Jump to content

exile360

Experts
  • Content Count

    23,945
  • Joined

  • Last visited

Everything posted by exile360

  1. No worries, installing an older version has no effect on your license whatsoever (I'm a former employee of Malwarebytes, so I know this for a fact).
  2. OK, please do the following: Download and run the Malwarebytes Support Tool Accept the EULA and click Get Started On the next screen, click the Get Help button then click the New Ticket button Fill out the information and select Need help activating a Malwarebytes product from the drop-down menu Click the Submit button when done and then the info and logs from the tool will be submitted as a new ticket for Support and they will respond via the email address you listed in the Support Tool
  3. I'm not too familiar with either of those sites, but I do know that FileHippo.com has it and that it's safe if you're still unsure.
  4. Greetings, Your best bet for dealing with license/activation issues would be to contact Malwarebytes Support directly. You may do so via one of the options on this page. They should be able to assist you in getting your license key working properly again with Malwarebytes 3. If there is anything else we can assist you with please let us know. Thanks
  5. Greetings, While I'm not a threat researcher, it appears to me based on the vendor names/threat names being chosen by those that detected it and the fact that only 3 out of the 67 engines detected it, that it is a false positive, not a real threat, and is only being detected by heuristics which are targeting it because of the packer used by the program's developer to compress his file/application (packers are used by both legitimate developers as well as malware authors, however the reason malware authors will use them is to attempt to escape detection by obfuscating their code to try and prevent extracting/analyzing it by threat researchers through encryption and compression of their files). If you look at the 3 AVs that flagged it, each of them mentions something about the packer used for compressing/compiling the file itself, not necessarily its actual content or purpose (Suspicious.Gen just means that it was a generic heuristic detection made because the structure of the file shared some characteristic(s) with actual known malware; in this case, malware packed using this particular or a similar packer/encryptor). Even the "BehavesLike" detection mentions "Obfus" which is short for "obfuscated" which again is most likely just a reference to the fact that the file is compressed/compiled using an encrypted packer, and obviously it's a packer they've identified being used by some actual ransomware, or at least the packer being used looks like one used by actual ransomware they've found before). If you'd like the Malwarebytes Research team to analyze it to determine whether or not it's a valid threat, you may submit it by following the instructions in this topic and provide the file and requested info in a new topic in that area by clicking here, however I honestly don't believe that the file is actually malicious based on the info in the VirusTotal report you posted so the file is most likely safe, at least in my opinion (though again, I am no expert on the subject so feel free to submit the file if you want to be sure).
  6. Actually it stores a lot more than 10. I just checked mine and it has quite a lot of entries in there (mostly web blocks, of course, which is typical).
  7. Greetings, This topic has been discussed several times in the past, but essentially it can be summed up by the information in this post from the FAQ in this area of the forums. With that said, the last I heard the company does still intend to participate in comparative testing, however they haven't done so yet and no ETA is known at this time as to when it might happen. They've been focused mostly on a few major and minor new features in the product lately along with addressing several bugs over the last several product releases, but hopefully once things settle down they will have the time to devote to participating in some third party comparative tests. In the meantime you can take a look at the information on this page as well as this page to give you an idea of how Malwarebytes 3 stacks up.
  8. Yep, it's still happening. I just had to mark the MB3 support area as read due to a number of threads that were moved to other parts of the forums. I really wish they'd fix this. It's very disruptive to my workflow to have to constantly comb through pages of threads just to make sure I haven't missed any then go back and mark the entire thing as read and hope that in that time no new user has posted as I'll probably miss it if they did since it would instantly be marked as read as well (believe it or not this happens more often than you might think, especially given how I frequently refresh the board to seek out new posts/topics).
  9. Yep, that's definitely not a valid folder/path and I'm guessing some errant installer created it when it was attempting to expand/use the default %USERPROFILE% environmental variable which should've simply redirected it to C:\Users\UserName but due to some issue with the syntax in their code, it instead failed to locate the user folder and created one by that name as a result. I've seen similar issues in the past with bad scripts and installers in both the registry and filesystem so while it's not super common, it can and does happen from time to time when developers don't test/check their code/scripts properly to make certain they're parsing things correctly.
  10. Just FYI, I'm running Windows 7 x64 and I'm using a Chromium based browser (SRWare Iron Portable Edition, latest build) and I have all of the Advanced Settings in Malwarebytes Exploit Protection component enabled (except Memory Patch Hijack Protection for MS Office which won't stay enabled (you have to exit Malwarebytes completely then launch it again to realize it's not being enabled as the checkbox remains checked/enabled in the UI otherwise when you try to enable it even though it's actually not activating; this was due to a compatibility bug found in recent Malwarebytes 3 builds and this was the solution the Developers chose to implement for the time being until the issue is resolved and the setting may be safely enabled again) and I haven't had any problems running Iron. I did however have Exploit Protection block Firefox Portable immediately after installing the latest build of Firefox recently and then launching it, but that only occurred the first time I attempted launching it and the issue hasn't returned since so I'm guessing one of the telemetry or other initial/first launch routines executed by Firefox triggered the detection/block by Malwarebytes. I did have Chrome installed previously but don't have much use for it any more since all plugins and functions that work in Chrome also work in Iron (just without Google's ads and constant monitoring/tracking/telemetry etc.) so I removed it for the time being. I might reinstall Chrome to test this issue and see if I can replicate it, and if so, I'll gather the pertinent data for the Devs and will report it to the team.
  11. I bet this is happening because after your last scan completed, you left Malwarebytes on the scan complete/scan results screen. To change it, you'll need to click Close X in the scan results screen (or deal with any detected items if any threats were found in the previous scan, which it will also display and provide buttons to proceed with the removal process):
  12. I don't know about Windows 10 as I have very limited experience with it, but in XP, Vista and 7 I've always used a large HOSTS file to block malware, ads and other unwanted content and it's always worked just fine, but it does sound as though 10 is different, which is troubling to me as I know for a fact that there is significant value to be had in using these HOSTS files (even when employing other web filters such as the one included in Malwarebytes Premium, plugins/extensions like Adblock Plus, Ghostery, Disconnect etc., all of which I also use, yet my HOSTS file still blocks plenty that they don't even though I only update it maybe once every week or two). I also use the Immunize function in Spybot S&D (which also adds entries to the HOSTS file) as well as Spywareblaster which uses the registry to add sites to the restricted sites zone for IE as well as adding sites to the restricted sites list in Firefox.
  13. Greetings, Malwarebytes 3 doesn't use any browser extensions, however there is currently a web browser extension developed by Malwarebytes designed to block tech support scam sites, phishing sites, malware sites/malvertisements and some ad and tracking servers for privacy. There's a version available for both Firefox and Chrome and they are currently in beta. You can find more info on those here as well as here. What differentiates them from the existing Web Protection component in Malwarebytes is that they don't just rely on databases of known malicious sites and servers, but actually use behavioral characteristics and heuristics to detect and block various categories of malicious sites on the net, including many that are too new to be known by the Malwarebytes Research team so adding the browser extension will enhance your protection. It also enhances the way that the Web Protection in Malwarebytes Premium functions as it works in tandem with it to deliver in-browser info on blocked sites when a block occurs and also seems to speed up browsing when malicious sites are being blocked, at least in my experience. As for malicious plugins/extensions, yes, there are many and there are also many PUP (Potentially Unwanted Program) type extensions such as adware and spyware as well as search redirectors and the like. Malwarebytes should detect and prevent such extensions from being installed and the Threat scan in Malwarebytes checks Chrome's and other web browsers' extensions and plugins to flag and remove any that are known to be malicious or undesirable.
  14. You're welcome, if there's anything else we might assist you with please don't hesitate to let us know. Thanks
  15. You might also check to see if disabling self-protection has any effect on the issue as it's also been known to cause compatibility issues and performance problems under some circumstances.
  16. TCPView by Microsoft Sysinternals might also be useful as might Wireshark. They should both be capable of showing what sites/IPs each process is connecting to on your system.
  17. Greetings, They'll probably leave the automatic USB scanning to the AVs as not to create conflicts and the same goes for emails. That said, if any malware tries to execute from a USB drive or an email, including not only email attachments, but also embedded links and documents, the various layers in Malwarebytes Premium will detect them and stop them before they are able to infect the system. As for Windows Defender, it's left on by default deliberately for the sake of compatibility as not all users wish to use Malwarebytes alone, but you can usually rectify this easily if you do want Malwarebytes running on its own and Windows Defender disabled by changing the setting in Malwarebytes under Settings>Application below Windows Action Center to Always register Malwarebytes in the Windows Action Center. That will register Malwarebytes as your chosen active AV protection and Windows Defender should automatically be turned off by Windows.
  18. If you still see it being detected as "MachineLearning" after updating Malwarebytes please do the following: Right-click on the Malwarebytes tray icon and select Quit Malwarebytes and click Yes if prompted by User Account Control Navigate to C:\ProgramData\Malwarebytes\MBAMService and delete the HubbleCache file Launch Malwarebytes again and it should no longer detect the file
  19. Yes, I'd suggest still saving the license key and deactivating/reactivating the software after the transfer just in case the software sees it as a new installation/system (which is quite possible whenever a major piece of hardware is changed such as your hard drive).
  20. Ah, I'm glad I caught it then. I definitely wouldn't recommend leaving that option enabled all the time as it takes up some serious resources.
  21. Greetings, To transfer your license you will need to first open Malwarebytes on your existing system/drive and click on the My Account button located at the top right of the Malwarebytes program window and if you don't have the license key saved anywhere, go ahead and write it down so you will have it for when you reinstall Malwarebytes on your new drive, then you may deactivate your license either using the Deactivate License button located in the My Account tab or by using the online My Account Web Portal. Further information and instructions on how to use both methods of deactivation can be found in this support article. Once you have your new drive up and running all you'll need to do is download and install the latest version of Malwarebytes from here and then click on the Activate License button located on the top right of the Malwarebytes program window then enter your license key to activate the software. You can find detailed instructions, including images of what it should look like here. If there is anything else we might assist you with please don't hesitate to let us know. Thanks
  22. Did you activate the Collect enhanced event log data for support (not recommended) option under the Event Log Data section in Settings>Application in the Malwarebytes UI by any chance? The reason I ask is because I see a lot of debug entries in your log which I don't believe is normal. If you turned it on for diagnostic purposes that's fine, just be sure you disable it again otherwise your logs will likely get really large really fast as it's not a setting that's meant to be enabled all the time.
  23. You're welcome, I'm glad to be of service Yes, they are always on the lookout for input and feedback (and yes, even criticism) from their customers and users. It's one of the many things I respect about this company. If there's anything else we might assist you with please don't hesitate to let us know. Thanks
  24. Greetings, The email address you describe (first initial last name@) sounds legitimate as that's the format used by Malwarebytes employees so I do believe that this offer is legitimate. It is likely that they are seeking feedback on the mobile product to attempt to enhance/improve it and find out about your user experience with the software. It's a tactic used by Malwarebytes and other companies to compensate users/customers for their time and opinions/input in order to improve their offerings in the future.
  25. OK, thanks. It could be a similar issue as the one reported here. @dcollins would you mind taking a look? If you would provide the following logs it could help with diagnosing the issue: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.