/question1751.htm https://lifehacker.com/5415355/do-you-really-need-more-than-4gb-of-ram https://www.tomshardware.com/reviews/memory-module-upgrade,2264.html https://www.howtogeek.com/128130/htg-explains-why-its-good-that-your-computers-ram-is-full/ https://techlogon.com/2011/03/28/will-more-ram-memory-make-my-computer-faster/
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.