exile360

If you can open Notepad and paste the link there, then attach the text file with the URL in it to your reply we can get the link for Research to take a look at without the URL being clickable.

It is a Beta because it is still in testing and has not been released for the general public yet. Both the Free and Premium versions/modes need to be tested so it is offered the same exact way as the release version, meaning it must include both the Free mode for free users and Premium mode for paid users.

Greetings, The free version is essentially just an on-demand scanner, so when you aren't running a scan it isn't really doing anything except just sitting there quietly in the background. If you don't want to keep it running in the background when not in use you can simply right-click the Malwarebytes tray icon and select Quit Malwarebytes and click Yes when prompted by User Account Control. The Premium version includes scheduled scanning, automatic updates, and of course real-time protection to block/prevent threats via the 4 built in protection modules (Malware Protection, Web Protection (for blocking malicious websites and servers), Exploit Protection, and Ransomware Protection. I hope that helps to clarify things and if there is anything else we might assist you with please let us know. Thanks

Greetings, The beta is for the same license/version that you are already entitled to, so if you are a Malwarebytes Free user then it will install the Free version of the Beta, and if you are a Malwarebytes Premium user with an active subscription/valid license key then it will activate the Premium protection features in the Beta. I hope that helps to explain things, and if there is anything else we can help you with please let us know. Thanks

Greetings, Are you using Windows Vista or Windows 7, and if so, is the Microsoft product you are referring to Microsoft Security Essentials? If the answer to either of those question is no, then I suspect you may have inadvertently come across a PUP (Potentially Unwanted Program) imitating Microsoft software which would explain the detection from Malwarebytes. If you would, please post the report showing the detection from Malwarebytes. You should be able to find it by clicking on the Detection History area and selecting the History tab then locating the relevant report and using the Export function to export it to a text file to attach here or to copy/paste it into your next reply. You may also post the source of the Microsoft Protection program you tried to install, though please do so by either placing it within code tags using the forum editor to prevent it from being clickable or by writing it into a text file and attaching the text file to your post (I don't want anyone visiting the site if it is potentially unsafe, assuming it isn't from Microsoft.com directly).

Greetings, Thanks for the suggestion, and while there may be no specific setting to disable it, you should be able to exclude the HOSTS file using the method described here. I hope this helps, and please let us know if there is anything else we might be of assistance with. In the meantime I will report your feedback to the Product team for consideration as a possible addition to a future release. Thanks

Thanks, hopefully you won't suffer another crash, but please let us know how it goes. I also saw an item for Malwarebytes among the items awaiting a reboot so that may be part of the issue as well, and if so, the reboot should resolve it assuming it is able to install correctly on reboot. I also noticed that you have Windows Media Player excluded from Malwarebytes for both Malware Protection and Ransomware Protection, is there any particular reason you created these exclusions? I just want to make sure we aren't skipping over any other issues that might be relevant: Exclusion Info: ================================== Malware Exclusions: C:\Program Files (x86)\Windows Media Player [folder] C:\Program Files (x86)\Windows Media Player\wmplayer.exe [file] E:\Program Files\Windows Media Player [folder] I:\Program Files\Windows Media Player [folder] I:\Program Files (x86)\Windows Media Player [folder] Ransomware Exclusions: C:\Program Files (x86)\Windows Media Player [folder] C:\Program Files (x86)\Windows Media Player\wmplayer.exe [file] E:\Program Files\Windows Media Player [folder] I:\Program Files\Windows Media Player [folder] I:\Program Files (x86)\Windows Media Player

It is possible that for whatever reason, be it the number of processes running in the background, the number of drivers, or something else, that Malwarebytes has the tendency of loading a large amount of RAM on your system. On my own 7 x64 system it generally seems to use anywhere from 100,000K~500,000K, sometimes a bit more, sometimes a bit less but generally not too far outside of that, however I have seen it use different amounts on other systems so I know that the specific environment it is running in and the other active processes, drivers and services can have an impact on it.

OK, try disabling each of the other protections one by one and see if things improve substantially after disabling any particular one and let us know how it goes. Thanks

I'm referring to disc data/usage, not RAM usage. The disk activities of the Nero background processes might be resulting in the high RAM/CPU usage from Malwarebytes if their activity is triggering a lot of analysis from the Ransomware Protection component in Malwarebytes. You can try excluding Nero's program folder using the method described under the Allow a file or folder section of Add to the Allow List in Malwarebytes for Windows v4 or temporarily disable the Ransomware Protection component in Malwarebytes to try and determine if this is the cause. If it doesn't help then you should try disabling each component of protection in Malwarebytes one at a time to see if disabling any of those brings to RAM usage down to a more reasonable level. You should also check your scheduled scans in Malwarebytes to make sure that it isn't some hung up scan causing the issue as that is another possibility, especially if there are permissions issues with the system preventing Malwarebytes from completing a scan.

If the ZIP file exists it should be called mbst-grab-results.zip.

Skimming the two logs you provided so far, the only thing I see that I suspect might be causing the high usage would be Nero. It has some pretty aggressive background indexing stuff for media files that could be causing high usage in the Ransomware Protection component of Malwarebytes. If you don't use the 'Nero Home'/media center type application that Nero installs you can try removing that and see if it makes any difference (it won't affect your ability to edit/record discs with Nero).

There's a lot of them. It collects most of the data and logs generated by Malwarebytes itself along with a custom log it generates called mbst-check-results.txt along with several Windows system logs and logs generated by multiple Windows system tools. It is possible that they were generated somewhere temporarily prior to the ZIP folder creation step so you might be able to track them down, however that still leaves a lot of logs and data out that would normally be within the ZIP file.

Thanks, that's not all of them though, those are just the logs generated by FRST, one of the tools run by the Support Tool. If you would, please try running the tool from Safe Mode with Networking and hopefully it will be able to generate a full set of logs. Thanks

Odd, perhaps they are in a temp directory somewhere? I believe that's where Microsoft reroutes files in Windows when permissions prevent writing to some of the system default locations. It might be in your AppData folder somewhere for your user account or perhaps somewhere under the 'Public' profile's data/folders. That said, if you haven't tried Safe Mode with Networking yet, that might help as you have the ability to log in there as a full powered admin with no User Account Control since UAC is not active in Safe Mode.

If you aren't able to locate it please try restarting your system and seeing if the tool will run and create the logs, and if it still fails then please try running it from Safe Mode with Networking and hopefully it will work properly from there. Please let us know how it goes, and if you are able, please provide the ZIP folder from the tool. Thanks

If the tool ran to completion there should be a ZIP file on the desktop. If there isn't then it is possible the tool failed to complete for some reason. If you have a third party antivirus installed it may have blocked the tool from running properly.

Greetings, Malwarebytes can use a large amount of RAM sometimes, particularly during scans, however that does seem like it might be a bit high if no scan is running (you should also ensure that a scheduled scan isn't running in the background as that could also be the source of the issue). If everything checks out and no scans are running when this occurs, please do the following so that we may take a closer look at your system and configuration to try and determine the cause: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks

For anyone concerned about their privacy, the modern trends of IoT devices can be a virtual minefield, between employees listening on conversations through smart devices, to surveillance cameras and even baby monitors that fail to provide even basic security to prevent anyone with an internet connection from hacking in and turning your own security devices against you, these technological advancements can be a hard sell. Unfortunately there's more bad news on that front for IoT doorbells made by the popular company Ring. EFF (Electronic Frontier Foundation), a privacy advocacy group, have investigated and discovered that Ring have embedded numerous trackers into their app which is used for operating the devices so that you are not necessarily the only one using the tool to keep tabs one your home. You can learn more about this issue in this article. Ring has a rather spotted history when it comes to privacy issues, with prior concerns about some of their past partnerships and dealings getting them into hot water with privacy advocates over what they were sharing with law enforcement as discussed here. Stay safe out there, and I personally recommend exercising caution with regards to the devices you let into your home and into your life in general. Technology is a great thing, and the conveniences and capabilities it offers can be very persuasive, however one must weigh the true cost of some of those capabilities when deciding what is best for their overall well being, especially if privacy is a high priority.

I don't know how things work on the backend, however we do have folks who deal with spoofed sites and fraud every day, and many of them are near constant users of these forums (for FP reporting and the like) and not one of them has ever mentioned anything I can recall about their being any kind of security issue or potential compromise of the forums or the content here. You have to remember that Malwarebytes employs folks like Steven Burn who is well known for running hpHosts for ages which specialize in tracking threats on the web and malicious websites and servers, so if there were a problem with the code behind these forums you can be certain they would have voiced it to the executives in a heartbeat and we would likely no longer be using IPS, however no such event has occurred so this too gives me high confidence in the forums here. On top of this, many of us use tools to disguise our IPs, so even the likes of Google would not be able to determine when it might be one of us viewing a post or visiting a page here on the forums to 'obscure' it from our prying eyes. If you don't trust your content to be safe from being edited by others, simply take screenshots of the lot and keep them secure on your own system, and you can even keep extra backups somewhere such as an external drive (a good idea for any data that is important to you in case your system ever has any problems so you don't risk losing anything significant, and something that I try to do on a regular basis as well).

All I know is that I have been a regular visitor to these forums since at least as far back as 2008 (and for a long time prior I was a near constant lurker, reading and learning by observing) and I have never seen or heard of anything that has ever made me suspect that there is anything nefarious going on with these forums. I also worked as a mid to high level employee of Malwarebytes for years. I was their first QA back when the entire enterprise was literally just a hand full of people with a single product, and I became their first Product Manager and was in charge of their entire line of products at the time. I then spent years as PM for their flagship product along with several other smaller projects and later took on a role my boss at the time and I came up with to help keep Malwarebytes close to the community and to help ensure that the company listens to its users and customers (all things that were enabled by this very forum; a near constant throughout my entire tenure with the company as it was also the primary place I would go for new ideas and feedback about Malwarebytes products and it was the first place I would look when trying to replicate issues as QA and I was even hired on as an employee specifically because of my participation as a user here on the forums). If there were anything shady or screwed up going on I assure you we would find it. Members like myself, AdvancedSetup (who is also and has been for a very long time the root admin here on the forums), regulars like David H. Lipman, Firefox and plenty of others, and with all these members generally having excellent memories and watching closely for any kind of problems or issues with the forums, I can't believe that there is something wrong with the forums and some bad actors intercepting or modifying content and that none of us has ever noticed it or commented on it even once. If you want an idea of how much time we spend around here, just take a look at our post counts and when we signed up and just consider that many of us spend many hours per day here, so we know our forums. I cannot speak to your other claims because frankly until you brought it up, I was unaware of it. I know that Google has a hand in virtually every site these days, as does Facebook, Twitter, Disqus and others, and while I am definitely not the biggest fan of things like data harvesting, tracking and mass data collection (something my own past posts on this very forum will often attest to), but I have never seen anything to make me think that they have bad actors within their company doing what you claim. That doesn't mean that I think it is impossible, as I could certainly imagine abuses going on whenever human beings have access to the kind of tools and information they no doubt have access to, however I frankly just don't know if that is what is occurring in your situation or not. Web forensics is not within my particular skill set so I cannot advise you on what is happening or what to do about it. I might be able to assist you with your system if you wish in helping you get rid of any programs you don't need to help your system run better but that's about it. I am not equipped to deal with the whole Google situation so I don't know what to tell you about that, we can only do what we have already done in that regard and advise taking measures to protect your privacy. I won't go on the web without them, and I know that many here on the forums who frequent it feel the same way, that's one of the reasons Malwarebytes Browser Guard and tools like it exist.

Well, IPS' developers are aware of the issue. I'm definitely not the biggest fan of the current forum software, but I wouldn't go so far as to call it overall 'glitchy'. It's just one bad design decision, in my own opinion, however their decision to make it work this way was quite deliberate, not some part of an overall unstable code situation. If their software was that bad Malwarebytes would have selected a different piece of software to run the forums on, and overall I'm actually happy with a lot of the new features offered in the current version. In fact, many of those new features are the very reason we don't have to deal with hundreds of spam threads from spambots every day any more, because that's how bad it was before IPS worked with our admins that run the forums to develop, install and enhance blacklisting tools, filters, and additional security measures to keep spammers and spambots off the forums and it has worked wonders. Now we have maybe an average of 1 spammer per month or less that successfully gets through, and usually those are actually humans; the automated/scripted bots that used to create tons of fake accounts constantly and bombard the forums with garbage are gone, and it is all thanks to the work done by the forum admins at Malwarebytes and their efforts to collaborate with IPS and take all these measures to put a stop to the spambot garbage.

Yeah, you guys have had a rough go of it down under from what I've been hearing. I hope everyone is doing alright and that this drought passes quickly.

No, it's not possible because we know the cause of the issues I experienced. It was/is a bug/issue with the IPS software itself. AdvancedSetup confirmed this himself through contact with IPS. They are aware of the issue and claim that it is the expected behavior (moved threads continue to make the area they were moved from show as 'unread' for about 24 hours after the thread was moved). It has nothing to do with Google or any substitute pages.

Greetings, When clicking the Malwarebytes Browser Guard icon in your browser toolbar, you should see the following screen or one similar to it: There you will find a gear and an item with 3 dots. Clicking each of these provides access to further functions, including the allow list. If you wish to uninstall and reinstall it simply remove it from your browser then install it once more from here. Please let us know how it goes and if you run into any issues. Thanks