Jump to content

exile360

Experts
  • Posts

    31,301
  • Joined

  • Last visited

  • Days Won

    41

Everything posted by exile360

  1. Greetings, I'm sorry that Is any sort of block or detection occurring when the user attempts to open IE, or is it just failing to launch silently when Malwarebytes is active? To receive the fastest assistance I'd suggest contacting Malwarebytes Business Support directly via the options on this page or via the contact information provided to you by logging into the My Account portal. In the meantime, if the user is seeing a detection, get the log from the detection and post it here and we'll get a member of the Research team to take a look and get it corrected if it is due to a false positive. Thanks
  2. If it helps at all, folder exclusions in Malwarebytes are recursive, so if multiple (or all) files and folders within a particular directory need to be excluded you can simply exclude the parent folder and everything the excluded folder contains will also be excluded.
  3. Greetings, You may find the information in this support article to be of help. It provides details on running Malwarebytes on Windows Server as well as documenting potential issues you may encounter, best practices, exclusions and configuration recommendations for various Server configurations. The information in this support article may also prove useful; it describes how to disable Malwarebytes' real-time protection to avoid potential conflicts and performance issues with Windows Server if needed. I hope this helps, and if you require any further assistance please feel free to post or to contact Malwarebytes Business Support directly via the form on this page and they will respond via email. Thanks
  4. Greetings, Please double-click on one of the block entries shown in the image you posted to view the report, then click the Export link on the bottom left of the report and select Copy to clipboard, then paste the contents here in your next reply so that we may take a look and advise you based on what it shows. Thanks
  5. Greetings, Thank you for your feedback, I will be sure to pass it on to the Product team for consideration. I definitely understand your frustration with unwanted pop-ups/surveys. I cannot speak for the Product team, however I do recall hearing something about adding options to control such content at some point, however I do not know for sure if or when such functionality might be added, assuming it is in their plans to do so. I hope that you stick with Malwarebytes as your choice of protection for your devices, however I understand not wanting to be prompted automatically by surveys and the like. If you have any further comments or feedback please let us know. Thanks
  6. Greetings, Please post your ticket number here and we can ask a member of the Support team to take a look. Thanks
  7. Greetings, Please try disabling the following VPN applications to see if that helps: Mullvad VPN iTop VPN Your system also shows signs of possible infection as well as several DNS errors in your Event Viewer logs. If the problem continues even after disabling the above VPN applications, please follow the instructions in this topic, skipping any steps you are unable to complete, then create a new topic in our malware removal area by clicking here and a malware removal specialist will guide you in checking and cleaning your system of any threats. They should be able to help get the issue sorted out and you may return here for further troubleshooting if they clear the system and the problem still occurs.
  8. Greetings, Please follow the instructions in this topic, skipping any steps you are unable to complete, then create a new topic in our malware removal area by clicking here and a malware removal specialist will guide you in checking and cleaning your system of any threats as well as offering advice on keeping your device free of threats going forward.
  9. Greetings, You would likely need to contact Microsoft Support on their Windows support forum to get an answer to whether the files belong to the Media Creation Tool or not. As for Windows Defender, yes, it is entirely possible that it could have been fixed by getting the latest Windows Updates installed using the tool, particularly since Microsoft recently released some updates for Windows Defender itself as I recall.
  10. You may also find information about previous releases of Malwarebytes in the various links listed here. If there is anything else we might help you with please let us know. Thanks
  11. These are public forums so everything posted here is often read, searched out, and referenced by others, so everything I posted was not only for your sake, but also for anyone else who might come across this topic. I had no way to know what your knowledge, experience level, history, or methods might be so I posted what I did to try and cover as many situations and levels of knowledge and experience as possible. I am the former Product Manager for all Malwarebytes products, I was their first QA, and I am currently transitioning into a role on the Support team after serving for the past few years as User Advocate here on the forums. I have been with Malwarebytes since 2010 and helped decide on and design many of the features that still exist in the product today, so yes, I speak with first-hand knowledge when I say that disabling those checkboxes will not disable database updates. The two options are for program versions only (i.e. installers) and Component Updates (updates for individual DLLs, drivers and similar components), not signature/database updates. Just please keep in mind what I said regarding signature updates and new database syntax. Not every new version of Malwarebytes ships with new syntax/detection capabilities, but if you look at the release history published most recently for the various builds/releases of Malwarebytes 4.3 here as well as the various release notes published here, every time anything like Improved detection and remediation. or Enhanced name of protection module or Improved protection. is listed, that is an indicator that either new database syntax which is not backwards compatible has been added or some new capability to one or more of Malwarebytes' protection components was implemented meaning any version prior will lack this improved detection/protection capability and there are likely threats/classifications of threats which older versions of the product will not be capable of detecting and/or removing. I'm sure you already understood or likely assumed most or all of this, but again, I'm posting this also for anyone who might come across this information in the future.
  12. That may explain why setting an alternate DNS server helped as well. Maybe it's a routing issue with one or more of the ISPs or backbone nodes in Australia?
  13. Unchecking the two options mentioned will not stop definition updates, however keeping an out of date program version will impact the overall effectiveness of the program as new program versions/builds bring with them new database syntax types that are not readable by older builds of the product (they do not know how to interpret new signature types that they do not understand so they ignore them in order to avoid any sort of errors, bugs, FPs or other unexpected/unpredictable behaviors from the application). What I generally advise is that users perform regular monthly maintenance on their devices, including updating Windows through Windows Update, updating their applications such as their web browsers and office applications (both to fix bugs and especially to help safeguard against application vulnerabilities which might leave them open to attack by exploits and other threats), and updating their security applications (such as Malwarebytes). You may disable application updates if you wish, just be advised that in order to have the most effective protection and detection capabilities your users need to be running the latest build of the software. Application bugs and other issues are also regularly fixed through these updates, so it is generally best to keep the application up to date if possible, however you can perform updates manually if desired by unchecking the options mentioned, then re-enabling them occasionally and manually checking for updates to download and install any available application updates which might have become available (this way you can keep the application up to date for your clients, assuming you are performing regular maintenance on their devices for them). I hope this helps and if there is anything else we might assist you with please let us know. Thanks
  14. Greetings, To disable Malwarebytes from running on system start, open Malwarebytes and navigate to settings by clicking the small gear in the upper right, then select the Security tab and toggle the option under Windows startup to the off position and restart the system. That will configure Malwarebytes not to run when the system starts. Please let us know how it goes and if you run into any further issues. Thanks
  15. Please verify that you created an exclusion from Web Protection, as adding an item to the allow list by default will only exclude the item from detection as malware by the scan engine and Malware Protection components. Details on creating exclusions from Web Protection can be found under the Allow an application to connect to the Internet section of this support article. If that does not resolve the issue, please follow Porthos' instructions above and we will take a look to try and determine what's going on. Thanks
  16. Greetings, You should be able to remove them through the user interface by opening Malwarebytes and clicking the Detection History card then clicking the History tab and deleting the ones you desire to. If there are specific types you want deleted or ones from specific dates/times you can click the column headers above each section to sort based on that column, then delete the ones you want by hovering your mouse over each and clicking the trash can icon on the right. If you still wish to remove them manually you will first need to disable self-protection as that is likely what is preventing the files from being deleted. To do so, access settings by clicking the small gear icon in the upper right, then navigate to the Security tab and click Advanced under the Windows startup section and toggle the option Enable self-protection module to the off position, wait a few seconds to give the driver time to unload, then delete the files. You may need to close and reopen Malwarebytes for it to reflect the changes once you remove the reports (I haven't tested deleting them this way so I'm not certain). Please let us know if there is anything else we can help with. Thanks
  17. I would also add that, while it is generally true that tech support scam sites are updated too frequently for tools using static block lists (such as standard ad blockers, malicious web filters, HOSTS files etc.) to usually be able to keep up with them and actually prevent/block them preemptively, Malwarebytes own Malwarebytes Browser Guard, which is available for Firefox and Chrome/Chromium based browsers, includes behavior based detection and blocking for tech support scam sites which does not rely on any sort of block lists and does not target such sites based on IP address or URL/domain name, but instead analyzes how the page looks and acts to quickly determine if it is a tech support scam site/pop-up and block it on the spot. It's a powerful and effective piece of tech and I highly recommend it for everyone.
  18. Thanks for the update, I wasn't aware that was an option.
  19. Does disabling Ransomware Protection have any impact on the issue at all? If not, does disabling any of the other individual protections and restarting the system make any difference? You can check by right-clicking the Malwarebytes tray icon in the notification area near the system clock and clicking on a protection type where it says On next to it, then click Yes when prompted by User Account Control, then restart the system and test to see if the issue is alleviated (I'd recommend doing whatever you would normally do to replicate the issue at least a couple times just to make sure that the issue is indeed corrected by disabling that specific protection component). Please check each protection component one at a time, re-enabling it again after any failed test where the issue still occurs so that hopefully it can be narrowed down to just 1 protection module. Obviously the cause might be something other than one specific protection, however given that we now know it is not due to a scan running in the background (which would also cause heavy CPU and disk usage in MBAMService.exe), a protection component is most likely.
  20. Greetings, You should be able to quickly create and deploy an alternate policy (or modify your existing one if you wish to disable protection for all endpoints at once) as documented on page 25 of the administration guide located here. Once you are done you should be able to switch your clients back to their previous/default policy. I am not certain whether you will need to restart the clients or the Malwarebytes endpoint software for the new policy settings to take effect, so please keep that in mind if protection doesn't toggle off once you push out the alternate policy. I hope this helps, but please let us know if you run into any issues and we'll do our best to help. Thanks
  21. OK, good, thanks, I just wanted to make sure. The default scan time is generally around 2AM so a time of 2:16AM makes perfect sense.
  22. Thanks, please try disabling McAfee Safe Connect VPN and SecureLine VPN temporarily to see if that allows Malwarebytes to install. If so, you may need to exclude Malwarebytes from whichever VPN you actually use (I'd recommend uninstalling the one you don't use, though that is of course up to you). If that does not resolve the issue, please try temporarily disabling Avira to see if that helps, if so, try excluding/trusting/allowing the items listed in this support article from Avira's real-time protection to see if that fixes the issue. Please let us know how it goes. Thanks
  23. Thank you, yes, the Developers are among those I report issues to so they will definitely be made aware of it. In the meantime, I'm sure you've already done this, but just for my own sake, did you already try deleting all scheduled scans to make certain the scheduled scan isn't somehow the cause? My thinking is that perhaps the scan is getting stuck at some point, and since the default scheduled scan is set to run at the earliest opportunity if missed (meaning that if it is frequently missed/doesn't complete, it's very likely to run shortly after the system boots up most of the time). I don't want to step on Support's toes, so please don't make any changes without their knowledge; I'm just wondering if that possibility has been checked yet or not. Thanks again.
  24. Greetings, I don't want to interfere with the work being done in your support ticket, however I will make a note of this issue to pass on to the Product team. If you would, please provide the ticket number which should be in the emails you received regarding your ticket with Support and I will make a note of it to the Product team for reference. Thank you, and I hope this issue is resolved promptly.
  25. Greetings, Please do the following so that we can take a look and try to determine what the problem might be: Download and run the Malwarebytes Support ToolAccept the EULA and click Advanced tab on the left (not Start Repair)Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.