Jump to content

exile360

Experts
  • Content Count

    26,265
  • Joined

  • Last visited

Everything posted by exile360

  1. I believe this is an issue with Insider Preview build 18323 of Windows 10 as I've seen similar reports from several other users running the Insider Preview. Also bear in mind that, at least as I understand it, Malwarebytes does not officially support any beta/early preview operating systems, including the MS Insider Preview builds, so official support for build 18323 should not be expected until it is released officially to non-insiders by Microsoft and that unforeseen issues may occur when running Malwarebytes software on the test operating system. Here are a couple of other topics where similar issues with the Insider Preview build have been reported: https://forums.malwarebytes.com/topic/241843-malwarebytes-turned-off-on-windows-10-build-18323-19h1/ https://forums.malwarebytes.com/topic/241849-w10-build-upgrade-to-18323-switches-of-mbw-protection/
  2. Greetings, Thank you for reporting this issue. I've seen a few other reports so far of similar problems with the latest MS preview build. Do keep in mind that Malwarebytes does not guarantee compatibility with any beta/test operating systems/updates, so until build 18323 is released officially to non-preview users, it is not guaranteed to work properly. That said, if you haven't tried performing a full clean uninstall/reinstall of the software using the official Malwarebytes Support Tool then that might be worth a shot to see if it corrects the issue: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here
  3. Greetings, I don't know the precise interval, but it does do regular checkins with the licensing server so it is possible that it may revert to free mode after a while without internet access. That said, getting it activated again shouldn't take long or require too much effort and the most time consuming thing would likely be just getting your databases up to date after that many days, as it would likely force Malwarebytes to download the entire database after that long rather than grabbing the much smaller incremental updates that it normally would with normal online operation. It's likely to be somewhere in the area of 10~30MB of data to download databases after an outage that long.
  4. Confirmed, no effect from re-enabling Meltdown protection. I then tested removing the exclusion and the issue did indeed return on the next reboot. I've enabled boot logging and I'm about to restart, but keep in mind that this appears quite similar to past issues I've observed and reported to the Devs with MB where it hangs that would often prevent logging tools from functioning because it's close to a full system stop once it occurs. I do have some flexibility in this case as I can launch at least one or two new processes while MB is hung up/trying to start, but it does eventually stop any new threads from entering memory until I terminate Hotkey from memory so just keep that in mind as it may prevent the capture from working or from working fully by stopping Procmon's write activity after a point.
  5. Thanks for the feedback on the Support Tool. I'll be sure to forward it to the team for consideration, and hopefully they will address this scenario in a future release.
  6. Greetings, I do not believe they are going to make a version of the browser extension for IE unfortunately (being an IE11 user myself, I feel your pain). I spoke with the Developers about IE11 support and it was explained to me that IE and ActiveX are too different from Chrome and FIrefox for an IE version of the extension to be feasible. I'm also sure that with official Windows 7 support from Microsoft coming to an end next year, that this too is a factor in their decision. With regards to password managers, it may not be as bad as you think. While it is in a way a single point of failure, at the same time the good password managers take additional measures to ensure that your passwords are secure. You can find out more and also learn about alternatives to a password manager if you still aren't convinced that you should use one by reading the information in this Malwarebytes Labs blog article. You'll also find some good tips on keeping your passwords secure in this Malwarebytes Labs blog article. Malwarebytes also recently published this Malwarebytes Labs blog article which is all about the latest phishing attack methods and includes more info on things like 2-factor authentication and password managers including info on the benefits and risks involved. I hope that helps and if there's anything else we might assist you with please let us know. Thanks
  7. Excellent, I'm glad that it's working now Yeah, I hear you, it seems like lately a lot of these updates are more trouble than they're worth. But hopefully Microsoft will do better with the next round of patches.
  8. Greetings, I spotted the following entries in your logs that indicate that the Ransomware Protection component is having trouble installing its driver and I also noticed the driver wasn't listed where it should be on disk or in the registry: 01/24/19 " 13:26:13.782" 5108546 0d8c 12cc WARNING AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartProtection "arwcontrollerimplhelper.cpp" 800 "Cannot proceed. State (1), Status (6)" 01/24/19 " 13:26:13.782" 5108546 0d8c 12cc ERROR ArwController CArwController::StartProtection "arwcontroller.cpp" 467 "Failed to start the Anti-Ransomware protection!" 01/24/19 " 13:26:14.190" 5108953 0d8c 12cc WARNING AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartProtection "arwcontrollerimplhelper.cpp" 800 "Cannot proceed. State (1), Status (6)" 01/24/19 " 13:26:14.190" 5108953 0d8c 12cc ERROR ArwController CArwController::StartProtection "arwcontroller.cpp" 467 "Failed to start the Anti-Ransomware protection!" 01/24/19 " 13:26:14.465" 5109234 0d8c 12cc WARNING AntiRansomwareControllerImpl mb::arwcontrollerimpl::ArwControllerImpl::StartProtection "arwcontrollerimplhelper.cpp" 800 "Cannot proceed. State (1), Status (6)" 01/24/19 " 13:26:14.465" 5109234 0d8c 12cc ERROR ArwController CArwController::StartProtection "arwcontroller.cpp" 467 "Failed to start the Anti-Ransomware protection!" Apparently something is preventing the driver from installing when Malwarebytes attempts to do so. Please download and install the latest version of Malwarebytes over your existing installation from here and then reboot once that completes and test to see if Ransomware Protection is now functional or not. If the problem still persists then please do the following: Run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Please let us know how it goes and if the issue still remains or not. Thanks
  9. Yes, in fact they already are, however as with all program updates, it is rolled out gradually/on a metered basis in a random/semi-random manner so not all users will receive the new version at the same time.
  10. No problem at all. I dug around but still couldn't locate any relevant documentation unfortunately. That doesn't necessarily mean that it's not possible, just that I couldn't find it. A member of the Malwarebytes staff will be able to address your question and point you in the right direction of any relevant documentation. Good luck, and I hope there is some kind of option available to make this easier for you to deploy.
  11. I'm glad to hear the new version is working for all of you. Hopefully that continues to be the case and that this issue is resolved for everyone but please let us know if any issues do crop up.
  12. Greetings, Unfortunately lifetime licenses for Malwarebytes haven't been available for several years now and they are no longer offered. That said, you might be able to find a reseller selling old stock of lifetime license keys, however I would advise extreme caution as more often than not such offers are scams and the licenses being sold are pirated and are likely to either not work, or end up being blacklisted so that they eventually stop working. I would suggest keeping an eye out for promotions offering discounts on the yearly subscription though, as you might come across one in your price range at some point. In the meantime, there are a few free offerings from Malwarebytes that you may use to help keep your system safe. The first is a browser extension that uses the same block database as the Web Protection component in Malwarebytes Premium to block bad websites. It is available for both Google Chrome and Mozilla Firefox. You can find out more about the browser extension and download it at the following links: Chrome Firefox The primary differences between the browser extension and the Web Protection feature in Malwarebytes 3 is that the browser extension only protects your web browser rather than your entire system the way Malwarebytes Premium does, however the browser extension does have some advantages over Malwarebytes Premium, including behavior based blocking of new/unknown malicious sites of certain types including tech support scam sites and phishing sites and it also includes blocking for many ads as well as tracking servers to help guard your privacy and speed up your web browsing experience and it also blocks many clickbait sites/links; all categories of undesirable sites that the Web Protection feature in Malwarebytes Premium doesn't currently block (it doesn't block ads, tracking servers or clickbait sites/links, and it lacks the behavior based blocking for the other types I mentioned). Also, if you ever do purchase Malwarebytes, you may continue using the browser extension as they are fully compatible with one another. Next, I would suggest installing the standalone version of Malwarebytes Anti-Exploit which is available here. It offers the same protection from exploits as Malwarebytes 3 which makes it extremely valuable as the Exploit Protection in Malwarebytes Premium is by far the single most proactive preventative protection component in the product because it stops the most common types of malware attacks (web based exploits and document exploits from malicious email attachments etc.) in their tracks very early in the process before any infections are able to download to your system (the exploit phase of an attack is at the very start of most malware attacks, including the vast majority of ransomware attacks and other infection attacks). You don't get all of the protection in Malwarebytes Premium, but between the two of those tools you do get a significant amount of valuable protection for free which you may run alongside a free or paid antivirus (including Windows Defender which is included in Windows 8/8.1 and Windows 10 as well as Microsoft Security Essentials which is available for free for Windows Vista and 7 users). Finally, if you're willing to go without the free version of Malwarebytes to use as an on-demand scanner/remediation tool, you may download and install the Malwarebytes Anti-Ransomware Beta which is available here. It provides the same behavior based protection from ransomware to monitor all processes in real-time to check for ransomware behavior and to stop and quarantine any ransomware threats it detects based on that behavior. This module is more reactive as it only goes into effect if a ransomware infection has successfully infiltrated your system and is running in memory and attempting to encrypt your files; this is because this module is designed to detect ransomware threats by catching them in the act during the attack. It is not the most proactive protection component in Malwarebytes Premium, but is a great last layer of defense against ransomware if all else fails. Just be aware as I mentioned, that you will need to remove the free version of Malwarebytes 3 from your system to use it because they share several of the same files/components and cannot be installed together on the same system so you'll have to choose one or the other, though both should be fully compatible with the other free tools I've already mentioned. Please let us know if there is anything else we might assist you with or any additional questions we might answer for you. Thanks
  13. Greetings, Unfortunately I do not believe that there is any alternate means of activating the Mac product via any kind of scripting or automation, only through the UI. I found this support article on the subject and I also checked the Malwarebytes for Mac product documentation found here. In fact, I don't believe there is even any CLI/scripting support for the Windows consumer product either (though the business product does have an API/command line interface support) so even on Windows there is no way to activate the product without going through the UI. That said, you should be able to activate the product on any device via the My Account feature by signing into My.Malwarebytes.com as documented here.
  14. Excellent, thanks for the input Firefox. I'd still be concerned about the other items I mentioned though (the Workstation build of 10, those features I mentioned, larger amounts of RAM like 128GB+; I have 32GB myself by the way ). If you have any insight on any of those items that could be a great help.
  15. Yes, it definitely could assuming Malwarebytes uses server hardware detection to determine when it is being installed on a business class system/server. I'll ask one of the members of Support to take a look and comment as I want to make certain that you are provided with accurate info before making any purchases so that we guide you to the right solution. @LiquidTension, @AdvancedSetup could one of you address this please? Thanks
  16. Greetings, First off, please make certain you are running the latest build of Malwarebytes. A new component update was released recently which may resolve your issues. To do so, please open Malwarebytes and navigate to Settings>Application and click on the Install Application Updates button and allow it to download and install any available updates, restarting your system if prompted to do so to complete the installation process. If that fails to resolve the problems then please try downloading the full installer for the latest build from here and install it over the top of your existing installation, again restarting your system if prompted to do so, then test to see if the issue is now resolved. If the problem still remains then please do the following: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Check to see if that solved the problem, but if not then please use the Malwarebytes Support Tool to provide logs as explained below so that we may take a closer look at what's going on with your installation and hopefully guide you to a solution: Run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Please let us know how it goes and provide the requested ZIP file if necessary should the issue still persist. Thanks
  17. It should be compatible, however it's also possible that it may require the business version since Workstation shares several features with Windows Server (the differences are documented here). The main ones I'm concerned about are ReFS, Persistent Memory and, assuming you use one, a system with multiple physical CPUs (i.e. dual Xeons or Opterons etc.), plus, if you're going to install a massive amount of system memory, that may also be an issue. I don't know for certain though, so a member of the Malwarebytes staff may need to weigh in. I just know that it's possible that the consumer build may detect that version of the OS and/or the business class hardware (again, assuming that's what you're using) and refuse to install or it may not function properly if there are any compatibility issues with those features/system hardware configurations.
  18. So far the exclusion seems to have done the trick (I also disabled Meltdown protection via the registry so that also may be a factor but I doubt it). I can test further by re-enabling Meltdown protection and/or removing the exclusion if you wish, just let me know.
  19. Hello again, If you would, please provide a fresh set of logs so that we may see what's going on with the program: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
  20. I believe these are the steps to reproduce the issue: Install Malwarebytes on a system where it will initiate the free trial and register itself by default with the Windows Action Center/Security Center Wait for the trial to expire without altering the Action Center/Security Center setting in Malwarebytes Open Action Center/Security Center to verify that it still shows Malwarebytes among the protection programs on the system being monitored Open Malwarebytes and attempt to alter the Action Center/Security Center registration setting under Settings>Application We have seen this issue in the past and I have reported it to the Product team previously, however I do not know if or when it was addressed if at all. Please feel free to correct me if I am mistaken, but I believe this is how the issue is reproduced.
  21. Microsoft updated their website with current information on the planned expiration of Windows 7. As you may have already been aware, the date for the end of extended support (i.e. the development and release of new security updates for the OS) is set for January 14, 2020 which means users who wish to continue to receive security updates and patches will need to migrate to Windows 10 before then. The new/updated page containing this information may be found here and it also includes info on several versions of Windows Server as well as the Embedded versions of Windows 7. More details specific to the Windows 7 End of Life policy may be found here and an FAQ about the Windows 7 End of Life/Product Lifecycle may be found here. Below you will find my commentary on Windows 7's End of Life. I put it in spoiler tags for courtesy since you may not be interested in my lengthy opinions on the subject and it's not essential information in relation to the links and info above.
  22. In addition to the tools and products mentioned above, for consumers there are also several other free tools available which have proven quite effective at cleaning heavily infected systems and dealing with persistent and difficult to remove threats. The first of these is Malwarebytes Anti-Rootkit BETA or MBAR for short. You can find out more about this free tool as well as download it here. This tool is a portable, self-extracting anti-rootkit utility which includes the same excellent rootkit detection and removal technology built into Malwarebytes 3 but in a more portable package. There is also a special build of this tool available which is designed to deal with certain specific infections which might try to block Malwarebytes Anti-Rootkit from running. More details as well as a download link and instructions on using this special version of the tool may be found in this topic. Next, Malwarebytes also offers a special standalone adware/PUP (Potentially Unwanted Program) utility which is capable of removing many undesirable items that even Malwarebytes 3 may not detect (it's generally a good idea to scan with both if you are infected) called ADWCleaner. This tool has been around for a while and was acquired by Malwarebytes due to its excellent reputation and proven effectiveness in the field. The databases and capabilities of ADWCleaner have also been augmented to include all of the detections from the previously available Junkware Removal Tool (JRT for short). You can learn more and download the tool on this page. Of course Malwarebytes 3 itself is a powerful tool as I'm sure you're already aware, and while the default scan in Malwarebytes 3 is quite powerful and also very efficient, if you are scanning a system which is heavily infected or that you suspect might be, I would suggest enabling rootkit scanning (which is disabled by default for the sake of performance) by opening Malwarebytes and navigating to Settings>Protection and toggling the Scan for rootkits option located under the Scan Options section to On, then returning to the Dashboard tab and clicking the Scan Now button. This will perform the same efficient and highly effective Threat scan, but now it will be enhanced with superior rootkit detection and remediation capabilities. One more thing to note: both Malwarebytes (when rootkit scanning is enabled) as well as Malwarebytes Anti-Rootkit will check for the presence of rootkits and rootkit families known to damage core Windows system components, especially those related to system security and internet connectivity, and if found, they will not only remove the rootkits, but also repair the damage to those critical Windows system services and functions to return the system to normal functionality which can save you a lot of time and trouble trying to repair those damaged features after the malware cleanup is complete.
  23. The information in this support article may also prove helpful. It details how to manage licenses/subscriptions using the My.Malwarebytes.com web interface.
  24. Unfortunately I can't get the full memory dump as my keyboard has no Scroll Lock key. Here is the MBST archive though. mbst-grab-results.zip
  25. You're welcome A new version has been released that should correct this issue. To install it, open Malwarebytes and navigate to Settings>Application and click on the Install Application Updates button and allow it to download and install the update, then restart your system if prompted to do so once the installation completes. You can find out more info about the new build here.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.