Jump to content

exile360

Experts
  • Content Count

    27,437
  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings, You should be able to manage your license using the new My Account feature by creating an account at My.Malwarebytes.com. You'll find instructions on how to do so in this support article and additional info on how to manage your license can be found in this support article as well as this support article (I recommend trying the Deactivate all function as that usually does the job for freeing up a lifetime license from a previous system/installation) and if necessary, you may contact Malwarebytes Support and they can deactivate the old installation for you as they did before. To do so simply fill out the form on the bottom of this page and they will assist you. I hope this helps, and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  2. Greetings, According to the older documentation for a previous build of ADWCleaner here it did support CLI to some extent at one time, however I'm not sure if it still does or not as I couldn't find any references to it more recent than that so I suspect that the CLI build/component either isn't available any more or was dropped from the set of features that ADWCleaner supports.
  3. Greetings, Yes, ADWCleaner has its own database and heuristics detection capabilities so it actually does target several PUP items that Malwarebytes does not currently. I believe that eventually they do plan to integrate ADWCleaner's capabilities into Malwarebytes, however for the time being the two programs are still separate and ADWCleaner is still useful as an on-demand second opinion scanner even when using Malwarebytes on an endpoint. I hope that clears things up and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  4. Greetings, ADWCleaner is just an on-demand scanner (no real-time protection) and targets mainly PUPs like adware and other junkware with a database that does target some items that Malwarebytes 3 doesn't detect so if you want to keep it around to scan with occasionally as a second opinion (a good idea, especially if you or anyone who uses the system tends to download and install a lot of 'free' software from the web that might include bundled items that you might not want on your PC) you are free to do so, but otherwise if you don't need it you can go ahead and delete it. It doesn't run in the background so it isn't going to waste any resources while you're using your PC so if you find it handy you can keep it around but if you'd rather not keep it around you can remove it and Malwarebytes should keep you safe. I hope that helps to clarify things a bit. If there's anything else we might assist you with please don't hesitate to let us know. Thanks
  5. I've been without a third party AV for several years now, relying on Malwarebytes as my primary protection, and while I do generally surf safely, I do actually occasionally press my luck going out into the riskier parts of the web to go 'hunting' for new threats and bad sites to report to the Malwarebytes Research team and even then, I still have yet to get a single infection (not even a single PUP) and the worst thing I've come across so far that actually got through was the occasional tech support scam site (though even those don't get through any more ever since I installed the MB browser extension beta I mentioned; it's very good at blocking those sites). For years I used Kaspersky and later ESET, always with Malwarebytes, but now it's just Malwarebytes and MSE (Microsoft Security Essentials) and it's been that way for the past 3~4 years.
  6. Greetings, To report a false positive please read the information in this topic as well as this topic and then create a new topic in the false positives area by clicking here with the requested information about the detection including a scan log from Malwarebytes showing the detection as well as a copy of the file attached in a ZIP folder so that the Malwarebytes Research team may determine why the item is being detected and get the issue corrected if it is a false positive. If there is anything else we might assist you with please don't hesitate to let us know. Thanks
  7. Greetings, I am sorry for the issue you experienced. It sounds like Malwarebytes performed a scheduled scan, detected O&O and was configured to quarantine detected items automatically and to restart the system automatically to remove any items detected. I would recommend changing this so that when items are detected by scheduled scans, you have the opportunity to review the detections and decide how to handle them and when to restart if necessary should you decide to remove them. To do this, open Malwarebytes and navigate to the Settings>Scan Schedule tab and check the box next to your scheduled scan and click the Edit button or simply double-click on the scheduled scan. In the edit dialog, click the Advanced button and uncheck the option Quarantine all threats automatically, or, if you still want Malwarebytes to automatically remove detected items you may leave that box checked and simply uncheck the box next to Restart computer when required for threat removal if you just want Malwarebytes not to restart the system automatically to remove items detected by your scheduled scan. Repeat this process for each scheduled scan if you have more than one scheduled. The image below highlights the two settings I am referring to: To prevent Malwarebytes from detecting O&O again, after you've either restored it from quarantine or reinstalled it, perform a Threat scan with Malwarebytes by opening Malwarebytes and clicking the Scan Now button on the Dashboard and once the scan completes, click the empty checkbox at the top of the list of detections in the column header to clear all of the checkboxes for all of the detections and click Next. When asked what to do with the remaining detections select the option to always ignore them and they will be added to Malwarebytes exclusions so that they will no longer be detected by future scans. Optionally you may also change how Malwarebytes handles PUP detections in the future by navigating to Settings>Protection in Malwarebytes and using the drop-down menu under Potentially Unwanted Programs (PUPs) in the Potential Threat Protection section. If you select the option Warn User then any items classified as PUP that are detected will not be automatically removed and will not be selected for removal but will still be detected so that you may review them and decide how to handle them. If you select Ignore Detections then Malwarebytes will no longer detect any items it classifies as PUP. These settings apply to all scans (both scheduled and manual) as well as real-time protection. With regards to why this program was detected, please refer to the following information about PUPs and how Malwarebytes classifies them and why: https://www.malwarebytes.com/pup/ https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/ https://blog.malwarebytes.com/cybercrime/2015/06/driver-updaters-digital-snake-oil-part-2/ https://blog.malwarebytes.com/cybercrime/2015/07/pup-makers-digital-snake-oil-part-3/ https://blog.malwarebytes.com/threats/registry-cleaner/ https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/ https://blog.malwarebytes.com/malwarebytes-news/2017/11/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court/ https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/ https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/ Regarding legal precedent, please refer to the following articles which cite two cases involving Malwarebytes and vendors blocked as PUP: https://blog.ericgoldman.org/archives/2017/11/section-230c2-protects-anti-malware-vendor-enigma-v-malwarebytes.htm https://blog.ericgoldman.org/archives/2018/09/section-230-helps-malware-vendor-avoid-liability-for-blocking-decision-pc-drivers-v-malwarebytes.htm The following links should also prove informative as to why many items are classified as PUP by Malwarebytes: https://decentsecurity.com/#/registry-cleaners/ https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/ https://lifehacker.com/5482701/whats-the-registry-should-i-clean-it-and-whats-the-point https://lifehacker.com/5033518/debunking-common-windows-performance-tweaking-myths https://www.howtogeek.com/198758/never-download-a-driver-updating-utility-theyre-worse-than-useless/ https://www.howtogeek.com/233115/the-only-way-to-safely-update-your-hardware-drivers-on-windows/ http://www.tomshardware.com/answers/id-1857635/good-free-automatic-driver-updater.html http://www.tomshardware.com/answers/id-1974868/trusted-driver-updater.html https://www.howtogeek.com/172839/10-types-of-system-tools-and-optimization-programs-you-dont-need-on-windows/ https://computer.howstuffworks.com/question1751.htm https://lifehacker.com/5415355/do-you-really-need-more-than-4gb-of-ram https://www.tomshardware.com/reviews/memory-module-upgrade,2264.html https://www.howtogeek.com/128130/htg-explains-why-its-good-that-your-computers-ram-is-full/ https://techlogon.com/2011/03/28/will-more-ram-memory-make-my-computer-faster/ I hope this helps, and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  8. Greetings, Yes, it appears you've been hit by a nasty ransomware infection. I'm not certain if the files can be recovered, however your best bet would be to work with one of our malware removal specialists to deal with the infection and they will advise you on how to proceed. To do so, please follow the instructions in this topic and then create a new topic in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you as soon as one becomes available. Good luck, and I hope that you are able to get your files back.
  9. Just to quote the article linked above by David H. Lipman as it's relevant to this issue:
  10. Yeah, even in the thread you linked to there are several files in that location with that name that appear to come from different sources, one of which is the Contuit search hijacker I mentioned, another appears to be some Star Wars games and one user mentions that they believe it came from Photoshop.
  11. Greetings, You should find the information in this FAQ entry as well as the diagram and information on this page to be helpful in deciding on how to run Malwarebytes. Additionally, there are some other helpful resources that you may find useful such as this article which describes the issue with traditional script detection methods and highlights the reason that Malwarebytes focuses much more on a behavior based approach through technologies such as Exploit Protection for dealing with such threats/attacks/attack vectors. That said, you could also keep Windows Defender active alongside Malwarebytes if you would prefer to have that AV layer still present on your system without consuming too many resources as it tends to be pretty lightweight and works well with Malwarebytes in real-time. We have many users here on the forums who run this configuration without issues and by default, if Malwarebytes detects that Windows Defender is active, it will leave it active so that you may keep both running together. You also might benefit from adding the Malwarebytes browser extension beta to your setup as it has the ability to block ads, trackers (for privacy when browsing), clickbait sites as well as new behavior based blocking for unknown/new tech support scam sites, phishing sites and several other categories of web based threats and works well with the Web Protection component in Malwarebytes 3. It is available for Chrome (as well as other Chromium based browsers such as Microsoft's new Chromium based Edge replacement browser, SRWare Iron and Vivaldi) as well as Mozilla Firefox. You can find out more as well as download the extension at the links below: Chrome Firefox I hope this information helps and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  12. Yes, I'm sure you did. It is because just as with the file listed on that VirustTotal page, your file is a 0 byte file meaning it is completely empty/no content, and any file that is 0 bytes/has no contents (regardless of what it might be named) will have the same hash/checksum, so the results will be the same. The file name and path/location is what you need to use to research it if you wish to find out what it is and where it came from which is why I speculated that it appeared to be a trace left over from a Conduit PUP/infection because Conduit would create a file by that name in that location according to the information I found (and I suspect that's the purpose of this signature in ADWCleaner that is detecting the file as well, though I do not know for certain as only Research would have access to that information).
  13. Greetings, The information in the following links should help to clarify much of this with regards to what Malwarebytes detects as PUP and why: https://www.malwarebytes.com/pup/ https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/ https://blog.malwarebytes.com/cybercrime/2015/06/driver-updaters-digital-snake-oil-part-2/ https://blog.malwarebytes.com/cybercrime/2015/07/pup-makers-digital-snake-oil-part-3/ https://blog.malwarebytes.com/threats/registry-cleaner/ https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/ https://blog.malwarebytes.com/malwarebytes-news/2017/11/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court/ https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/ https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/ Regarding legal precedent, please refer to the following articles which cite two cases involving Malwarebytes and vendors blocked as PUP: https://blog.ericgoldman.org/archives/2017/11/section-230c2-protects-anti-malware-vendor-enigma-v-malwarebytes.htm https://blog.ericgoldman.org/archives/2018/09/section-230-helps-malware-vendor-avoid-liability-for-blocking-decision-pc-drivers-v-malwarebytes.htm The following links should also prove informative as to why many items are classified as PUP by Malwarebytes: https://decentsecurity.com/#/registry-cleaners/ https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/ https://lifehacker.com/5482701/whats-the-registry-should-i-clean-it-and-whats-the-point https://lifehacker.com/5033518/debunking-common-windows-performance-tweaking-myths https://www.howtogeek.com/198758/never-download-a-driver-updating-utility-theyre-worse-than-useless/ https://www.howtogeek.com/233115/the-only-way-to-safely-update-your-hardware-drivers-on-windows/ http://www.tomshardware.com/answers/id-1857635/good-free-automatic-driver-updater.html http://www.tomshardware.com/answers/id-1974868/trusted-driver-updater.html https://www.howtogeek.com/172839/10-types-of-system-tools-and-optimization-programs-you-dont-need-on-windows/ https://computer.howstuffworks.com/question1751.htm https://lifehacker.com/5415355/do-you-really-need-more-than-4gb-of-ram https://www.tomshardware.com/reviews/memory-module-upgrade,2264.html https://www.howtogeek.com/128130/htg-explains-why-its-good-that-your-computers-ram-is-full/ https://techlogon.com/2011/03/28/will-more-ram-memory-make-my-computer-faster/ Obviously you're free to change how PUPs are handled and this is in fact the very reason those options are provided. Additionally, if you only wish to exclude a specific PUP rather than all PUPs you may instead perform a Threat scan with Malwarebytes by opening Malwarebytes and clicking the Scan Now button on the Dashboard, then once the scan completes, verify that all of the detected items belong to the program that you wish to exclude then click the empty checkbox at the top of the list in the column header to clear all of the checkboxes next to all of the detections then click Next and when prompted on what to do with the remaining detections select the option to always ignore and they will all be added to your Exclusions in Malwarebytes so that those items will no longer be detected by future scans or the Malware Protection component. I hope that helps to clarify things and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  14. Greetings, You should be able to click on the Date and Time column header to sort the list by date/time accordingly and the order will reverse if you click it a second time. The image below illustrates where you should click: I hope this helps and please let us know if there is anything else we might assist you with. Thanks
  15. If Fast Startup is enabled, or if you're using any sort of software firewall (other than the built in Windows Firewall) that could be the reason. You can learn more about Fast Startup here as well as here. It's been known to cause issues with Malwarebytes and other programs as well as some hardware components/drivers at times.
  16. LOL, that second image looks like a mannequin Anyway, here's another track: That song always reminds me of the movie Mannequin since Kim Cattrall played an Egyptian princess in that film which also featured Andrew McCarthy, and of course I can't think of the Bangles without thinking of my favorite tune of theirs which actually was on the soundtrack of another film that featured Andrew McCarthy (as well as an amazing performance by Robert Downey Jr), Less Than Zero: Man those girls could ROCK. They were so metal back when metal wasn't even that metal . Must be one of the best covers ever.
  17. Unfortunately much of what keeps Office vulnerable is its backwards compatibility and extensive plugin and embedded scripting support. These capabilities make it very flexible and useful, but also a prime target for active exploit/scripting based attacks/threats. UWP might help to some degree but I'm certain it would not eliminate all of these kinds of vulnerabilities completely.
  18. You're welcome. You'll find more detailed instructions in this support article.
  19. Just to add to what Firefox mentioned above, you might find the information in this support article to be helpful and you'll find additional details on signing up at My.Malwarebytes.com in this support article. If you are still unable to retrieve your license key then please contact Malwarebytes Support directly via the form on the bottom of this page and they should be able to assist you in tracking down your license information. I hope this helps and if there is anything else we might assist you with please don't hesitate to let us know. Thanks
  20. That file doesn't even have the same name as the file from your system; they are only the same in that they are empty 0 byte files and therefore have the same hash just as mentioned in this comment from VT:
  21. Greetings, I don't know about how it works for Macs, but I do know that on Windows it is a very bad idea to try to remove malware from backup images or system restore points as it will corrupt them rendering them useless and an infected backup is better than none should a system failure occur as you can always restore the system/image then scan it afterwards to remove any threats that might be present once the restore operation is completed.
  22. You should be able to retrieve it by creating an account at My.Malwarebytes.com using the same email address you used when you originally purchased your license, otherwise if that's not possible you may contact Malwarebytes Support directly via the form on the bottom of this page and they should be able to retrieve it for you.
  23. Once the trial expires it will revert to the free version. The features of the free version are manual scans, including context menu scans when you right-click on any file or folder or drive as well as the standard Threat scans and Custom scans as well as unlimited threat detections and removals. What you lose are all of the real-time protection components as well as scheduled updates and scans, however you may continue to use it as a scan/remediation tool for as long as you'd like. I do not know if they will allow you to use your license on both drives or not so I can't speak to that, however someone from Support can answer that I'm sure.
  24. That update has been out for a while now and I haven't heard of any Malwarebytes clients being affected by it so far. That's not to say that it is impossible, however I would have thought we'd have seen more users reporting issues if Malwarebytes was affected by it as many users of the other AVs verified to be affected have been reporting it on their support sites and across the web.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.