Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. Greetings, Please update to the latest version of Malwarebytes either by opening Malwarebytes and navigating to Settings>Application and clicking the Install Application Updates button or by downloading it directly from here. Once installation completes be sure to restart your system even if you aren't prompted to do so as you need to ensure that the new versions of its components are loaded into memory. That should resolve the issue but please let us know if it does not. Thanks
  2. Good, I'm glad to hear it. Just remember that you can always check your history and alerts in the main Malwarebytes UI if you want to see what's been blocked in the past, and you can always turn notifications back on whenever you want to if you need them back, but otherwise Malwarebytes will continue blocking the bad stuff silently for you .
  3. That's understandable. So you didn't encounter anything other than websites that were blocked by Malwarebytes (which aren't included in the heat map as no real-time detections/blocks are). The thing is, you act as though you expect to get infected, but the truth is that when you practice safe surfing habits and have your system up-to-date with patches and use an antivirus (MSE) and Malwarebytes, then the chances of actually becoming infected are extremely slim, which is the entire point of why we claim that it's possible to stay safe out there. Most of the time infections come from unsafe surfing habits, not patching your system and not having good protection software (like Malwarebytes). But to claim that Malwarebytes isn't doing its job or isn't good at its job just because you haven't gotten infected or haven't encountered anything that wasn't blocked by MSE is kind of odd, don't you think? If you really want to test it yourself you can use a system that you don't mind having infected if you have one and load Malwarebytes alone onto it and start doing the things that tend to get systems infected, including not installing patches and disabling Web Protection and then visiting the kinds of sites where threats tend to live and you can then see if the system becomes infected or not and if Malwarebytes blocks any threats/attacks or not. But either way, I think you've put way too much stock into these comparative tests which are very limited in what and how they test just because they pretty much have to be, because they must replicate the same exact infections and attack vectors repeatedly for each product being tested, and modern threats tend to be polymorphic and short-lived, which is why I don't believe that such tests represent real-world situations very well. But like you, I do still believe that Malwarebytes should participate in these tests either way because many users do look at these kinds of tests to make their decisions about what to use.
  4. That's OK. In this case, they are blocking connections to the website mentioned in the pop-ups due to fraud, which means it apparently is participating in some kind of scam or deception. That could mean that the site you're using has been compromised but I don't know for certain which is why I suggested checking with Research to have them verify it.
  5. You can disable notifications, at least while you're browsing that way it doesn't pop up and get in the way. To do this, open Malwarebytes and navigate to Settings>Application and toggle the setting Show Malwarebytes notifications in the Windows system tray to Off. You can review any blocks/detections by opening Malwarebytes and either clicking the little bell shaped icon on the top right next to the My Account button or by going to Reports and then sorting the list by date/time to review the most recent entries.
  6. No, it's tracking data based on legit detections from the scanner. It would be fraud to claim it's one thing when it's something completely unrelated, and frankly, if you believe that Malwarebytes is capable of such a thing then I have to question why you've spent so much time on these forums creating so many posts about the product because when you don't trust a company or have faith in its products you tend to not put in so much effort to interact with them, unless of course there is some other reason that motivates your posting. With regards to third party testing, we've told you multiple times now that they do intend to do so but haven't gotten to it yet. I'm sure that given the recent issues with Ransomware Protection and other problems that you can understand that the Product team has been focused on other things at the moment, but I am certain they will get to that testing once these higher priority issues are taken care of and they have the time to devote to it.
  7. Greetings, To start with, a new version of Malwarebytes has been released, version 3.5.1. Please install it either by opening Malwarebytes and navigating to Settings>Application and clicking Install Application Updates or by downloading and installing it from here. With regards to the web blocks, I'd be quite nervous about seeing web blocks related to fraud when accessing a site where confidential financial information is retrieved. This could mean that their site may be infected, assuming the site you're using is legitimate which means that even with the web blocks, the site itself may not be secure and could have been hacked. If you wouldn't mind, please review the information posted here and here and then create a new thread as instructed by clicking here so that one of our Research team members can take a look and explain what's going on with the site and why it's actually being blocked in detail. I just want to make certain that you aren't risking exposure of private financial info to criminals/hackers by using the site in question and it will also allow our team to inform the site owners of the issue if it has been hacked as they may not be aware of it.
  8. That's a good suggestion, I'll submit it to the team. If you have any further ideas or suggestions please let us know. Thanks
  9. Yep, me too. In fact, I hope they do keep it free for everyone. I've seen how effective it can be, especially with its behavioral blocking of tech support scams, one of the most common threats/scams found online these days and the add-on is really good at detecting/blocking them so I wish everyone had the plugin installed. Of course, I also wish that there was a version for IE and other common browsers, but at least they're working on a version for Edge.
  10. Do I really have to point out, again, that scoring highly (or even perfect 100%) on AV tests isn't anywhere close to the same thing as proof or even evidence of how effective a product is in the real world against real attacks and threats? Once again, I point you to the heat map. Open it up and watch the numbers climb, including for Kaspersky and pretty much every other popular AV in existence. And remember, the results exclude realtime detections from Malwarebytes as well as PUP detections so it's only actual malware detected by scans with Malwarebytes that show up/are counted. I went ahead and left it open for a while, and so far here's what it shows: Same disclaimer as always, these results are not 1:1 because they will depend largely on the number of users of a particular AV product which is why Microsoft is pretty much always number 1 (since it's included free with Windows 8+ and offered by Windows Update by default if no AV is present).
  11. Yep, sounds familiar. I've been dealing with that attitude since long before I was ever employed by Malwarebytes. Back during the days of rogue/fake AVs the likes of Vundo/Virtumonde (what Kaspersky then referred to as "Trojan.Monder") and I explained to them that the reason they were failing to keep it from coming back after removing it was because they were relying strictly on detecting the primary executable Trojan component and ignoring the registry completely, which contained a loading point connected to the file they were detecting which also indicated the name and location of the file they weren't detecting which was a randomly named DLL that would create a new copy of the primary Trojan binary under a new name every time they tried to remove it and that unless they started scanning the registry and targeting these additional items they would continue to fail and why I kept recommending that others who encountered the infection needed to run Malwarebytes which clearly had a handle on the infection since they would reliably detect not only the primary Trojan component, but also link to the related registry loading point and use that to locate the watchdog DLL that kept resurrecting the infection and knock it all out in one shot, thus eliminating the threat for good and giving it no chance to bring itself back. But they didn't listen and were convinced that as long as we kept sending them copies of the files that they could create signatures that would effectively remove the entire infection. Time proved them wrong and now finally Kaspersky (along with many other AVs) scans the registry and removes loading points related to infections. This is a technique Malwarebytes has been using since their beginning and just one of the areas where the AVs have had to play catch-up. Kaspersky is a very good antivirus, but I still believe there are plenty of threats that Malwarebytes is capable of stopping that Kaspersky isn't.
  12. Excellent, I'm glad to hear it If you have any issues or questions in the future please don't hesitate to let us know. Thanks
  13. Static pattern based script detection (as some frequently point out around here, the malware detection engine in Malwarebytes doesn't scan script files or other non-PE files) as well as on-access scanning of objects, which incidentally is one of the primary reasons it's safe to run Malwarebytes alongside an actual antivirus because AVs do on-access scanning and you don't want 2 of those on the same system at the same time because that would lead to serious performance issues and conflicts.
  14. Integrating a software firewall is a far cry from transforming a product into an antivirus. Like I said, this move will enable them to compete with tier 2 products, not base antivirus products. The distinction here is that Malwarebytes still won't be using the kind of engine and methods employed by the AVs.
  15. I think the idea is that it will allow Malwarebytes Premium to finally compete with tier 2 AV products (also known typically as "Internet Security" suites and the like) which typically include some form of software firewall in addition to malware protection. Leveraging a WFP based firewall enables them to extend the functionality already being used for their existing web filtering technology in the Web Protection component using APIs they're already familiar with having worked with them for years. Adding a 2-way firewall to the mix just makes good sense and it will be simple since it isn't a more complex HIPS application like many IS products include (which is why most software firewalls are so complex because they actually do a lot more than just monitor connections/traffic to and from the web and instead try to manage virtually all application interaction and activity). Basically it should be the same as the existing Windows Firewall but with outbound blocking added so that the user receives a prompt to allow or deny internet access to processes on their system which can be very useful if some program that shouldn't be communicating with the web tries to (like a Trojan for example). I've been using a WFP based firewall on my systems for years and I hardly hear a peep from it until I install some new application that tries to dial out to the web and when that happens it's easy to decide to allow it or block it and to have my firewall remember my decision so that I'm never asked about that application again.
  16. Greetings, According to your logs there's a problem with the WMI (Windows Management Instrumentation) service which is required for Malwarebytes and many other programs and system components to function, including System Restore. Please open an administrative command prompt by clicking START and typing services.msc and pressing Enter In the Services window, scroll down the list until you find Windows Management Instrumentation and double-click on it Make certain the Startup type: is set to Automatic, and if it isn't, set it to Automatic via the provided drop-down menu then click Apply and click the Start button to start the service. If that failed or the Windows Management Instrumentation service was not listed, proceed with the following: Tweaking.com Windows Repair All-in-One Download Tweaking.com Windows Repair from here and install it or if you would prefer, you may instead download and extract the portable version from here Once installed or extracted, launch Repair_Windows.exe Click on the Repairs - Main tab Click on the Open Repairs button Once it displays the list of repairs, click the checkbox next to All Repairs so that everything listed is UNCHECKED Now, click the checkbox next to Repair WMI so that it is checked Click on the Start Repairs button at the bottom Once it completes, allow it to restart your system Once that's done, see if Malwarebytes now works properly.
  17. Greetings I'm not certain what the final plan will be for the browser add-ons at this point, however at least as far as I know, it is still possible that the add-ons will continue to be available to everyone once they come out of beta, though they might also be integrated into the Malwarebytes Premium package as well since they do enhance the Web Protection component included with it. I'm sorry I couldn't offer something more definitive, but as I said, the plans for the add-ons haven't been finalized yet to my knowledge and I do know that the possibility of keeping them freely available to everyone is at least being considered so there's still hope that they will continue to be available to you even without a Malwarebytes Premium subscription.
  18. Greetings and welcome, I'm sorry that you're having trouble with Web Protection. Hopefully we can get you fixed up. First off, please gather some logs for us so that the team may troubleshoot the issue in case a bug in the software is at fault. This will also help us to diagnose the cause of the problem: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Second, please make certain you're running the latest version, 3.5.1. If you aren't, then please open Malwarebytes and navigate to Settings>Application and click on the Install Application Updates button and allow it to download and install the latest version or you may download and install it manually from here, making sure to restart your system once the installation is complete (even if you aren't prompted to do so in order to ensure that they new versions of the services and drivers are loaded). If that doesn't resolve the issue then please go ahead and do the following: Right-click on the Malwarebytes tray icon and select Quit Malwarebytes and click Yes to the User Account Control prompt Next, click on START and type cmd in the search box and once you see cmd.exe listed at the top, right-click on it and select Run as administrator. This should open up a command prompt. In the command prompt, enter the following text and press Enter: SC DELETE MBAMWebProtection Once that is done, open Malwarebytes again and Web Protection should work. Also check to make sure that all of the other protection components are turned on as they may have been disabled when you deleted that item, but you should be able to turn all of them back on and they should all be functioning normally after that. Please let us know if it does not resolve the issue or if there are any additional problems.
  19. Nope, I meant WFP. It's the same set of APIs currently in use by Malwarebytes in Vista+ for the Web Protection component and the same technology used by the Windows Firewall in those operating systems and is what MS designed for developers to use for packet filtering applications as well as firewalls (to replace the older NDIS and TDI technologies used in older operating systems like XP). More info can be found here: https://msdn.microsoft.com/en-us/library/windows/desktop/aa363967(v=vs.85).aspx https://en.wikipedia.org/wiki/Windows_Filtering_Platform
  20. While it is true that there are remaining known issues with Ransomware Protection in version 3.5.1, there are actually more issues with that module in previous builds, including 3.4.5 as many of those issues were actually fixed in 3.5.1, just not all of them.
  21. Really? I've been using a WFP based firewall since Vista (I'm using one right now on 7 x64) and I've never had any problems with it. In fact, the vast majority of freeware firewalls available today are based on WFP.
  22. That's exactly right. Malwarebytes has an entire team dedicated to testing (the QA or Quality Assurance team, of which I'm a former member) and they test across every OS they support and in both live systems and VMs, not to mention all of the pre-release alpha and private and public beta testing they do for each release where they provide the software to the users that are willing to test and still not every bug gets discovered before release. Now, with that said, one thing I like about this particular move by Malwarebytes is that the kind of firewall they're integrating is one based on the native Windows Filtering Platform (WFP) APIs which is the same framework that the native Windows Firewall is built on meaning it's a low overhead solution with regards to resources and is likely to have a high rate of compatibility, much higher than many of the third party custom firewall solutions developed by other security vendors. Because of this I expect great things from this new technology once it is integrated and I believe that it should be capable of providing one more great layer of defense without compromising system performance or compatibility.
  23. There's also some info on the Binisoft homepage found here.
  24. I can't say that you're wrong. Malwarebytes 3 has been plagued with issues both major and minor, however I have also observed that with each release it has become more stable, has had more bugs fixed and has made both major and minor improvements to both performance and protection/detection capabilities. That said, the Ransomware Protection component has been a point of frustration for me as well as many other users, so much so that I took it upon myself to convince the Product team to add some known issues for these problems to the release notes for version 3.5.1. As for me, I'm currently running with Ransomware Protection disabled even though the only issues I've seen have been the occasional system hang (very rare) and on a few occasions my system would not shut down without forcing the power down via the power button (again, only rarely), but even though these issues only occur occasionally for me, I'm still keeping it disabled and I'll explain why. I love Malwarebytes. Even before I was hired on as an employee around 8 years ago I loved it. Their novel approach to dealing with threats has proven time and time again that they're onto something that the vast majority of other vendors in the industry are overlooking when it comes to proactive prevention of new and emerging threats (the very reason Malwarebytes came to be in the first place was due to the fact that the prevailing threats of the day were constantly being missed by the majority of other security tools and products). But with the implementation of the Anti-Ransomware component I noticed a divergence in how it handles these threats for the most part. Rather than proactively preventing these threats by stopping them before they get a chance to infect the system, it seems this module relies largely on behavioral detection to observe processes and threads in memory and when a process/thread is observed behaving like ransomware it is shut down before it can do too much damage. This is in contrast to the other protection components which all rely on detecting attacks and threats much earlier in the attack chain before the malicious process ever makes it into memory. I still have confidence in those other components so much so that I feel perfectly safe running my system full time with Ransomware Protection disabled and I don't feel the least bit unprotected without it. It's a nice to have feature as a fallback measure, but I'm far more confident that the Anti-Exploit, Web Protection, Signature-less anomaly detection, heuristics and standard threat signatures in the Malware Protection component will stop any threat, including ransomware, before it gets to the point that the Ransomware Protection component would be needed. So until they get it fixed, I'm keeping it disabled and if you still want to keep Malwarebytes but don't want to be bothered by these issues with this particular component, then I'd advise you consider doing the same. I'm confident that you'll be safer with just that component disabled than without Malwarebytes on your system at all, especially knowing what I know about modern threats and how they function (ransomware is never just ransomware, there are always other, earlier phases in the attack chain, any of which will typically be detected and thwarted by Malwarebytes rendering targeted ransomware detection moot). Beyond that, Malwarebytes is also currently testing a new beta of a browser plugin for Chromium based browsers as well as Firefox that further enhances the Web Protection feature by adding behavior based web blocking for scams and website based attacks as well as its own sets of databases to block phishing, malicious ads as well as many online trackers to protect privacy: Malwarebytes for ChromeMalwarebytes for Firefox Add that to your arsenal, with or without Malwarebytes 3, and I do believe you'll be much safer online, especially given how effective it's proven to be against the imminently popular tech support scams popping up constantly these days (something it deals with behaviorally, not through a static database of domains and servers/IPs unlike Malwarebytes Web Protection). You'll do what you will, but please at least consider my words. I only want to help keep you and everyone else safe online, and I truly believe you're better off with Malwarebytes than without it, even with Ransomware Protection disabled. I'm also quite confident that they will get these issues fixed, and in fact they are already testing a build that is designed to fix it so it should only be a short while before a new build of Malwarebytes 3 is available that corrects these problems.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.