Jump to content

exile360

Experts
  • Content Count

    24,904
  • Joined

  • Last visited

Everything posted by exile360

  1. You're very welcome, I'm glad to be of service If you need any details on using CCleaner or the Disk Cleanup tool, just let me know and I'll provide some info and instructions for you. Clearing out your temp files etc. occasionally is a good idea. It keeps things tidy, frees up disk space and also removes a lot of the traces and history of your usage and activities, which is a good thing since you may not want such info to be accessible, especially if your system ever got any sort of spyware infection which might attempt to harvest such data.
  2. The issue being discussed in this thread has more to do with real-time protection causing performance issues constantly. Performing a scan with pretty much any tool or product is going to typically consume a large amount of system resources. That's why most of the time most vendors recommend that when performing a scan you refrain from performing other tasks. That said, yes, you can lower the priority of scans so that it doesn't consume such a high amount of system resources, freeing them up so that you may continue using your system for other tasks while the scan is going on. This is why the feature was created. Also, scheduled scans automatically run in lower priority mode so that they are less intrusive and less resource intensive since they occur silently and might run while you are using your system for other purposes so you don't have to worry about needing to modify any settings to make your scheduled scans behave this way.
  3. While I understand and at least partially agree with some of your sentiments, I don't see anything wrong with a browser page redirect to a block page. It's pretty standard stuff and I know for a fact that if Malwarebytes didn't do it, that there would be tons of users complaining because they mysteriously can't connect to some website when Malwarebytes is installed. I know this because that's exactly what happened before the block page redirect feature was added to Malwarebytes during the 1.x days. This way they get an actual explanation as to what's going on. With regards to the actual pop-up tray notifications, that's where I agree with you. They can get excessive and my preference with regards to security apps is that they protect me quietly unless I explicitly configure them not to (i.e. only alert me when there is some additional action I need to take such as requiring a reboot or something). The rest of the time I just want them to be quiet and do their job so I'm free to continue using my system for the actual tasks that I purchased it for (none of which was to constantly interact with any security application's notifications).
  4. Yes, all of the locations included in the Threat scan are there for good reasons. They are deliberately checked because the Malwarebytes Research team has discovered those locations being used by real threats in the wild, and whenever a new location is found to be used, it gets added to the database so that it is automatically checked by the Threat scan. Likewise, when a location hasn't been used by any threats in a really long time, the Research team will remove that location from the database so that it isn't checked by default which will improve scan times. Also, emptying the Recycle Bin as well as clearing temp folders can definitely help speed up your scans. In fact, if you run a temp cleaning tool like CCleaner or the Disk Cleanup tool built into Windows you can clean up a lot of the temporary storage locations that Malwarebytes and other scanners like to check (because the bad guys often use them) and this will reduce your scan times, sometimes very significantly depending on how much data was being stored there.
  5. Also note that the location of the folder may be different depending on the drive letter of your Windows installation, however you should be able to reach it regardless by entering %programdata% in the address bar of Windows Explorer and pressing Enter and the rest of the path will be the same (Malwarebytes\MBAMService\config).
  6. Actually, there is another way, however be warned that just as with performing a clean installation, it does reset some Malwarebytes settings so if you have any modified/customized scan settings, scheduled scan settings or real-time protection settings you may need to reconfigure them after doing this. To reset the stats on the Dashboard: Right-click on the Malwarebytes tray icon and select Quit Malwarebytes then click Yes if prompted by User Account Control Navigate to C:\ProgramData\Malwarebytes\MBAMService\config and delete the following files: MwacControllerConfig.json RtpConfig.json ScanConfig.json Once that's done, open Malwarebytes again and the stat counters on the Dashboard should be reset. However, Malwarebytes may warn you that a scan has never been performed; this is because the data on past scans has been removed as a consequence of deleting ScanConfig.json so you should perform a Threat scan as soon as possible to eliminate this alert/warning. Also, the default scheduled scan will now be present again in the Settings>Scan Schedule tab, so if you had modified or removed it previously, you'll need to do so again. Likewise, if you had any custom settings for any protection components like having delayed startup, disabled self-protection or if you had rootkit scanning enabled you'll need to change those options back to the desired custom setting as they will all be configured to their defaults. This does not affect the Advanced Settings under Exploit Protection nor will it remove any custom shielded applications you've added via the Manage Protected Applications interface so you don't have to worry about those. It also doesn't affect file or folder exclusions, so you won't have to recreate any of those, however it does delete any web exclusions you had configured so if you had Web Protection set to exclude any websites, IP addresses or processes from the web blocking function you'll need to recreate those exclusions.
  7. By the way, once you're done, if you wish to return your folder view settings back to normal you may reverse the two Folder Options mentioned above. This will not affect Malwarebytes exclusions and it should still refrain from scanning the hidden excluded folders.
  8. Greetings, While I would not advise doing so as some malware will use the Recycle Bin to hide backups of their files to restore if the threat is removed, you can exclude it. To do so, you must open a folder in Windows Explorer and click Organize in the navigation bar at the top and select Folder and Search Options. In the Folder Options dialog click the View tab and select Show hidden files, folders, and drives then uncheck Hide protected operating system files (Recommended) and click Apply then confirm when prompted. Next, open Malwarebytes and navigate to Settings>Exclusions and click Add Exclusion and leave the default option selected and click Select Folder... then browse to the root of the drive where Windows is installed (usually C:) and you should see a folder there called $Recycle.Bin; that's the folder you want to exclude. Note: If you have other drives attached to the system or other partitions/drive letters where files are stored you'll need to navigate to the root of those drives as well and exclude the same $Recycle.Bin folder within them as the Recycle Bin in Windows is actually a separate folder on each drive which are all controlled via the Recycle Bin icon on the desktop but files deleted from each drive are stored within the $Recycle.Bin folder in the root of the drive where the files are being deleted from.
  9. Nice find. I'll be sure to inform the team about this as a temporary fix while we're waiting for a permanent fix from the Dev team
  10. Sounds good, thanks Also, just so you know, the Product team is aware of the issue and already have the Developers working on a permanent solution to make Malwarebytes fully compatible with the new technologies implemented in the most recent Windows 10 updates, including Device Guard so it's only a matter of time before they work together without having either one disabled.
  11. The problem is, the way these comparative tests are presented, they try to make it seem like indisputable scientific proof rather than a product review, when in reality it's much closer to the latter than the former more often than not, especially when you see other actual product review sites conducting similar tests with random live samples and coming to very different conclusions and diverse results. I think the real problems are that first, it's really hard to accurately test against any current threat in a realistic way because they are so polymorphic, seldom living beyond a few hours at the most before the links go dead and because they also alter their attack methods based on everything from the browser being used, to the OS and even geo-location information to determine whether to attack and what tactics to use, not to mention checking to see if certain security products are installed (some threats won't even try to run if they see certain security software active/registered with Security Center/Action Center). Then of course there's the issue that the number of samples being tested and the range of threats, threat families and threat classifications being tested are seldom diverse enough to provide a truly comprehensive view of a security product's capabilities and you end up with results that can be more than a little misleading with regards to how any product will perform in the real world. Conducting realistic testing is hard, and I don't envy these organizations attempting to do it. I understand that they are bound by the same limitations as everyone else when trying to replicate an attack consistently to be fair to all of the products being tested and I realize that's a big part of why the scope of such tests tend to be so limited, but unfortunately it also means that the picture they paint with their findings typically do not tell the entire story. I am hopeful that things will improve as more within the testing industry realize the problems involved and the ways that threats have changed in the past couple of decades and that the old methods of using zoos of samples and captured binaries aren't going to cut it any more, but it's going to take time and innovation and a lot of work to get there.
  12. Greetings and welcome Thanks for the suggestion. Yes, this idea has been proposed before and has been passed on to the Product team for consideration. I do not know if they plan to implement it or not, but it has been requested. If you have any further ideas or suggestions please don't hesitate to let us know. Thanks
  13. You might find this information helpful. It shows how to enable or disable Device Guard.
  14. Greetings, It appears that something is wrong with the Windows Management Instrumentation (WMI) service on your system. Please open an administrative command prompt by clicking START and typing services.msc and pressing Enter In the Services window, scroll down the list until you find Windows Management Instrumentation and double-click on it Make certain the Startup type: is set to Automatic, and if it isn't, set it to Automatic via the provided drop-down menu then click Apply and click the Start button to start the service. If that failed or the Windows Management Instrumentation service was not listed, proceed with the following: Tweaking.com Windows Repair All-in-One Download Tweaking.com Windows Repair from here and install it or if you would prefer, you may instead download and extract the portable version from here Once installed or extracted, launch Repair_Windows.exe Click on the Repairs - Main tab Click on the Open Repairs button Once it displays the list of repairs, click the checkbox next to All Repairs so that everything listed is UNCHECKED Now, click the checkbox next to Repair WMI so that it is checked Click on the Start Repairs button at the bottom Once it completes, allow it to restart your system Once that's done, see if Malwarebytes now works properly. Please let us know how it goes. Thanks
  15. Greetings, There are a few known issues with Windows 10, and that's likely why you're experiencing these problems. First, if Fast Start is enabled, the tray icon for Malwarebytes protection won't load. Second, if Device Guard is enabled then Exploit Protection won't work. You can try the beta version 3.5 to see if it resolves the issue, however it is likely that you'll need to disable Device Guard for now as I don't believe the beta includes this fix, though it is planned for a future release of Malwarebytes.
  16. There is one known issue with Device Guard which is a new feature in the latest builds of Windows 10. This issue should be resolved by the latest beta version of Malwarebytes version 3.5. You may either turn off Device Guard, or install the Malwarebytes beta by opening Malwarebytes and navigating to Settings>Application and scrolling down the tab until you locate the Beta Application Updates section and turn on the setting beneath it, then scroll back up near the top of the tab until you find the Install Application Updates button and click on it then allow it to download and install the new beta version. If you do this, be sure to restart your PC once the installation of the beta is complete even if it does not prompt you to do so in order to ensure that the new components/processes/drivers etc. are loaded rather than leaving the original/existing ones in memory.
  17. If that doesn't work, then please do the following: Right-click on the Malwarebytes tray icon and select Quit Malwarebytes and click Yes to the User Account Control prompt Next, click on START and type cmd in the search box and once you see cmd.exe listed at the top, right-click on it and select Run as administrator. This should open up a command prompt. In the command prompt, enter the following text and press Enter: SC DELETE MBAMWebProtection Once that is done, open Malwarebytes again and Web Protection should work. Also check to make sure that all of the other protection components are turned on as they may have been disabled when you deleted that item, but you should be able to turn all of them back on and they should all be functioning normally after that. Please let us know if it does not resolve the issue or if there are any additional problems.
  18. The topic you linked to has nothing to do with RAM usage, performance or the real-time protection in Malwarebytes. The user that posted about that was using the free, on-demand scan version of Malwarebytes and during the scan, Malwarebytes detected a threat and because it was accessing the file, it caused ESET to analyze the file as well and since ESET (as with most AVs) uses on-access detection, it detected and removed the file when this occurred. This is very much a corner case and won't happen with the real-time protection components in Malwarebytes because they work very differently from the scan engine with regards to when and how they detect items. The protection layers in Malwarebytes operate at different phases in the attack chain from the ones used by ESET and other AVs to detect threats, so either the attack will be blocked by Malwarebytes before ESET has the chance to see a threat, or ESET will detect and remove the threat if it gets passed those first layers of Malwarebytes protection, or the threat will get past both the first layers of Malwarebytes protection and ESET, then if the user tries to execute the malicious file in memory, Malwarebytes later phase malware protection component will trigger and detect and quarantine the file because it operates as an on-execution protection/detection component, unlike ESET which functions as an on-access protection/detection layer. By the way, the exact same thing would have happened with any other scanner, or even if the user were performing some other task which caused that file to be accessed (like running a search of their drive's files, opening the folder and viewing the file in Windows Explorer or any number of other tasks/processes). It would have even occurred if the user was running any of the free online virus scans which don't even install any full antivirus product on the system. Any of these tasks would have caused the file to be accessed and thus would have caused ESET to see/analyze the file and detect it.
  19. Are you located in Russia by any chance? The reason I ask is because recently our users and customers located there have been having problems reaching our update and licensing servers due to them being blocked so you might need to use a proxy or VPN to reach our servers and receive updates.
  20. Did the steps I suggested alleviate the issue, at least temporarily without necessitating a reboot? Also, you might consider trying the Malwarebytes 3.5 beta by opening Malwarebytes and going to Settings>Application and scrolling down the page until you find the Beta Application Updates section and below that, enable the Automatically receive beta versions of component updates and full releases option then scroll back up near the top of the same tab in the UI and locate the Install Application Updates button and click on it, then allow it to download and install the beta version when prompted and reboot once the installation is complete (even if it doesn't prompt you to restart, please do so anyway). Once that's done, give it a try and see if it starts with Web Protection enabled consistently. Please let us know what you've decided to do and how it goes. Thanks
  21. OK guys, please keep it civil. While I myself have stated many times why I question these tests, I'm also a big proponent of transparency, and part of that transparency in the world of AV/AM software is participation in some kind of validated/certified testing by third party entities (though it is true that some do accept payment and have been known to skew results toward paying entities, though this is not the case for all of them). I was among the first in the company to promote the idea of participating in these tests as soon as Malwarebytes began marketing the software as an AV replacement and I still believe that they should do so. I just don't believe that they tell the whole story or that they actually prove the true efficacy of a product against threats and attacks in the real world so I put far more weight on word of mouth from users and customers who have experienced it first-hand along with my own experiences. There is nothing wrong with testing, I just don't believe that it is nearly as important or representative of how a product will perform against live threats in real-world scenarios and so I believe that it isn't as important as some other factors. That said, regardless of what I may think about Lock's motivations etc., his question and point is valid with regards to testing. It is something that Malwarebytes should do, and the most recent information I heard on the subject was that they do in fact still intend to participate in such testing, however right now there are other more important things that they are working on, a major portion of which have been these reported performance issues with Ransomware Protection, certain components of real-time protection failing (mostly Web Protection and/or Exploit Protection) as well as the usual work of enhancing Malwarebytes ability to detect and remediate the latest threats; something that takes top priority whenever there is a new class of threat and/or new method of attack being observed in the wild which requires new tech in order to deal with (something that obviously does happen from time to time, though not as frequently these days as it once did now that the bad guys are mainly focusing on exploits, PUPs and ransomware for the most part, with a handful of rootkits being shipped with some of the PUPs). Every week I report on trends, requests, feedback, bugs and issues to the Product team and one of the items I have submitted (once again) is that they participate in these kinds of third party comparative tests because it is considered a standard practice, because some users do put at least some degree of stock in the results, and because it offers a little more transparency to the users, customers and potential future users/customers to see how we do and how the various layers in Malwarebytes stand up against these kinds of tests/testing methods. So yes Lock, on this point you and I do agree. Malwarebytes should participate in this kind of testing, but based on what I have seen so far, the primary reason it's taken so long/hasn't happened yet is due to the bugs which have been affecting some users and customers throughout the past several versions of Malwarebytes, however the 3.5 beta is looking really good based on the feedback I've been gathering so far in that regard and has resolved most if not all of these issues for many users who have had this problem consistently with the past several releases, so hopefully 3.5 has finally ironed all of them out once and for all, though only time will tell once the final build goes live and more users start running it, but I am hopeful.
  22. Yikes, thanks for the info. I hope that MS doesn't ignore us Windows 7 users this time around like they did with the last round of patches. If they do, they're probably going to have a lot of infected users out there considering Windows 7's current market share.
  23. Probably because of all the reasons that have been stated already regarding these tests and how ludicrous they are in regards to real-world results/performance (that's why even users of the most frequently 100%/#1 ranked AVs in these tests still show up frequently with infected systems and seek out Malwarebytes to begin with). If it was as simple as doing well on these tests to substantiate which product provides the best protection, then there would only be a handful of AV/AM vendors still in business because they would have proven themselves in the real world by keeping all of their customers clean of infections 100% of the time, but that's not how it is and it never has been. The entire premise behind the creation of Malwarebytes from the beginning was to create a tool/product capable of dealing with threats that the big AV vendors were really bad at by using new methods of detection and protection, and this philosophy has continued to this day with the development, acquisition and integration of many new technologies and protection/detection layers into Malwarebytes to the point where now it has proven itself to be so effective that they have millions of paying customers who swear by it because it has kept them clean and has shown itself to be effective against today's threats. It's not just us saying that Malwarebytes is good, it is the word of mouth from PC repair technicians and security experts throughout the world as well as home users who run Malwarebytes on their own machines. I would agree with you if it were just us saying these things with regards to Malwarebytes' effectiveness, but when it comes from independent sources with real world experience, that's quite a different story. In the world of jobs, I'm a prime example. I didn't even graduate high school (only got a GED when I was 20), never attended a day of college, hold precisely 0 technical certifications, yet Malwarebytes hired me to work for them based on my voluntary work here on their forums. I proved myself and my knowledge through real-world experience and application of my abilities, and that was sufficient proof to them that I was worthy of hiring (I didn't go to them asking for a job, they came to me and asked if I wanted to work for them). Malwarebytes and its effectiveness are very much the same way. As for participation on comparative testing, I don't know where they are on that, but to my knowledge they still intend to do it. I believe that other projects, including fixing issues with and making improvements to Malwarebytes 3, have delayed that process and that's why it hasn't happened yet. So until then that's all I can really say is that yes, they still intend to do it, but no, it hasn't happened yet. That said, I suspect an ulterior motive behind your postings given the fact that virtually all of them are negative in some way towards Malwarebytes, either the product, the company or both. I cannot speculate as to the reason for this, as only you would know the answer to that, but I would advise anyone who reads your posts take a look back at your history of posts and topics here on the forums to judge for themselves and reach their own conclusions, but in my opinion there's a clear pattern and I don't think it's because you're motivated to help Malwarebytes and its users/customers.
  24. Excellent, I'm glad you were able to get it working Yep, I'm thinking both were needed (the file was missing from the Malwarebytes program folder initially which is why it wasn't working before the reinstall). There must have been a hiccup during the previous installation that caused some of the files not to be written to disk, but once it was reinstalled, the setting just needed to be toggled to register the shell extension DLL again, and the reboot to reload/refresh Explorer.exe so that it would recognize it/display it.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.