exile360

Not necessarily. The branding for Malwarebytes itself as a company changed, and that's why the old wallpapers were removed. The icons/logos for everything from the website to the forums and all marketing materials was changed, including the icon for the Malwarebytes application, but if v4 continues to use the same icon/logo/branding, which so far it appears it will, then there should be no need to remove the existing wallpapers, and in fact, at least so far, the branding and design in the v4 UI actually match the wallpapers even better than v3 did given the presence of Zero (the robot) etc.

I'm just wondering about the use case here. I hear you guys with regards to wanting the ability to check for updates in the homepage/dashboard of the main UI, but I'm wondering why? Not that it is necessarily a bad idea (it's fairly standard practice throughout the industry so I see nothing wrong with it), but just that the way that Malwarebytes works, it generally becomes unnecessary and/or excessive in most scenarios, at least in my opinion. I say this for two reasons. First, any time any kind of scan is initiated, be it a scheduled/automated scan or a manual scan launched by the user of any kind (including a right-click context menu scan of a file or folder using the Windows Explorer shell extension 'Scan with Malwarebytes' function) Malwarebytes always checks for database/signature updates and downloads them first to ensure that it is using the most up to date definitions for any scan that is run. Second, at least by default, the protection keeps signatures up to date automatically by checking for updates every hour and this interval can be changed in settings to have it check for updates even more frequently if desired (currently allowing for a frequency as often as every 15 minutes). So I guess my question is, what is the use case for having a manual update function and what purpose would it serve in light of the fact that A) a scan is always preceded by a check for updates, and B) by default, updates are checked for and downloaded automatically at least once every hour (and up to 4 times every hour depending on how the user configures it in settings)? Again, I'm not necessarily against the idea, however I am having trouble determining the need for it I guess and I think it might help a lot in understanding the need that you're trying to meet in requesting this feature. That said, they probably will allow for such a function in the final UI, especially if many users request it, but I am certain that it would help inform if and how they implement such a feature if the use case/need for this was explained.

You're welcome, I'm glad to be of service

Yes, CPU-Z shows some extensive detailed info about RAM/memory, including not only the vendor, but also the speeds/JDEC configurations available (very useful for RAM tuning/overclocking) and even displays the actual DRAM/chip manufacturer which is critical for knowing just how 'good' your RAM is and likely it is to be capable of running with tighter timings at higher speeds (Samsung vs Micron for example). Speccy is quite useful for gathering general system hardware info/details and I actually use both CPU-Z and Speccy (as well as other tools like GPU-Z, HWINFO among others) and it's great for what it is, but there are quite a number of details that it does not provide. There are multiple tools out their for various uses and I have a bunch of them because no one utility covers everything.

Some of the notifications in Malwarebytes cannot be disabled. This is particularly true for any critical alerts that indicate possible infection where action on the part of the user may be required in order to deal with the detected threat/issue. I am glad you were able to figure out the root cause of the alerts. Eliminating the remnants of your old AV should correct the problem, but please let us know if it does not and we should be able to help in finding and removing any leftovers.

Why would VS need to become the debugger for any third party software (like ADWCleaner)? My guess is that any Malwarebytes tool that has its default debugger changed will break/not allow it, likely due to the fact that some malware is known to use the debugger entry to block or modify how security applications execute in order to evade detection. I'm no developer so I could be wrong on why this is happening, so I leave it to the actual Developers to address, however my personal thought is that if you can avoid changing the debugger for critical applications, especially security applications, then you should do so if possible. I don't see how not being the debugger for ADWCleaner would harm VS 2017 in any way unless in my ignorance of programming I'm simply not understanding the issue completely (again, I'm no developer so I really have no idea).

I guess not. It seems some of the features in the new version (known as Malwarebytes Browser Guard) are incompatible with Linux and Android OS according to recent reports from users. It is likely that whenever the issue is corrected for one operating system that it will be corrected for all of them since Android is based on Linux.

Greetings, It is very abnormal to see frequent notifications from Exploit Protection. I would strongly advise getting your system checked for any possible malware infections just to make certain that your system has not been compromised. Please read and follow the instructions in this topic and then create a new topic in the malware removal area by clicking here and one of our malware removal specialists will assist you in checking and clearing your system of any threats as soon as one is available. I hope this helps and if there is anything else we might assist you with please let us know. Thanks

I would just add that yes, the forums are separate from the My.Malwarebytes.com subscription/license management system. The forums operate through the forum software provided by IPS and is not connected with any other systems or accounts. This is a result of the separate systems, however it is also beneficial from a security perspective since, if any one system were ever compromised, it would not automatically compromise all the others. It's actually a very good idea to use different strong passwords for every website/account that you have in order to protect yourself against any potential future data breaches or leaks.

Just to add, a license that old would be a lifetime license, meaning it will never expire once activated as long as it can be proven valid. It should be valid for protecting a single device with a single instance of the software for life and can be deactivated on one device and moved to another if, for example, you eventually purchase a new computer and want to move your lifetime license to the new device.

Excellent, I'm glad I could help. Please let us know how it goes and if you have any issues. Any details you can provide would help the Malwarebytes Developers to ensure future compatibility if there actually are any issues. Thanks

Greetings, There actually is a new version of Malwarebytes currently in development, however it is still quite a ways out as it is in the early beta phase of testing and is planned to be a major release with many changes and enhancements, including an entirely new UI, however in the meantime it is quite likely that there will be one or more minor updates to the current version of Malwarebytes 3.x, one of which may certainly address this issue. With that said, having first-hand experience as a former Malwarebytes employee who had the responsibility of sending our builds to Kaspersky with each release for whitelisting, I suspect that either they have changed their policy with regards to Malwarebytes for some reason (long ago they did the same thing they are doing now until we proved to them through validated testing that our products were completely compatible with one another in real-time after which they stopped removing our product or detecting it/listing it as incompatible), or a recent change in Kaspersky's latest release has broken that compatibility. My guess is that they simply haven't tested it fully yet alongside our product and are simply playing it safe since they have no doubt made changes to their protection and scanning components with this new major version release and so they will probably back off of detecting Malwarebytes as incompatible once the Malwarebytes team works with them to validate that the two can work together on the same system without conflicts or at least do so once any existing conflicts have been resolved (assuming there actually are any; again, I doubt it and I believe they are just playing it safe as this has long been their policy to detect all third party security applications as incompatible, including ones that don't even include any real-time protection components just to avoid any potential technical support issues with unsupported software configurations). Anyway, I have already made the Product team aware of this issue, so hopefully we will see a resolution to the situation soon.

Apparently it is an HP x360, at least according to Porthos above based on his analysis of the image of the screen posted by the user which would mean that it is either a 15.6" or 13" laptop, and since I doubt they make a 13" version with a 4K screen, I'm guessing it is most likely a 15.6" laptop which is definitely pretty small, and I can understand why a person would need to crank up the DPI/scaling settings to be able to read text properly on such a small display with so many pixels/such a high resolution.

While the scans definitely should not hang, the Threat scan is generally sufficient since the Research team can change the locations where it looks at any time via database updates, and they are always adding new locations to check whenever they discover new malware using those locations. The primary reason though is simply due to the fact that, even though the Threat scan does not check all locations, it does check all major loading points/startups as well as all active processes and threads running in memory, so if the system is infected with any threat that is actually active, the Threat scan should detect it no matter where it might be running from. With that said, if there is a particular location on a separate partition or drive or an odd folder/location where you regularly store items that may be risky such as your downloads, you can always create a custom scan to check that location to make sure you haven't downloaded anything malicious. You can also use the option in Windows Explorer to right-click on any file or folder and select Scan with Malwarebytes to check any locations and files you like.

You're very welcome If there is anything else we might assist you with please let us know. Thanks

Greetings, I'm sorry that you're having trouble with the software. It definitely should not take that long to get through a scan. Please start by shutting down/restarting your computer, and if prompted by Windows about forcing Malwarebytes to close because it is still active, allow it to do so. Once that is done, try the scan once more to see if it still hangs up (typically the entire default scan should not take more than 30 minutes total, and usually far less, and the memory scan phase in particular should only take a minute or two at the most). If it does still hang up, then please try starting your system in Safe Mode and try running the scan from there to see if that allows it to complete. If it does and any threats are detected, go ahead and allow Malwarebytes to remove them and allow it to restart the system if prompted to do so to complete the removal process. Once that is done, start your system normally and see if the issues are resolved. If the issues still continue then please try a scan with ADWCleaner. Just download and run the file in the link and follow the onscreen instructions to perform a scan with it and allow it to remove anything it detects then allow it to restart your system if it prompts you to do so to finish the cleanup. If you are still having issues with your system after that, then please read and follow the instructions in this topic and then create a new topic in our malware removal area by clicking here and one of our malware removal specialists will assist you in checking and clearing your system of any remaining threats which should also likely correct the issue you are experiencing with Malwarebytes getting stuck during scans as well. Please let us know how it goes and if you have any trouble with these instructions. Thanks

What David says is quite accurate. Additionally, you can learn more about these and other threats on the official Malwarebytes Labs blog. The link I posted will display all search results for the term 'fileless' and includes multiple articles on the subject of fileless malware and related threats/attacks, including information on how Malwarebytes protects their users from such threats.

Well that's unfortunate. I was hoping it might at least be somewhat better. Yes, we'll just have to wait I suppose, though I am hopeful since I know that they have been looking at and are aware of the DPI scaling issues with the UI, especially these days with 4K screens becoming much more common. I am confident that they will be able to come up with a reasonable solution. You would think, given how much empty/blank space there is in the UI (most UIs these days, frankly as that appears to be the style in use most often these days) that accommodating larger text would be easy, but unfortunately the reality is that it's a lot trickier than one might think. Windows and UIs do funny things when the size of fonts/text changes, sometimes giving unpredictable results. But hopefully they can find a way to make it work and scale well across a wide array of DPI settings and screen resolutions.

Greetings, My suspicion is that perhaps the client hadn't checked in with the server for a while and because it stores the notifications to have them queued up, by the time it finally checked in you were seeing the notifications that had stacked up from the previous detections before you dealt with the issue by creating the exclusions. Similar events occur with blocked websites whenever the Web Protection component blocks multiple connection attempts to a blacklisted site or server; it will log and often display multiple 'duplicate' alerts due to the number of connection attempts (this will often occur because of the way most browsers, and I believe even Windows itself, will automatically retry a failed connection attempt to a server/website). I notice in the entry you posted that it shows the clean result as 'DORQUEUED' which I believe means the object was not actually removed, but was queued for DOR (Delete on Reboot), likely because the file/process was active in memory and I don't believe that Malwarebytes will terminate an already running process (and since Ransomware Protection looks at application behavior, it is far more reactive than proactive in that it acts more like a manual scan does with regards to detection and threat quarantine than the other more proactive components that intercept threats pre-execution) which would explain why multiple alerts/notifications were observed since the process continued running and continued exhibiting the behavior for which it was identified as possible ransomware, and as each of those continued detections occurred Malwarebytes continued to log each event/detection and queued up all those alerts to send to the server/console. I'd imagine after running for quite a while in that state that it would amass a rather large backlog of detections/events to send notifications for. I suspect they may end up having to implement a threshold to handle duplicate events/alerts like this where they might have it not display an alert/notification for the same item being detected n# of times within the space of a set timeframe and that could resolve the problem, and perhaps send aggregate alerts/event notifications to the console stating something like "This event has occurred n# times" or similar to sum up the activity/event rather than spamming countless stacked alerts/events to the console/server. That would at least be one way to solve it, though obviously that is up to the Product team and Developers. I will document this for the Product team to make them aware of it and hopefully we will see a resolution in an upcoming release, assuming I am correct in my analysis of what's going on and why it happened.

I'm sure they haven't updated the tray's menu/functions yet as the 4.x beta so far is far from complete, but doesn't the check for updates option in 3.x do the same thing (opening the UI to the main Dashboard tab)? I seem to recall it working that way, and I assume that either they're going to change the tray menu for the final 4.x release or they will change what it does by the time it is released. Still, it's good to document what works and what doesn't of course in case anyone was unaware.

I see, thanks. I also just noticed this from the release notes, so it looks like DPI/scaling isn't something they've addressed in the UI yet, but hopefully they will since they are aware of these kinds of issues with high DPI configurations: I don't know if maximizing version 3.8.3 (the non-beta) would be any better, but either way it looks like we won't have a perfect solution until they address the issue in a future release, hopefully in the final 4.x release whenever it is ready.

Thank you for providing the logs. I will be sure to get them to the Product team for analysis so that they may work with the Developers on addressing this issue if they discover any anomalies/bugs in the code. Thanks again, and if there is anything we might assist you with please don't hesitate to let us know. Thanks

OK, and what happens if you maximize the Malwarebytes UI, does that help at all to fit things into the available space? I ask because with many apps, even if there isn't space on screen to show everything, once it is maximized it forces everything to fit in the available space so that you can at least see all of the controls and buttons (though not all of the text may fit on screen still in the available space).

By the way, Malwarebytes currently has a new beta version in testing that you might want to try out to see if it handles scaling better on high resolution/high DPI displays with large text. I'm hoping this is one of the issues that they will resolve in this release given the fact that higher resolution displays are becoming much more common these days. If you want to give the beta a try you will find instructions and a download link in this topic. If you do decide to test it, please let us know how it goes and if it works any better with your higher DPI settings.

Yes, that's correct, it is the scaling setting. I would suggest bringing it up to a readable level where it is as small as you can stand it without straining your vision and then see how Malwarebytes looks and hopefully you can find a happy medium where text is still big enough, but the Malwarebytes UI doesn't grow to enormous proportions.