Jump to content

exile360

Experts
  • Content Count

    28,440
  • Joined

  • Last visited

Everything posted by exile360

  1. Just for clarification, if Malwarebytes reverts to the trial (not free mode), then all Premium features, including real-time protection will still be active, at least for the 14 day duration of the trial. Prior to the trial expiring it will notify you that your trial will soon expire and that you'll lose real-time protection. Obviously this doesn't help those where the product has reverted to the free version, but at least for those where it reverts to the trial they will still be protected and will be notified before they lose that protection.
  2. Great, I'm glad I was able to help If there is anything else we might assist you with please let us know. Thanks
  3. Greetings, PUP stands for Potentially Unwanted Program and can be anything from adware to spyware to just software that is more annoying or potentially risky to the health of the system than useful. As for why these detections keep returning, it's quite possible that some other threat on the system is downloading and reinstalling them whenever they have been removed by Malwarebytes. To resolve this issue please try running ADWCleaner and have it scan your system and remove anything it finds, restarting your system if prompted to do so to complete the removal process. Once that is complete, open Malwarebytes and go to Settings>Protection and under the Scan Options section enable the option to scan for rootkits then return to the Dashboard tab and launch a scan by clicking Scan Now. Allow the scan to complete and have Malwarebytes remove anything it finds, again restarting your system if prompted to do so to complete the removal process. Next, if the problem still persists, please follow the instructions in this topic to see if that fixes the issue. If the problem still remains after all that then please read and follow the instructions in this topic and then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and cleaning the system of any remaining threats once and for all. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  4. The Windows Action Center/Security Center will also alert you if Malwarebytes has been registered there, which it will be by default if you aren't using a third party AV on your system. You can also enable the feature manually if you choose to do so under Malwarebytes settings.
  5. Any idea if Exploit Protection in Malwarebytes guards against this vulnerability? I assume it does, but I don't know for certain. I do know that VLC is among the default media players/applications shielded by Exploit Protection in Malwarebytes 3.
  6. Greetings, Yes, it does. Whenever you go to run a scan, as long as ADWCleaner can connect to its update servers it should check for and download any new signatures. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  7. Greetings, Please do the following to see if it corrects the issue (I know you mentioned the clean tool in your first post, but I want to make certain you use the actual Malwarebytes Support Tool as it contains the latest clean removal script for the software): Run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here Next, if the issue still persists, please try setting UAC back to default settings. Malwarebytes, like most modern software, has been designed to be fully compliant and compatible with User Account Control. Instructions on doing so can be found on this page. Restart your system after resetting UAC and see if Malwarebytes now starts up normally. If it does not, then please try temporarily removing Avast AV to see if that makes any difference. The uninstall tool for Avast can be found here. If that last step helped, then please reinstall Avast and test again to see if the problem occurs again, and if it does, then please try configuring exclusions between Malwarebytes and Avast to see if that helps. To exclude Avast in Malwarebytes, add Avast's program folder(s) from C:\Program Files and/or C:\Program Files (x86) as well as Avast's data folder likely located under C:\ProgramData using the Exclude a File or Folder method described in this support article and exclude the files listed in this support article as best you can from Avast's real-time protection. Please let us know how it goes and if the issue still persists. Thanks
  8. ADWCleaner and Malwarebytes target different things; this is why ADWCleaner still exists as it has not yet been integrated into Malwarebytes but someday it may be. Are you still having any issues, or does the system seem to be running normally now? If the system still has any problems or you believe it may still be infected then please read and follow the instructions in this topic and then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and clearing the system of any remaining threats.
  9. Greetings, If you are able, please post a log from the tool that discovered these detections as I am not familiar with it. We can then verify whether Malwarebytes should have detected them or not. It might also be a good idea to run a scan with ADWCleaner to make certain no additional adware items remain on your system. Please let us know how it goes, and again, if possible, please provide a scan log from the other tool that you scanned with that made the detections. Thanks
  10. You guys really gotta stop posting in Klingon; I'm having trouble reading it (just kidding, long live the Empire!)
  11. As mentioned above, anyone who believes they may be infected needs to read and follow the instructions in this topic and then create a new topic in the malware removal area by clicking here and one of our malware removal specialists will assist you in checking and clearing your system of any threats as soon as one is available. Please do not post your logs here; we do NOT work on malware removal in this area of the forums, and each user must be helped separately; no matter how similar a threat/infection/attack may seem, they are almost always very different and will require unique steps to check and clean each system so each person is helped 1-on-1, never in groups. Thank you
  12. By the way, you can learn more about the origins of the Ransomware Protection component in Malwarebytes (as well as Malwarebytes Anti-Ransomware Beta where it all began) in this Malwarebytes Labs blog article.
  13. Just to add to what others have already stated, another major factor is the fact that the vast majority of modern ransomware attacks actually begin with an exploit that attempts to download and launch the actual ransomware binary file/encryptor; most attacks will not make it to this stage thanks to the other layers of defense included in Malwarebytes Premium, particularly Exploit Protection which will stop the attack much earlier as soon as the exploit script tries to execute, well before the actual ransomware file itself has even been downloaded/tries to execute. The same goes for the other protection modules in Malwarebytes, including Malware Protection (which uses both traditional threat signatures as well as more advanced heuristics signatures and algorithms; relying much more on the latter than the former which makes it far more effective than most traditional protection solutions), as well as Web Protection and the new anomalous threat detection engine included in the latest versions of Malwarebytes 3 which relies on anomaly detection through Machine Learning/AI as well as leveraging constantly updated and evolving cloud databases and new threat info. Ransomware Protection is purely behavior based, and as mentioned above, monitors for ransomware behavior, including the attempted encryption of files on disk (though like most such solutions, one of the mechanisms it uses are early warning 'test' files that it creates which are likely to be the first to be targeted by the vast majority of ransomware, thus triggering detection before any of your own personal files are likely to be encrypted), as well as other behaviors, many of which occur prior to the encryption of files, however even then, because it is behavior based, this means the ransomware would need to first infiltrate the system and execute into memory for the Ransomware Protection component to detect it which makes it far more reactionary than the other protection components. This is because, thanks to the other layers in Malwarebytes, it is only there as more of a fallback protection measure as most infections/attacks will never get far enough to be detected by it. You can learn more about how the various components of Malwarebytes work to thwart attacks throughout the various phases of the attack chain/kill chain by reviewing the chart and information found on this page. Basically, if ZA's ransomware protection works differently from the Ransomware Protection component in Malwarebytes, then you don't need to turn off either of them because they won't conflict as they are operating during different phases of a potential attack, and if they work the same way then it likely doesn't matter which you keep enabled and which you disable, as long as ZA's is as comprehensive as the Ransomware Protection provided by Malwarebytes (as I mentioned, the Ransomware Protection in Malwarebytes uses many methods to detect a ransomware attack, not just the detection of the encryption of files; it is based on one of the first developed, most effective standalone anti-ransomware protection tools that was created and first popularized during the initial rise of ransomware threats so it isn't just some side project developed by Malwarebytes' own Developers in-house as a response to ransomware when it emerged; Malwarebytes went out and found the best at dealing with ransomware on the cutting edge of the field, purchased their company, hired their Developers and Researchers and brought their code in to be integrated into Malwarebytes Premium; I suspect the same cannot be said for the ransomware module in ZA, though I could be wrong).
  14. Greetings, It sounds to me like it may be an issue with modified compatibility settings. You should be able to correct this by right-clicking on the Malwarebytes icon that you use for opening Malwarebytes (I'm guessing the desktop shortcut or START menu shortcut) and selecting Properties and clicking on the Compatibility tab and unchecking any checkboxes that are checked there then clicking Apply then click the Show settings for all users button and repeat the process (uncheck any of the boxes that are checked) then click Apply, then click OK. If that doesn't resolve it, then try navigating to C:\Program Files\Malwarebytes\Anti-Malware and locating the file mbam.exe and doing the same (right-click on it, select Properties, go to the Compatibility tab and uncheck any boxes that are checked then click Apply then click Show settings for all users and do the same, then click OK). If the issue still persists then please provide the ZIP file requested above (instructions on how to do so can also be found below): Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Please let us know how it goes and if necessary, please provide the requested ZIP file. Thanks
  15. By the way, you might also try using Task Manager; just press Ctrl+Shift+Esc on your keyboard to open Task Manager then click Show processes from all users then go to the Processes tab and sort the list by name, then find explorer.exe in the list and terminate it, then in Task Manager click File>New Task (Run...) then check the box next to Create this task with administrative privileges. then click Browse... and go to where the folder is located and right-click on the folder and select Copy then browse to your desktop and right-click and select Paste (all through the browse dialog in Task Manager; you obviously won't be able to use explorer since it won't be running at this point), and once that's done or if it fails, go ahead and launch explorer again by first closing the browse dialog box in Task Manager, then once again clicking File>New Task (Run...) and this time do NOT check the box to launch the process with administrative privileges and type explorer and press Enter to launch explorer.exe again.
  16. Did you try copying the folder in Safe Mode yet? If not, it's worth a try. If that still fails, booting from a live Linux disc will probably do the trick; just boot to a live Linux CD or bootable USB and copy the folder from its current location to your desktop on your C:\ drive.
  17. Greetings, That's an extremely old build of Malwarebytes. I would strongly advise upgrading to the latest version. You shouldn't need to deactivate 1.70.0 to do so; simply uninstall version 1.70.0 after making a note of your ID and Key and then download and install the latest version of Malwarebytes from here and then activate it using your ID and Key. You will find detailed instructions on how to do so in this support article. Once that is done, if you haven't done so already, I would suggest creating an account at My.Malwarebytes.com by following the instructions in this support article using, if possible, the same email address you used when you originally purchased your license (assuming you still have access to that email address); if not, then use your current email address and then try adding your key to your account using the instructions in this support article. If you have any trouble then simply contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you. They can get your license key added to your account so that you will be able to manage it from there going forward, including deactivating it to move it to another device if you ever need to do so. I hope this helps and if there is anything else we might assist you with please let us know. Thanks
  18. Greetings, Please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you with this issue. They can get all of your license keys associated with your account so that you will be able to manage them in the future.
  19. Have you tried just copying/pasting the folder rather than trying to move it? Does that work or does it still give you an error?
  20. Yep, agreed, as long as your temps are under control then you should be just fine, and once your order for Kryonaut comes in and you re-paste your CPU and GPU I'm certain your temps will improve even more so you should be just fine without needing to delid the CPU.
  21. Greetings, I believe you're referring to the instructions in this post, however if that did not work then it is possible that there is some other PUP or malware component not being detected on the system that is bringing it back/reinstalling it in your browser. If that is the case then please read and follow the instructions in this topic and then create a new topic in the malware removal area by clicking here and one of our malware removal specialists will assist you as soon as one is available. I hope this helps and please let us know if there is anything else we might assist you with. Thanks
  22. Yes, there is a known issue with the UI code that Malwarebytes uses (based on QT) that has a bug where if you use the slider rather than a single click the setting will not actually be changed. I assume that the only fix will have to come from the team behind QT as Malwarebytes does not have control over their code; it's a third party tool used for implementing the UI in Malwarebytes 3.
  23. Greetings, To exclude the item run a scan with Malwarebytes by opening Malwarebytes and clicking the Scan Now button. Allow the scan to complete and then click on the empty checkbox at the top of the list of detections on the left so that all checkboxes for all detected items are unchecked then click Next. When prompted on what to do with the remaining detected items select the option to always ignore and they will be added to your exclusions so that they will no longer be detected. With regards to what Malwarebytes detects as PUP and why, please refer to the information in the following links: https://www.malwarebytes.com/pup/ https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/ https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/ https://blog.malwarebytes.com/cybercrime/2015/06/driver-updaters-digital-snake-oil-part-2/ https://blog.malwarebytes.com/cybercrime/2015/07/pup-makers-digital-snake-oil-part-3/ https://blog.malwarebytes.com/threats/registry-cleaner/ https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/ https://blog.malwarebytes.com/malwarebytes-news/2017/11/winning-the-battle-against-pups-on-your-computer-and-in-u-s-district-court/ https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/ https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/ Regarding legal precedent, please refer to the following articles which cite two cases involving Malwarebytes and vendors blocked as PUP: https://blog.ericgoldman.org/archives/2017/11/section-230c2-protects-anti-malware-vendor-enigma-v-malwarebytes.htm https://blog.ericgoldman.org/archives/2018/09/section-230-helps-malware-vendor-avoid-liability-for-blocking-decision-pc-drivers-v-malwarebytes.htm The following links should also prove informative as to why many items are classified as PUP by Malwarebytes: https://decentsecurity.com/#/registry-cleaners/ https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html https://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2853053 https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/ https://lifehacker.com/5482701/whats-the-registry-should-i-clean-it-and-whats-the-point https://lifehacker.com/5033518/debunking-common-windows-performance-tweaking-myths https://www.howtogeek.com/198758/never-download-a-driver-updating-utility-theyre-worse-than-useless/ http://www.howtogeek.com/98465/htg-explains-when-do-you-need-to-update-your-drivers/ https://www.howtogeek.com/233115/the-only-way-to-safely-update-your-hardware-drivers-on-windows/ http://www.tomshardware.com/answers/id-1857635/good-free-automatic-driver-updater.html http://www.tomshardware.com/answers/id-1974868/trusted-driver-updater.html https://www.howtogeek.com/172839/10-types-of-system-tools-and-optimization-programs-you-dont-need-on-windows/ https://computer.howstuffworks.com/question1751.htm https://lifehacker.com/5415355/do-you-really-need-more-than-4gb-of-ram https://www.tomshardware.com/reviews/memory-module-upgrade,2264.html https://www.howtogeek.com/128130/htg-explains-why-its-good-that-your-computers-ram-is-full/ https://techlogon.com/2011/03/28/will-more-ram-memory-make-my-computer-faster/ I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  24. OK, I would suggest clicking on the Change option in blue at the top with the security shield next to it then click on your user name for the current computer, assuming that's one of the user accounts listed there, and clicking the Enable inheritance button then clicking the checkbox next to the option just below that button then clicking Apply then OK, and if that doesn't work or your current user name is not listed then access that page again and click Add and add your user account and make it the owner of the folder with full control. If that still doesn't work then I'm not sure what to do.
  25. What does it show in the properties for the folder in the Security tab, and if you click Advanced what does it show under Permission Entries: in the list there?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.