Jump to content

exile360

Experts
  • Content Count

    25,286
  • Joined

  • Last visited

Everything posted by exile360

  1. Excellent, I'm glad to hear it If the issue returns or if anything else comes up please don't hesitate to post and we'll do our best to help. Thanks
  2. Greetings, You are at least a couple of versions behind and it is possible this issue has been resolved in a later release of Malwarebytes. Please download the latest version, 3.5.1, from here or open Malwarebytes and navigate to Settings>Application and click on the Install Application Updates button to download and install the latest version. Once installed, please make certain that you restart your system even if you aren't prompted to do so to ensure that the new files/components are loaded into memory. Also, since you are running Windows 10, please make sure that you at least temporarily disable Fast Start (instructions may be found on this page) otherwise the old file versions/components may be held in memory rather than allowing the new versions to load (drivers, services etc.). Please let us know how it goes and if the new version resolves the issue or not. Thanks
  3. Greetings, I think you might have a few of the facts mixed up here which may be contributing to your idea that Malwarebytes is somehow singling out iObit when in fact ASC is classified as PUP for very legitimate reasons. First, Malwarebytes never lost any court case against iObit. In fact, the only outcome of any grievances between any of these vendors and Malwarebytes in court has been a victory for Malwarebytes with the court systems/legal systems siding with Malwarebytes, including with regards to classifying apps as PUP. Second, Malwarebytes isn't seeking ways around exclusions. They have ASC's files and entries in their PUP detection database and have for a very long time now. The entries in the above image show that the items being detected are in a temp location, which is where ASC has placed them during install which explains why they would be detected if that location is not excluded. A simple solution would be to temporarily disable Malwarebytes protection during installation/upgrades of ASC (and in fact, the image above is of a Malwarebytes scan which would have had to have been run either during an ASC installation/upgrade, or else it is detecting leftover temp files after the fact, but either way, as long as you proceed to complete the installation/upgrade of ASC, those detections will have no impact on ASC and the normal exclusion of ASC's program files will be sufficient to prevent ASC from being blocked or removed by Malwarebytes). You can also easily change how Malwarebytes handles PUPs in its settings which again makes it very easy to prevent ASC (or any other product detected as PUP by Malwarebytes) from being detected. Just set it to either "Warn User" or "Ignore Detections" and this too can be done on a temporary basis when installing/upgrading ASC to prevent these temp detections. And finally, with regards to Malwarebytes reasoning for detecting ASC and apps like it as PUP, it has absolutely nothing to do with the history between the two companies, otherwise Malwarebytes would be classifying all iObit apps as PUP, yet they do not. Below is a list of links explaining exactly why Malwarebytes detects ASC and similar programs from other vendors (not just iObit) as PUP: https://decentsecurity.com/#/registry-cleaners/ https://support.microsoft.com/en-us/help/2563254/microsoft-support-policy-for-the-use-of-registry-cleaning-utilities https://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ https://www.howtogeek.com/162683/pc-cleaning-apps-are-a-scam-heres-why-and-how-to-speed-up-your-pc/ And from Malwarebytes themselves (there are many more entries if you search for "registry cleaners" on Malwarebytes blog in addition to the items below but you get the idea): https://blog.malwarebytes.com/cybercrime/2015/06/digital-snake-oil/ https://blog.malwarebytes.com/threats/registry-cleaner/ https://blog.malwarebytes.com/cybercrime/2015/07/pup-makers-digital-snake-oil-part-3/ https://blog.malwarebytes.com/puppum/2016/12/why-malwarebytes-detects-pc-pitstop-as-potentially-unwanted/ https://blog.malwarebytes.com/puppum/2016/07/pup-friday-cleaning-up-with-5-star-awards/ https://blog.malwarebytes.com/puppum/2016/08/systweak-redux-our-response/ I hope that this information has helped to clear things up as to why the above detections were made as well as why Malwarebytes Research team is justified in classifying applications like Advanced SystemCare as PUP. If any vendor wishes to dispute a PUP detection they may do so by reviewing the information on this page
  4. I'll let the Support guys respond via the rest, but specifically via question (b) it could be anything from an issue preventing it from connecting to the server such as a software firewall, proxy configuration, DNS issue, HOSTS file block, problem with a corrupted/missing configuration file where the license server info is stored (it's dynamic in case it is ever changed so that they can roll out new settings with database updates rather than having it hardcoded), an ISP issue where they are routing it through a slow/broken server causing it to fail to reach/respond, or it could even be an issue where your provider/ISP is blocking it either deliberately or by mistake for some reason (if for example they have the server blacklisted or restrict access to certain parts of the web, something that happens in some countries). The logs help to at least give clues as to some of the possible issues that may occur locally on the system which could be causing it, including checking many of the network settings, HOSTS file entries, as well as Malwarebytes' own configuration files/settings.
  5. Greetings, Someone should be along to assist you shortly, but in the meantime, in addition to providing the logs requested in the above post, please also try the instructions in this pinned topic, making sure to follow them precisely as they are written as the order is very important, and see if that eliminates the recurring items in Chrome. Please post back with your results on how it goes and also provide the logs requested above as well as any other relevant details if the system continues to behave abnormally and/or you still see any recurring detections. Thanks
  6. Greetings, It would be very helpful to us if you could expand on your feedback if possible. For example, what changes bother you and why? Was there anything in particular that bothered you more than anything else? With regards to the trial, while it is active by default, you can still deactivate it as soon as the software is installed via a link on the Dashboard so that you can instantly revert it to the Free version if desired. If you are willing, we would very much appreciate it if you could provide more detailed info on how the software might be improved to better suit your needs and desires. Thanks
  7. OK, thanks. Since it is still freezing with 3.5.1, please try running Malwarebytes Anti-Rootkit which may be found here to see if it is able to complete a scan. If it is and if anything is detected by it, have it remove what it finds and reboot if prompted to complete the removal process and then try running Malwarebytes 3 again to see if it is now able to complete a scan without freezing. If it still does not work, then please try running ADWCleaner and likewise, have it remove anything it finds, restart if prompted to complete the removal process, then try scanning with Malwarebytes once more. If none of that helped, then please create and attach the logs as mentioned above by Firefox and also a memory dump of MBAMService.exe while the scan is frozen: Open Task Manager by pressing CTRL+SHIFT+ESC on your keyboard and click on the Processes tab Click Show processes from all users at the bottom Sort the list by name by clicking twice on the column header where it says Image Name Scroll down the list of running processes until you find MBAMService.exe and then right-click on it and select Create Dump File and wait for it to complete (you will be notified via a pop-up dialog once it is done) Navigate to the location where it says the dump file has been created and move it to your Desktop or another convenient location, then right-click on the dump file and hover your mouse over Send to and select Compressed (zipped) folder Attach the ZIP file you just created to your next reply, or if it is too large, upload it somewhere that it may be shared such as wetransfer.com and provide us with the link to the file
  8. Just to add to what Firefox mentioned above, once the new version is installed, please be sure to restart your system (even if you aren't prompted to do so) to ensure that the new components are loaded into memory (you may need to disable Fast Start as documented on this page temporarily and reboot otherwise the new components still may not load due to the way Fast Start works).
  9. Greetings, Please try installing the latest version, 3.5.1 which was recently released by downloading it from here or by opening Malwarebytes and navigating to Settings>Application and clicking the Install Application Updates button and approving the prompts to download and install the new version. Once the installation is complete, be sure to restart your computer (even if you aren't prompted to do so to ensure that the latest components are loaded) and then test to see if the scan is able to complete. If the new version does not resolve the problem, then please do the following so that we can take a look at your installation to hopefully determine what might be causing the issue: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Please let us know how it goes. Thanks
  10. Good, it looks like that other detection was some kind of adware. Is Malwarebytes able to run a scan without crashing now? If not, have you had any success in getting a crash dump for the team to analyze?
  11. If you're seeing this only in Chrome and with every site you visit/every search you make then it's probably due to some kind of browser hijacker or malicious browser plugin. Have you scanned with Malwarebytes to see if anything is infecting the system? If it doesn't detect anything you might try running ADWCleaner and you also might take a look at this topic with regards to Chrome.
  12. That's excellent news, thanks for letting us know Version 3.5.1 included a lot of bugfixes for a wide variety of issues, including some which impacted XP, so it's good to hear that the Developers' and Product team's hard work is paying off. If you do encounter any issues, please don't hesitate to let us know and we'll do all we can to help. Thanks
  13. Yes, that's correct. The free version and the Premium version are the same and use the same installer, but the protection features aren't activated unless a license key is entered to convert it into Premium or unless you're using the free 14 day trial after installation. Since they are one and the same, it can't differentiate between conditions where the user intends to use the free version, especially with the free trial being a possibility after install, and a Premium user so it plays it safe and removes the standalone Anti-Exploit to prevent conflicts. As long as you ensure that Malwarebytes 3 is running in free mode, you can then reinstall the Malwarebytes Anti-Exploit beta and you shouldn't have any trouble. If there's anything else we might assist you with please don't hesitate to let us know. Thanks
  14. Excellent, thanks for letting us know. That information will be useful to the QA and Dev teams as they replicate this issue and (hopefully) seek a solution for a future release so that the UI is rendered properly on screens of that size/with those settings.
  15. Very good, at least MBAR was able to run so that's a good sign. You might also give ADWCleaner a try to check for any PUPs that might be present and to make sure that it also is able to complete a scan. Please let us know how it goes. Thanks
  16. That's excellent news, thanks for letting us know If there is anything else we might assist you with please don't hesitate to let us know. Thanks
  17. I'm glad that it worked, thanks for letting us know If you require any further assistance please don't hesitate to post. Thanks
  18. Very good, I am glad that you were successful as well It looks like the fix in version 3.5.1 is pretty solid so far. I know the Product team will be glad. If either of you require any further assistance with anything in the future just post and we'll do all we can to assist you. Thanks
  19. That's great, I'm glad to hear it If there's anything else we might assist you with please don't hesitate to ask. Thanks
  20. Thanks, based on what I'm seeing it looks like the system is probably infected, which explains why it isn't working correctly. To resolve this, please read and follow the instructions in this topic as best you can and create a new topic in the malware removal area containing the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking and clearing the system of all threats, and most likely will fix the problems you're having with Malwarebytes in the process (it will also likely fix a lot of other issues you may not have even been aware of as the system seems to have a lot going on with it likely due to the threats). They'll get you all cleared up in the malware removal area, and if the issues do persist with Malwarebytes after they're done, then you may return here for assistance afterwards but for now just work with them directly as getting cleaned up is the most important thing at this point.
  21. Greetings, Yes, that is correct. It removes the standalone Anti-Expoit because Malwarebytes 3 Premium has Malwarebytes Anti-Exploit integrated into it as one of its layers of protection (referred to in Malwarebytes 3 as Exploit Protection). If you're using the free version of Malwarebytes 3 and wish to continue using the Anti-Exploit beta you'll have to reinstall the beta after installing Malwarebytes 3. Malwarebytes 3's installer removes MBAE to avoid conflicts as having two copies of the anti-exploit shield running in realtime could create problems.
  22. Greetings, If both of you are running version 3.4.5, please download and install the latest version, 3.5.1, from here and restart after installation is completed (even if you aren't prompted to do so), then check to see if the issue is resolved. If it isn't, then please do the following: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced Options on the main page (not Get Started) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply
  23. Please do the following so I can take a look. I suspect there might be a startup entry left by the installer that's causing this issue: Create an Autoruns Log: Please download Sysinternals Autoruns from here and save it to your desktop. Note: If using Windows Vista, Windows 7, Windows 8/8.1 or Windows 10 then you also need to do the following: Right-click on Autoruns.exe and select Properties Click on the Compatibility tab Under Privilege Level check the box next to Run this program as an administrator Click on Apply then click OK Double-click Autoruns.exe to run it. Once it starts, please press the Esc key on your keyboard. Now that scanning is stopped, click on the Options button at the top of the program and verify that the following are checked, if they are unchecked, check them: Hide empty locations Hide Windows entries Click on the Options button at the top of the program and select Scan Options... then in the Autoruns Scan Options dialog enable/check the following two options: Verify code signatures Check VirusTotal.com Once that's done click the Rescan button at the bottom of the Autoruns Scan Options dialog and this will start the scan again, this time let it finish. When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the file to your desktop and close Autoruns. Right click on the file on your desktop that you just saved and hover your mouse over Send To and select Compressed (zipped) Folder Attach the ZIP folder you just created to your next reply
  24. Yeah, unfortunately these advertisers figure out how to code their pop-ups to get around pop-up blockers as much as possible, so it isn't always successful. Honestly, I've used Firefox, Chrome and Internet Explorer and I've personally found that by far the most effective pop-up blocker is the one built into IE11 when turned up to max settings. It prevents pop-ups that show up on the same sites with Chrome and Firefox, even with several ad and pop-up blocking add-ons. The trouble with trying to block pop-ups using third party software (if for example Malwarebytes wanted to do this) is that it can only do so from within the browser, meaning it would need to install an add-on, plugin or extension that could detect and block the pop-ups. In fact, Malwarebytes does have a browser extension currently in beta for Firefox and Chrome that is designed to behaviorally block tech support scam sites, phishing sites, malicious ads as well as many tracking servers. Its main focus isn't so much to act as a pop-up blocker, but it does block some of them because of their contents so it might help the situation. For the specific site(s) you're visiting where you're seeing these pop-ups, you might give Internet Explorer a try after maxing out its pop-up blocking setting by configuring it to High: Block all pop-ups where you only get pop-ups from sites where you explicitly allow them (another benefit is that you can allow pop-ups if needed, like if they are required on a safe site or you need to allow them to display whatever content you happen to be viewing on a site as is sometimes the case). You can also further secure things by setting IE to prompt you to allow ActiveX controls (like Flash Player etc.) to run on each website; another beneficial setting if you're dealing with sites that might not be super safe where you may selectively enable each ActiveX control as needed to view specific content you wish to see and leave it blocked everywhere else. The Malwarebytes extension for Chrome can be found here. Just remember that its primary purpose isn't really as a pop-up blocker, but it likely will help with a lot of the stuff you're encountering. It extends the capabilities of the web blocking in Malwarebytes 3 also, so that's another benefit, though it doesn't require Malwarebytes 3 to use it.
  25. Also, in regards to the specific detection you posted, you could instead navigate to Settings>Protection and click Advanced Settings under the Real-Time Protection area beneath where it mentions Exploit Protection and in the Anti-Exploit Settings sub-dialog that opens, select the Java Protection tab (the last one on the right) and uncheck the option Java Malicious Inbound Shell Protection option and then click Apply. The below image shows the setting I'm referring to:
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.