Jump to content

exile360

Experts
  • Content Count

    24,998
  • Joined

  • Last visited

Everything posted by exile360

  1. Yes, that's correct, or at the very least the successful execution of an exploit, which is also something that Malwarebytes does very well at protecting against (in fact, the Exploit Protection in Malwarebytes 3 is pretty much its most proactive feature, as it doesn't rely on any signatures/databases and operates strictly on application behavior to guard against illegal operations and malicious scripting). Web blocks are quite common, especially since many sites may share the same IP address, and since Malwarebytes blocks connections both ways (incoming and outgoing), it prevents your system from connecting to any site in its block list so you don't have to worry about anything malicious that might be hosted on those sites getting onto your system as long as Web Protection is active. Also, if it were a case of browser hijacking such as with a malicious browser extension or plugin, you'd see web blocks pretty much every time you use your browser and it would typically be the same address(es) being blocked all the time. You'd definitely know if that was the case because it would be way more than 3 alerts and wouldn't happen just the one time. In fact, that's one way that Web Protection functions as a great indicator of malware or PUPs slipping through. If you start seeing a lot of frequent web blocks to the same IPs/domains, then it's a good indication that something may have gotten onto your system and if that ever does happen, you can return here to the forums and our malware removal specialists will help you to check your PC and get it cleaned up if anything did get through (not likely, but of course it is always a possibility no matter how much protection you use and how good it is). The only exceptions would be if you frequently run any Peer-to-Peer applications such as a Bittorrent client that connect to many remote servers, as such apps tend to connect to some IP addresses which may be on malware friendly hosting providers which Malwarebytes blocks due to the high frequency of malicious content being hosted on their networks, but in that case you'd see the process indicated in the web block notifications from Malwarebytes so you'd know that was the culprit.
  2. Greetings, While both ADWCleaner and Malwarebytes both target PUPs (Potentially Unwanted Programs) as well as some of the same PUMs (Potentially Unwanted Modifications) (i.e. changes to system settings which are possibly made by malware), each program does still detect some things that the other does not. While the last I heard they do still plan to eventually integrate all of the detections/signatures used by ADWCleaner into Malwarebytes, that has not happened yet so ADWCleaner does still detect some items that Malwarebytes does not, though not nearly as many as it once did as Malwarebytes has adopted a more aggressive policy with regards to classifying and detecting items as PUP in recent years, so if you download unknown software/installers etc. frequently which may contain PUPs then it is still a good idea to scan with ADWCleaner occasionally to make sure you didn't accidentally install any PUPs that Malwarebytes may have missed. Please let us know if you have any additional questions or issues and we'll do our best to answer them and assist you. Thanks
  3. Please try disabling the individual protection components of Malwarebytes one at a time to see if any one component is causing the issue. You may do this by right-clicking on the Malwarebytes tray icon and clicking on the name of the protection component then clicking Yes to the User Account Control prompt. After disabling each one, try launching the program again to see if it now works and it doesn't, re-enable the component and then try disabling the next one and let us know if disabling any one component fixed the issue. If that does not resolve it, then try disabling self-protection which can be found in the main Malwarebytes window under Settings>Protection in the Startup Options section near the bottom of the tab and is called Enable self-protection module. Please let us know if you tested this and if disabling any individual component worked to allow the program to run as that should give the team a good place to start looking to find the root cause of the problem. Thanks
  4. Yep, I've seen similar behavior with Google image search results; it usually occurs when I click on an image to expand the info. I guess when displaying the larger thumbnail, it's actually a live image from the site hosting the image, not the cached copy stored on Google's servers, so that's most likely the reason for the block. Yes, it's typical for 3 log entries to be created for each web block and it's been this way pretty much since the beginning when Web Protection was first implemented in Malwarebytes Anti-Malware 1.x so that's expected behavior since the count goes based on the entries in the protection logs. It's not so much a bug as just the way that the system works, and likely has something to do with how Windows automatically attempts to reconnect to a failed connection more than anything else, so when Malwarebytes blocks something, Windows probably retries it a couple of times to attempt to resolve the address/connection. If that's true, then technically speaking, Malwarebytes is actually blocking 3 connection attempts to the website/server, so it is technically accurate even if you only attempted to browse to the page/load content from the page just once. The Developers may be able to clarify further, but based on my somewhat limited knowledge of the network stack and the inner workings of Malwarebytes and Windows, I'm pretty sure this is what's going on and why it shows up this way.
  5. You're welcome If there's anything else we can do for you please let us know. Thanks
  6. Excellent, I'm glad to hear it. If there's anything else we can help with please let us know. Thanks
  7. Greetings, Based on your description of events it sounds like what happened was that an image from the site in question attempted to load among the results so it was blocked by Malwarebytes via the Web Protection component. You shouldn't need to take any further action and nothing was able to actually reach your system from the blocked site that might be harmful so you should be just fine. If there is anything else we might assist you with please let us know. Thanks
  8. You can easily disable the premium trial in just a few clicks as shown in this support article. While my personal preference would be to continue to offer an option to opt-out of the trial during installation, I do understand why this option was removed; the simple fact of the matter is that the vast majority of users do not pay attention to the text and checkboxes/controls presented to them during installations of software so they will generally just click through the installation wizard to complete the installation process, meaning whatever the default is, that's what they're likely to go with (and Malwarebytes has likely collected telemetry data on user-selected options during install that support this hypothesis which may well be why the option was removed in the first place, though that is just speculation on my part).
  9. Ah, that makes sense. If it had something like its configuration files stored on the disk that wasn't restored while other copies were in memory while it was running and there's a clash between what the config files say and info in the registry and/or on disk on the local disk that was restored that could well have caused such corruption. Hopefully the reinstall resolves it, but definitely keep us posted. Thanks
  10. Greetings, You may try the instructions in this topic to run a special build of Malwarebytes Anti-Rootkit which may help with this. If that doesn't work or some of the issues persist, please try running ADWCleaner to see if it is able to eliminate the issues. If the system still remains infected then please read and follow the instructions found in this topic and then create a new thread in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking and cleaning the system of any remaining threats as soon as one becomes available. If there is anything else we might assist you with please let us know. Thanks
  11. That is odd. It sounds like perhaps either something else on your system is interacting with ObjectDock to cause this, or else perhaps there is some kind of corruption going on with some aspect of ObjectDock itself. I suppose the first thing to try would be to reinstall ObjectDock and then restarting your system to see if that alleviates the issue. Please give that a try first, and if unsuccessful, see if perhaps there is a new version of ObjectDock available and try installing that instead of your existing version to see if that fixes the problem. If the problem still persists then maybe running chkdsk /r from an administrative command prompt would help. To do so, click on START and type in cmd and then when you see cmd.exe listed at or near the top of the START menu, right-click on it and select Run as administrator and then click Yes if prompted by User Account Control. In the command prompt window that opens type the following and then press Enter and allow it to complete, allowing it to restart your system if prompted to do so to complete the repair process: chkdsk /r More information on using chkdsk can be found here.
  12. That's great news, if there is anything else we can assist you with please let us know and we'll do our best to help. Thanks
  13. Greetings, I just tested on my own system and I was able to successfully capture a full webpage (this post, actually) via the auto-scroll capture feature in FastStone Capture 9.0.0.0 (latest available on their site) using the portable build with Web Protection active. I'm on Windows 7 x64 SP1, fully patched. It may help if you provide additional information about your environment, so please do the following: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Additionally, please let us know what version of FastStone Capture you're using (i.e. paid or free trial) and whether it is the normal installed version or the portable build. Thanks
  14. I read the page you linked, and as far as I can tell they are in compliance with California law (the most strict and all-encompassing of the states mentioned as far as I could tell). Here's an image of the purchase page for 2checkout/Avangate (the Cleverbridge purchase page should be quite similar if not virtually identical with the exception of the company-specific info of course): I circled all of the relevant info in red which I believe relates to the requirements stated in the article you linked. Company contact info for refunds, their policies, support etc. as well as a clear statement regarding the auto-renewal enrollment as well as an additional info tooltip icon which, when you hover your mouse over it, provides additional explanation/information and instructions on disabling it (you should be able to disable it via the My Account feature just as you can change your payment info) though someone from the staff may have to verify as I've not used the My Account feature myself and I've only got a lifetime license so I can't check how it handles subscriptions/auto-renewals etc. and I've just been going off of the info provided in the support article I linked to in my reply above.
  15. The main issue is due to the fact that Malwarebytes doesn't handle any of the actual transactions or charges themselves; like most AV/AM vendors, they use third party e-commerce providers to handle the purchase and billing for their products. This is why Malwarebytes cannot currently provide a simple way to disable/enable auto-renewal in the subscription/license management interface or on the Malwarebytes site itself, because the billing/charges for auto-renewals will be handled by the e-commerce partner who handled the original purchase and who handles the billing each year for renewals. It's not deliberately convoluted (though I would like to see an opt-out option on the initial purchase page, as I'm sure that's possible and would alleviate a lot of these issues/situations), it's just that Malwarebytes doesn't have their own billing/ecommerce department, again, like most other AV/AM vendors (this is why when purchasing an AV/AM product you're usually billed by someone like Cleverbridge, Digital River etc.). The reason for this is most likely because it wouldn't make sense for an organization like Malwarebytes to try and reinvent the wheel by developing their own e-commerce platform to handle their license/subscription sales, especially since such third party organizations already exist which specialize in this very thing and already comply with all of the legal standards and requirements for privacy, security and payment data handling. Attempting to do so on their own would be unwieldy, expensive and unprofitable, not to mention risky since, having no first-hand experience and specialization in this area, they would not be privy to the pitfalls already overcome by these established e-commerce providers/platforms whose primary focus is in this area. It's the same reason, for example, that Malwarebytes uses third party CDN (Content Deliver Network) providers for handling their database and program version updates rather than attempting to build and maintain that infrastructure themselves. Malwarebytes is focused on stopping malware, so they leave these unrelated but essential functions to third parties who do specialize in these areas and functions. At least that's my take on it.
  16. Understood. We'll have to wait for someone from the staff to respond then, hopefully soon.
  17. I don't know about all of them specifically, however I do believe that the following items constitute the majority, if not all of it: Database updates/signatures for the Malware Protection component and scan engine Database updates for Web Protection (I don't know if these are hosted separately or not, but they may be Program version updates and software component updates (these may use separate servers/systems from one another; I'm not certain) Cloud based object analysis and file database updates (hashes for known files, FP database whitelists etc.) Licensing key validation/checkin for anti-piracy as well as key conversion for old format ID/Key licenses to the new single string license key format Subscription validation/checkin for accurate display/notifications of the current subscription and number of days remaining Free trial validation/checkin for the same purpose (this may use the same servers/system as subscription validations/checkins; I'm not certain) Telemetry/statistics for threat detections, web blocks and exploits (some or all of these items and other classifications of detections may use separate servers/systems; I'm not certain and only Research and/or someone from the staff would know for certain and I don't know how much detail they would be authorized to provide) Telemetry for customer experience data/usage statistics (if opted in to data collection for this purpose) Built in web links found in various places within the main UI such as the Settings>About tab, the various help links (the ? icons throughout the UI as well as the More Information link found in the Reports tab and the support.malwarebytes.com link found in the built in Quick Tour function); I believe these are dynamically updated from the web so that Malwarebytes doesn't have to publish a new build/new EXEs every time a server/domain/URL/address changes so that the UI may be kept in sync (I know for a fact this was the case with such embedded links/URLs in MBAM 1.75 as well as 2.x; I expect this remains true for 3.x) That list may not be comprehensive, but I do believe it at least covers most of it. As to which server/address is for which function(s) I do not know, however I am pretty sure that the cdn. address is used for at least some of the database updates. I hope that helps to clarify things. I'll have to leave it to the staff to provide any further information as only they would have detailed knowledge on the specifics/technical info.
  18. Greetings and welcome, Please refer to the information in this support article for details on how to go about opting out of auto-renewal for your subscription. It includes contact info for both current ecommerce partners of Malwarebytes who handle license sales as well as billing and auto-renewals and if you still have trouble or are unable to determine which ecommerce partner handled your original purchase then you may contact Malwarebytes Support directly via the options found on this page and they will assist you further in looking up the information and getting you everything you need to opt out of auto-renewal for your subscription. If there is anything else we might assist you with please let us know. Thanks
  19. Greetings, If it is hung up you may need to terminate it by launching Task Manager by pressing CTRL+SHIFT+ESC on your keyboard and going to the Processes tab and clicking on Show processes from all users, then sorting the list by name by clicking on the Image Name column header then locating MBAMService.exe and right-clicking on it and selecting End Process then clicking End Process in the confirmation dialog that is displayed and that should stop the program from scanning. Once that's done, make certain you have the latest version of Malwarebytes, version 3.6.1, and if not, then download and install it from here and then reboot and try scanning again. If it still hangs, then terminate the scan once more and try booting into Safe Mode with Networking to see if it is able to complete the scan there. Instructions on booting into Safe Mode for various Windows versions are listed below in the following links: Windows 10 and Windows 8 Windows 7 Please let us know if you're using an older version of Windows such as XP or Vista and we will provide instructions for those operating systems. If that did not resolve the issue, then please try performing a clean installation as instructed below: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here If it still fails then you might try running the special build of Malwarebytes Anti-Rootkit found in this topic, having it scan your system for threats and having it remove anything it finds, then restarting your system to complete the removal process. If the issue still persists you may try running ADWCleaner and doing the same, having it remove anything it detects and restarting to complete the removal process. If the issue still persists or the other tools would not run, even in Safe Mode, or the issue with Malwarebytes continues in normal mode then please do the following so that we can take a look at what might be going on with your installation: Run the Malwarebytes Support Tool again Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Please let us know how it goes and provide the requested ZIP file if the problem continues. Thanks
  20. Greetings, A new version of Malwarebytes has been released, version 3.6.1. I would suggest installing it to see if it fixes the issue. To do so, either open Malwarebytes and navigate to Settings>Application and click the Install Application Updates button, or download and install the new version directly from here and then reboot and check to see if the issue returns or not. Please let us know how it goes and if you have any other questions or issues. Thanks
  21. Just keep an eye on things and if you observe any suspicious activity, assuming Malwarebytes doesn't detect anything, you may return here and we'll help you get your system cleaned up, but I'm guessing you probably got an installer that wasn't bundled with any of the PUPs that are often found in some places on the web.
  22. Excellent, I'm glad to hear it If you need help with anything else just let us know. Thanks
  23. Thanks for the info. Hopefully you won't face any more problems, but please let us know if you do. Thanks
  24. Greetings and welcome Support should respond soon, however I don't know what their coverage is like on the weekends so it might not be until Monday. With that said, you could also try registering at my.malwarebytes.com to manage your license from there to hopefully be able to deactivate/reset it from there so that you may activate it on your new installation. More information about managing your licenses may be found here. If you are unsuccessful then you will have to wait for someone from the Support team to assist you as they are the only ones with direct access to the licensing system. If there is anything else we might assist you with please let us know. Thanks
  25. Greetings, Those do appear to be false positives and are likely caused by using an older version of ADWCleaner while also using the Immunize function in Spybot Search & Destroy or the protection feature in Spywareblaster. These should be fixed in the latest version of ADWCleaner which you can download from here. Please download and scan with that version and let us know if you still see these detections or not. Thanks
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.