Jump to content

exile360

Experts
  • Content Count

    25,008
  • Joined

  • Last visited

Everything posted by exile360

  1. Thanks, that's definitely a problem. The WMI service is a critical component of Windows, not just for Malwarebytes, but for the operating system in general as well as countless other applications and components. Let's try to fix it. Please follow the instructions on this page to run System File Checker. Hopefully that will fix the problem. Please let me know how it goes. Thanks
  2. No problem, let's give this a try. I've seen similar issues and it turned out to be a problem with WMI, which your mention of the Samsung WMI service issue reminded me of: Click Start -> Run Type services.msc and click Ok Scroll down and find Windows Management Instrumentation Right click Windows Management Instrumentation and choose Start If you get an error here, please take a screenshot and post the error here. If you don't get an error, continue on the with the next steps Right click it again, and choose properties In the middle of the screen, change Startup Type: to Automatic and click Ok Reboot See if Malwarebytes starts properly If that failed, try the same from Safe Mode via one of the methods listed on this page Once more reboot and reinstalling and launching Malwarebytes again If that fails, please run the WMI Diagnosis Utility from Microsoft. It may help in troubleshooting and fixing the issue if the above steps failed.
  3. OK, so my suspicions regarding permissions weren't too far off. Thanks for the info As for this most recent development, unless I am mistaken I believe this one is usually caused by the presence of the KB4074852 Windows Update. Please check to see if it is still installed or got installed again, and if so, please remove it then try running Malwarebytes again to see if it works. If you wish, you may try the semi-automated fix for this issue that I posted here. It's a batch file that checks for the presence of that update and removes it if found. Performing the last steps in that post of running Malwarebytes Anti-Rootkit might also be a good idea just to verify that it is able to run without issues and ensure there are no threats on the system.
  4. You're very welcome, we're glad to help That said, since you're still having some issues, such as those with your browsers and you've confirmed that the system did have some infections, I'd strongly recommend going ahead and seeking one-on-one expert assistance from one of our malware removal specialists by following the instructions posted here to the best of your ability and then creating a new topic in that area by clicking here, posting the information and logs from the previous link (I'd also recommend sharing your recent scan log from Malwarebytes showing all of the items you quarantined to give them a better idea of the threats that had afflicted your system). It doesn't cost anything and provides additional peace of mind knowing that your system was checked by an expert who knows how to verify that a system is clean and free of threats. As for your operating system, I totally understand. I'm still running Windows 7 and have no plans to upgrade any time soon. Just keep it patched as best you can (including browser plugins like Flash if you use any, as well as your web browsers themselves and other third party software, especially any that interfaces with the web such as instant messaging clients, email software, media players, office applications and of course your security products such as Malwarebytes as well as Avast! to have the best protection possible and reduce the risk of infection). Once your system is cleaned up, you may ask the helper assisting you there about advice on keeping your software up to date and I'm certain they'll be more than happy to advise you. Good luck and stay safe out there
  5. Greetings and welcome, Yes, it definitely appears that your installation of Malwarebytes is currently in a broken state with several files and components missing. Please download the latest version of Malwarebytes 3 from here, making certain that you either enable User Account Control, or at least right-click on the installer file and choose Run as administrator then proceed to follow the onscreen instructions to complete the installation. If that failed, then please follow the instructions in this knowledgebase article to perform a clean installation of Malwarebytes, making certain that you either enable User Account Control, or at least right-click on the file and choose Run as administrator so that it has the permissions necessary to perform its tasks. If neither of the above options works, you might consider installing the latest beta version of Malwarebytes 3 from here to see if it resolves the issues. Please let me know if any of these options works and we will continue from there if none of them resolves the issue. Thanks
  6. Nope, just that one module, not all of Malwarebytes realtime protection. What it lacked was compensated for by the other components (at least that's what our testing showed as well as feedback from customers). As for Malwarebytes and their lack of participation, I really couldn't tell you because I am not in charge of the Product team therefore I do not get to decide whether Malwarebytes participates in such tests (otherwise I would have done so myself long ago and published the results, regardless of how well or poorly Malwarebytes might have done because I believe in transparency). I would again like to reiterate that I am not trying to make excuses here, nor am I trying to deflect from the fact that Malwarebytes isn't participating in these tests. I believe they should regardless of how meaningful or meaningless they might be, and regardless of how accurately or inaccurately they reflect real-world environments and scenarios if only because it's a question that I really am tired of answering. I will leave you with one final note. While I am no threat research engineer or expert when it comes to malware, I do have a good basic understanding of how attacks work and how the behavior of users is exploited by the bad guys in order to infect their systems, and it is based on these things that Malwarebytes has designed much of their current protection technology because there is no silver bullet when it comes to security and you must understand how systems get infected in order to adequately protect them from online threats. So here is a basic layout of a common infection scenario and how the various layers of protection in Malwarebytes 3 work to thwart such attacks every step of the way, and why I believe the vast majority of these tests are lacking: User visits website which contains malicious advertisement containing browser exploit of some kind (this could be a Flash Player exploit, targeted web browser exploit focused on Chrome, IE, Firefox, Safari or any other browser or all of the above as some exploit kits are) - This is where the Web Protection in Malwarebytes comes into play. If the ad is hosted on a known malicious ad server or connects to a known malware host to download its malicious script or payload, Malwarebytes will block the connection thus thwarting the attack long before any binary files have reached the system Malicious ad checks browser/system info via most common means such as user agent string etc. in order to determine if system is a viable target (if it isn't, the exploit won't even try to execute; some security software actually leverage this as a means of protection by "stealthing" the user's system and/or browser by making it appear incompatible with the most common exploit kits) Assuming target is viable, exploit attempts to launch in order to download and execute a malicious script, usually a .JS or PowerShell script - This is where the Anti-Exploit layer comes into play; the detection rate of exploits is extremely high in Malwarebytes 3 and the closest thing I've seen to a 100% effective solution against a major aspect of the current threat landscape (and not coincidentally, this is one of the most commonly skipped phases of the attack chain by the vast majority of so-called "real world" tests because replicatiing a real system and consistently finding the same exploit is no simple task as they are taken down and change frequently deliberately to attempt to avoid threat researchers and the like who would seek to grab their malicious wares and improve their efficacy against them, not to mention the fact that ad services such as Google and the like frequently take down malicious ads as they find them and the ads shown on most sites are not static so the ad you see during one visit to a page may not be the same as it is the next time you visit the page, even if only within minutes or even seconds) Once the exploit successfully launches, it generally downloads other malware such as ransomware, Trojans etc. - This is where Web Protection comes into play yet again, as we try to block the host servers of known malware as well as known malicious Commant & Control servers If the download was able to bypass those layers, the next step is execution of the malicious binary into memory Here is where the more old school Malware Protection component comes into play, attempting to detect any malicious binary that attempts to enter memory once downloaded (assuming it was a binary file and not another script/exploit of some kind; if it was, then we return to one or more of the above layers/steps) Assuming none of the previous layers has thwarted the attack, if the threat in question is ransomware, the ransomer begins its work attempting to encrypt files and do things like deleting backups/shadow copies of the files and disabling tools such as System Restore and the like - This is where Anti-Ransomware takes over, monitoring in realtime the behavior of the threat, including looking for common malicious behavior as well as seeing if the threat triggers any of the "traps" Malwarebytes plants on the system when it is installed and Ransomware Protection is activated. Now, finally, if the malware has made it past all of these layers, you have at least a couple more defensive layers to rely on - First of course, is the Threat scan/remediation which utilizes several advanced heuristics techniques such as Linking in addition to the more traditional malware threat signatures and this is also where the Anti-Rootkit component (if active) comes into play to detect and remove any rootkits which might have been part of the attack Oh, and there's one final layer I neglected to mention above: whenever a file is checked by Malware Protection or the scan engine, it is also analyzed (by default, at least) by the new signature-less Anomaly Detection engine which includes advanced heuristics algorithms as well as cloud analysis to enhance Malwarebytes' ability to positively identify new and unknown threats and suspicious files. This feature was only recently (within the past ~5 months) activated and since going live, has been incrementally improving itself through data collection and machine learning as well as occasional tweaking by the Dev and Research team to sharpen its capabilities even further. That's obviously not every possible scenario, but definitely one of the most common and one I would love to see accurately replicated in a laboratory setting for the purpose of testing Malwarebytes and other security products because as I said before, Malwarebytes is not the only vendor beginning to use the more advanced layered techniques and technologies and as long as these phases of the attack chain are being neglected in testing, the true value of these products (again, not just Malwarebytes) aren't adequately being assessed in my opinion.
  7. Greetings and welcome, I'm sorry for the issue you're experiencing. I will do my best to assist you in getting the problem corrected. First, please run MB-Clean one last time, however when prompted to reinstall the latest version after reboot, decline so that it does not attempt to install. Then, once this is done, please download the latest beta version of Malwarebytes 3 from here and install it. If you would prefer not to try the beta, let me know and I'll work with you to continue to attempt to get the current release version to work correctly (I am having you try the beta as I believe it is more likely to resolve the issue without any additional steps due to the bugfixes it contains). Please let me know how it goes, if there are any problems, and if the original issue you were having persists. Thanks
  8. I would like to know what they consider "real world" though. Are they just downloading/executing live ransomware samples, or are they visiting infected sites where the user would naturally encounter the exploit that attempts to drop and execute the ransomware thus truly replicating the entire attack chain? As far as the actual numbers go, I don't believe 93%, 95.1%, 99.2%, and 0 false positives is abysmal, plus this was quite early in the development of the anti-ransomware component. They were still heavily tweaking the detection to ensure there were no FPs which at fist meant it missed more actual ransomware than it should have (this has since been corrected, but the anti-exploit component still remains the strongest of the bunch when it comes to signature-less behavior based protection). Again, no excuses, the anti-ransomware component in Malwarebytes just wasn't that good back then. It's a fact and I won't deny it. It was a work in progress at the time and while obviously lacking, did still add further protection to Malwarebytes 3 and has gotten stronger over time as the Devs have tuned it up. I still want to know about their methodology though. I understand if they just want to flat out test raw detection of ransomware files and ransomware behavior, and there's nothing wrong with that at all. If that's what the test was (and I believe this to be the case, though I do not know for certain due to lack of explanation in the document), then these are the kinds of results I'd expect from Malwarebytes 3 in early 2017 because that module had just come out of beta and was still very young and remained a work in progress.
  9. Greetings and welcome, I'm sorry to hear that you're having problems with Malwarebytes. If you would, please try the latest beta version of Malwarebytes found here. Additionally, while it is unrelated to the issue with Malwarebytes, I do see that you have some outdated versions of Flash Player installed. I'd strongly recommend updating them as Flash is a frequently targeted means of infecting systems via exploits through the vulnerabilities contained within older versions. If you wish to follow my recommendation and update Flash Player, please do the following: First, download each of the following files but do not run any of them yet: Flash Player Uninstaller Flash Player Plugin (All other browsers) Flash Player ActiveX (Internet Explorer) Flash Player (Chromium based browsers) Now, close ALL browser windows and web browser processes and run uninstall_flash_player.exe Follow the onscreen instructions to uninstall Flash Player Run install_flash_player.exe and follow the onscreen instructions to install it Run install_flash_player_ax.exe and follow the onscreen instructions to install it Run install_flash_player_ppapi.exe and follow the onscreen instructions to install it You may then delete the Flash Player Uninstaller along with the 3 Flash Player installer files if you wish. You also have an old version of Java installed, as with Flash, it is frequently exploited by malware, however unlike Flash, it is seldom used (though if you do need it, you may install the latest version at any time; just let me know if you require it and I'll provide you with the download link and instructions). To remove the outdated Java version, download and run the Java Uninstall Tool. Follow the onscreen instructions to complete the uninstallation of Java. Please let me know if the beta corrected the issues you were having with the scan shutting down your PC. Thanks
  10. Excellent, thanks for testing and reporting your findings
  11. I might also suggest trying to disable each protection component one at a time to attempt to determine if any particular module is the cause. So, for example: Disable Web Protection, ping the server If still slow, re-enable Web Protection Disable Exploit Protection, ping the server If still slow, re-enable Exploit Protection etc. Once testing is complete make a note of whether any one module being disabled corrected the behavior, and if so, please include that information in your report to Customer Success. If you wish to take this a step further, you might also confirm that each component's driver is no longer running once it has been disabled (of greatest significance is MBAMWebProtection (mwac.sys). Also, I'd suggest investigating whether or not any other software in use relies on WFP (the Windows Filtering Platform; the same technology used by the Windows Firewall in all Windows versions newer than XP since WFP is what Malwarebytes uses for Web Protection) as they may be likely culprits as this could be an issue of a software performance conflict somewhere. Finally, one more recommendation I'd make: advise Customer Success to work with the Developers to determine if whitelisting an IP address may be insufficient in resolving such a performance issue due to the potential impact of a large block list being loaded into WFP/the network stack because theoretically any server lookup may take longer if it must account for checking a large list of blocked sites or if the large list of sites loaded into the filter simply causes some level of network lag incidentally (this can be tested by requesting that QA/Customer Success load a very small test database of addresses to test with, both with and without the server being pinged/connected to being included in the whitelist/exclusions in Malwarebytes). I mention this because I myself have used a large HOSTS file for a very long time and have noticed that unless certain additional measures are taken, it may have a somewhat noticeable impact on network performance, particularly when performing DNS lookups/connections (overall network bandwidth/throughput seems largely unaffected).
  12. Yes, it is stated as being the most comprehensive due to the fact that it looks at all loading points (startups), running processes, loaded modules in memory as well as all primary and secondary system and program folders as well as temp locations, system and user data folders, all user desktop locations, download folders and the root of the drive to check for threats. It also performs an extensive check of additional locations in the registry beyond standard loading points such as the RUN keys, services keys and scheduled tasks. It also looks at browser plugins (including for Firefox and Chrome, not just Internet Explorer), the uninstall keys in the registry, CLSIDs where malware might have registered any number of active components and tons of others. Basically what I'm saying here is, if the malware is actually active on the system, it's virtually impossible for it to escape Malwarebytes' Threat scan because for any software to actually function and remain persistent, it must rely on at least one of these locations/loading points, otherwise it is just a dormant file that cannot start on boot when the operating system starts. Now, with all of that said, I still would recommend activating rootkit scanning if your system shows signs of infection (which in your case it obviously does since that threat behaved as it did) because that is one area not checked by default unless that option is activated. My personal preference is to turn it on and leave it on, however due to its nature given that it is such a low level scan, it can not only impact scan time/performance, but also might conflict with other security software if you have any installed besides Malwarebytes since it does use a low level driver and do things that are more invasive in checking the system (this is the nature of rootkit scanning; it requires low-level kernel mode as well as user mode access to check the raw data of files on the drive, search for hidden/obfuscated registry data as well as check the boot files and partitions (the MBR/VBR etc.). Additionally, Malwarebytes includes advanced heuristics detection capabilities called "Linking" which you can think of as sort of a "smart scan engine" which, once a single trace of an infection has been detected such as a file, process in memory or registry entry, can follow that detected trace to identify other components of the infection. For example, if a malicious DLL is found loaded into a system process in memory (a common malware tactic), Malwarebytes will look for references to that file in common startup locations and the areas where a DLL would be registered on the system. Once any such entries have been identified, Malwarebytes will then check to see if they point to any additional files and/or registry entries and locate further threat components based on that. This detection chain continues until it has identified as much of the malware installation as possible which not only means greater likelihood that the threats will be detected, but also a higher probability that every trace of the infection will be removed thus making a successful disinfection of the system far more likely.
  13. It's not lawyer talk, it's reality. Obviously Malwarebytes should have detected the threat, of course, I give you that, but it isn't lawyer talk to state a fact just as it isn't absolute proof of superiority to quote a single instance where one product detected a single threat missed by another as the reverse is just as common (again, I refer to the heatmap which proves this very fact and is again only based on Malwarebytes' on-demand scan engine, not any of those signature-less protection capabilities I spoke of). Also, with regards to what digmorcrusher stated above regarding the statistics, this is absolutely correct. The larger the user base for a given AV, the higher the probability that it will show more threats missed just based on the amount of raw data gathered. I simply posted it to illustrate my point that I have a live resource based on raw, real-world data that illustrates constantly that Malwarebytes proves itself capable of detecting threats that all of these other AVs miss, and again, it doesn't include PUPs (which Malwarebytes is notoriously aggressive against), nor does it include any threats/attacks prevented by any of the realtime protection components in Malwarebytes. I look forward to the info from MRG because it's something I too want clarified once and for all, regardless of what the answer is and again, I wholeheartedly agree that I want to see Malwarebytes 3 Premium tested against these other products because it's something I've been wanting for a long time, ever since they first began marketing it as a possible AV replacement product. Also please do bear in mind that no matter what we say about X vs Y, we don't expect customers to just take our word for it that Malwarebytes is all they need because even though we do believe this, Malwarebytes has always been and still is designed to run safely in realtime alongside other security products, including AVs as well as other anti-malware applications so if a user isn't confident that Malwarebytes alone is sufficient protection, they are free to run other products with it, be it one of the many reputable free AVs out there or a paid solution.
  14. Did you have self-protection active? I ask because self-protection is designed to defend against such attacks (though of course it isn't flawless and the bad guys may have very well found a way to thwart it). Based on your description, it sounds like the threat may have been a rootkit also, so it's probably a good idea to enable rootkit scanning (off by default due to the somewhat high impact it has on scan times). This setting can be found under Settings>Protection>Scan Options.
  15. You mentioned 300K files, if that's the case then I'm guessing you're performing a Threat scan, is that correct? If so, then that also explains it because the Threat scan was developed by our Research team to look specifically in all active locations and places on the system where threats are known to hide and install themselves as well as certain common download/storage locations where a user is most likely to save a potentially malicious file or installer. While this may seem limited, the Research team can also modify these locations to add any new ones they find being used by the bad guys through an update of the database so it doesn't require any code updates or new program version releases to modify these locations. The most comparable scan type in Malwarebytes to a full scan by your antivirus would be the Custom scan and configuring it to scan your entire drive in addition to memory, the registry etc. Also bear in mind that if a threat is running in memory, it will still be detected even if the location the actual file is located in is a folder not scanned by the file system portion of the Malwarebytes scan, so any active threats should still be detected.
  16. Hey, you're preaching to the choir here. I'd love to see Malwarebytes tested just as I said. And as for my opinion of testing methods etc. goes, I already mentioned that I don't believe it's accurately portraying the abilities of other products either (including many that do well on the tests, not just the ones that 'refuse' to be tested). As for real-world data, I do know that Malwarebytes currently has millions of paid users, the vast majority of which either use no other protection (i.e. no AV at all, just Malwarebytes) or they only use Windows Defender (which you and I agreed isn't necessarily the most stellar AV available), yet reports of infected users who have Malwarebytes 3 Premium are very few. By the way, I forgot to address something you mentioned earlier. You spoke of an infected system that you ran several scans on from several products and Malwarebytes was among those that missed it. This is precisely the kind of thing we're talking about. You're judging the efficacy of a product based on the results of an on-demand scan after the fact which didn't include giving the advanced, signature-less capabilities in Malwarebytes the chance to stop the attack before it got to the stage of the system being infected. It is a fact that the vast majority of threats these days rely on exploits to infect systems and that the exploit phase is one of, if not the first in virtually all of these attacks and the exploit protection in Malwarebytes 3 is by far one of its most forward-looking, effective features when it comes to threat prevention. The day they begin doing tests which replicate real attacks from the beginning (not just downloading the malicious .JS file directly from the server and executing it from the desktop then expecting the products to either detect the raw .JS file or its binary payload that it downloads, or the PowerShell script they download/execute the same way) is the day I will stand up and take notice. Setting up a proper test-bed isn't an easy thing, I'll grant you that, but in order to properly test all of these products, not just Malwarebytes, that's what they really need to be doing, otherwise I believe they're doing a great disservice to the users reading their reports. Heck, one of the product you mentioned, HitmanPro, would likely do quite well in such a test (at least if we're talking about HitmanPro.Alert) as it also includes a rather extensive anti-exploit layer that I'm sure would prove quite effective as well. I'm just tired of all these tests which are largely based on archaic flat file detection capabilities because getting a 100% pass is too easy with a whitelist database engine or anti-executable engine layer, but to really stand up against real world attacks (including file-less malware and the like) more than that is needed, and that's where these more advanced signature-less behavior based technologies shine; again, not just in Malwarebytes, but in most of the products they're testing. There's a reason so many vendors have begun adding such additional protective layers over the past few years: it's necessary and it works and they know that a standard signature based approach (which is mostly what's being tested) isn't enough to keep their users safe any more.
  17. Greetings This is most likely due to the technologies in the Malwarebytes engine which utilize several methods of optimization to decrease scan times. Additionally, while the realtime protection components do guard against script based exploits, infected documents and multimedia files, the file scanning engine in Malwarebytes which uses more standard threat signatures, file pattern heuristics algorithms and infection installation pattern recognition does not scan non-executables. This is because in order to identify such non-executable based threats effectively and accurately, Malwarebytes needs to see the malicious behavior when those kinds of threats attempt to run and try to infect the system. Additionally, specifically with regards to raw performance, Malwarebytes is also multithreaded and optimized to use multi-core and multi-threaded CPUs such as the vast majority of chips from both Intel and AMD produced over the past several years. I hope that helps explain things and if there's anything else we might assist you with please don't hesitate to ask. Thanks
  18. Come on, really? Just ask MRG to clarify it. Ask them point blank if they are testing the Premium version of Malwarebytes or the free version. The grey area in the wording isn't mine, it's theirs. They refer to it as an on-demand product. I don't know what that means to you, but to me it means that it is only checking for threats on an on-demand basis, meaning when the user scans with it manually. If I am wrong, that's fine, but I haven't seen any references to any component of Malwarebytes which is included in the paid version. I have seen where they talk about things like web filters, exploit guards and other realtime protection components in their tests in reference to some of the other products they've tested, but not once have I ever seen them make such a reference in regards to Malwarebytes on any of their tests and that's because I do not believe they've ever purchased a license for testing and have only ever tested it as a second opinion, on-demand scanner running in free mode without any active protection layers. I agreed with you that I'd like to see the testing also; I'm not making excuses or saying that they shouldn't participate in the tests as I would love to see it myself regardless of the methodology used because I truly believe Malwarebytes 3 Premium would do extremely well given its current lineup of layers.
  19. They actually call out the fact that it's an on-demand scan by placing it in a separate chart from the other active products and refer to it as such. They didn't activate a paid license which is also why they always only ever refer to it as "Malwarebytes" or "Malwarebytes Anti-Malware" and never ever refer to it as "Malwarebytes Premium" or "Malwarebytes Anti-Malware Pro". That's also the reason Malwarebytes does so poorly so consistently on the tests where they do use any testing against actual exploits and ransomware because those components aren't active in the free version. I do wish they'd test using the free trial of Premium, but to my knowledge they haven't done a test that included Malwarebytes since the developers removed the option to opt-out of the trial during installation (though they could disable protection or deactivate the trial post-install, but hopefully they wouldn't do that).
  20. Sure, you're right, but a big part of the reason is due to the fact that many of the files being scanned in those tests aren't binaries and therefore aren't even scanned by the signature based malware detection engine used in the scanner (the anti-exploit realtime protection component would target such threats, but as I said, they only test the free version to my knowledge). Still though, you're absolutely correct, testing should be done and as I said, I too would like to see it for myself. I've been pushing for it ever since they began marketing Malwarebytes 3 as an AV replacement and I still believe it's an important thing to illustrate their effectiveness by an outside, independent testing lab.
  21. Excellent, I'm glad we got it working for you and thanks for the kind words, they are appreciated If you ever have need of our assistance again please don't hesitate to let us know and we'll do our best to help you out. And of course, thank you for choosing Malwarebytes to keep your systems (and suspect hard drives) safe. Just don't forget that if that drive has an active Windows installation on it, that you should also run a Threat scan on it once the drive is booted into its own Windows installation again because a lot of the heuristics in Malwarebytes depend on it so if it is infected, you'll be likely catch more threats when the system is live (and I'd also advise activating rootkit scanning if you haven't already once that Windows installation is active; you'll find that setting under Protection>Scan Options).
  22. Hehe, agreed. Also please bear in mind that while I'm obviously with Malwarebytes on the issue of comparative testing and its relevance, I'd still really like to see them participate in these tests with their Premium version, especially since the most recent builds of Malwarebytes 3 now include something that, to my knowledge, hasn't been in any of the builds tested to date which is a new heuristics malware detection engine custom built late last year and only recently turned on in the product (the new "signature-less anomaly detection" component listed under Scan Options (it also applies to realtime protection even though it's listed under Scan Options) as I believe it will have quite an impact on such tests (plus, if they're using the Premium version I believe the Anti-Exploit component in Malwarebytes would really kill it if they perform accurate real-world tests that begin the infection routine from the earliest point in the attack chain which is where exploits usually come in being one of the first steps in the vast majority of malware attacks these days, regardless of the eventual payload be it a rootkit, ransomware, Trojan or pretty much anything else).
  23. I suspect that if it had a greater impact on sales than it currently seems to, they would, not that money is their primary motivator, but they do want to provide their products in a way that both appeals to as well as meets the needs and expectations of their customers/potential buyers, so if the majority of users were relying on these kinds of comparative tests to make their final buying decisions as I believe they did at one time (though that was some years ago), then I'm confident it would be a higher priority for them than it currently seems to be. That said, yeah, you're right, it isn't easy to test Malwarebytes (or many of the current AV/AM products) accurately. Malwarebytes isn't the only product not being adequately measured for performance as a great many vendors these days use some quite similar protection technologies to some of what Malwarebytes currently offers and I don't believe any of them are being adequately tested. I believe the entire testing industry needs to evolve far more than they have in the past several years now that it has become far more common for security products to utilize a layered approach to protection and have begun to rely far less on raw file detection and malicious file binary hash identification techniques (techniques which are virtually useless against any modern threat as the vast majority are now polymorphic, often changing from one download to the next). edit: By the way, I went ahead and visited the Malwarebytes heatmap I linked to in my previous post when writing up my last reply and from then to now, here's what it shows so far (remember, this data is live so it only started counting from the moment I clicked the link to visit the page myself and doesn't include any older data from any previous days/times): Also note that I only included AVs which had missed 10 or more threats in the time I had the page open.
  24. Actually, I just checked your log and it shows this: MISSING FILE!: MBSHLEXT.DLL So it looks like the file isn't even installed. Please try reinstalling Malwarebytes 3. You don't need to uninstall the existing version first, just go ahead and install the latest on top of it then reboot if prompted and see if it works. You can find the latest release version here or you may try the latest beta instead which can be found here.
  25. Yes, it certainly sounds like it, either that or something is blocking it from registering correctly such as an issue with the permissions on that registry key or something along those lines. There should be an installation log called Setup Log YYYY-MM-DD.txt under %localappdata%\Temp which will show what occurred during install. You might check it out or post it here if you wish to see if it reveals anything relevant. If you see any error code 5 type errors, that means Access Denied which is what would likely show up if there were a permissions problem.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.