Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by exile360

  1. I would also suggesting trying to run Malwarebytes Anti-Rootkit to see if it finds any threats, and have it remove them if it does, rebooting if prompted to do so in order to complete the removal process. If the issue still persists then it would probably be a good idea to go ahead and jump over to the malware removal area and create a new topic there so that one of our malware removal specialists can take a look at what's going on with your system as it may be some undetected/persistent infection causing these issues. To do so, please read and follow the instructions found in this topic and then create a new topic in the malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you as soon as one becomes available.
  2. Yes, you are 100% correct, and no, Malwarebytes isn't collecting anywhere near that level of data/info, nor would they desire to (it would be creepy and ethically wrong in their eyes; I know as a former high level employee within the organization who helped shape the product and many of their other offerings for many years). Yep, sorry we got a bit off track. I was just trying to make it clear that regardless of the URL it may be connecting to, that it is not violating any of the policies/practices/standards or laws that Malwarebytes is subject to and have created for themselves, including what's in that policy as well as GDPR and the California codes/laws regarding privacy and data collection, which are pretty much the two strictest regions on Earth when it comes to protecting consumer and individual privacy.
  3. Malwarebytes published a new beta build today with several bug fixes, so it may be worth a try if you'd like to see if it corrects the problem. To do so, enable beta updates under Settings>Application and then click the Install Application Updates button near the top of the same tab under Settings and allow it to download and install the new build, then reboot once it's done so that the new modules are loaded into memory and test to see if things have improved with all protection enabled when using Chrome. You obviously don't have to do this if you're content to stick with Firefox, but if you would like to test it, the beta is available so I just thought I'd let you know. If you do decide to test it, please let me know if it fixed the issue or not as I'd like to know for the sake of other users suffering from the same issue.
  4. No problem at all. I'm betting this is a permissions issue. The simplest fix would likely be to create a new Administrative user account and then log in there and try running the Support Tool to see if it works. If it does, then the most likely cause is a permissions issue with your original user account and you can try the fix below to see if it corrects it, or you can just migrate all of your files/data over to the new account and then delete the old one when you're ready or just keep it around in case you need it for something and use the new one from now on. If you need help on creating a new user account let me know. By the way, I tried downloading the ZIP file you attached and it keeps telling me that it is corrupt/invalid and cannot be opened. It's a file called "CryptoPrevent_Updates.zip" which isn't the ZIP file created by the Support Tool, so please be sure to upload the correct file (though if creating the new user account works then you really don't need to upload it unless you just want me to double check for any additional issues). If you wish to attempt to fix your current user account you can try the following to see if it fixes it (run this from your original user account where the problem occurred): Tweaking.com Windows Repair All-in-One Download Tweaking.com Windows Repair from here and install it or if you would prefer, you may instead download and extract the portable version from here Once installed or extracted, launch Repair_Windows.exe Click on the Repairs - Main tab Click on the Open Repairs button Once it displays the list of repairs, click the checkbox next to All Repairs so that everything listed is UNCHECKED Now, click the checkbox next to Reset Registry Permissions and Reset File Permissions so that they are checked Click on the Start Repairs button at the bottom Once it completes, allow it to restart your system Once that's done, install Malwarebytes once more over the top of your existing installation and see if it is able to install and function correctly now. You can test the Malwarebytes Support Tool as well to verify that it works also if you'd like just to make sure it's fixed.
  5. It's not a hot potato at all, if it were then they would literally be in hot water with the California legal system as well as GDPR, both of whose policies they are in full compliance with. OK, let me give you a theory. Let us suppose you are correct, and the connection referenced as "www.malwarebytes.com" is in fact to "telemetry.malwarebytes.com", then let us suppose that his initial statement in the documentation was accurate, that it is a checkin to verify connectivity. If that's true, would it not make sense, from a telemetry and connectivity verification perspective, to have every machine checkin with the telemetry server to count the total number of systems where Malwarebytes is installed? As long as no PII or usage stats are sent (since, as you mentioned, you have that option disabled), it would not be a violation of that policy to assign a unique, anonymous identifier to each installation/machine and have it checkin with the telemetry server every time it goes online/starts up to both count the total number of Malwarebytes users/installations as well as verify connectivity so this would make a lot of sense, wouldn't it? Give it some thought. This is just my hypothesis, but I bet I'm not far off from the truth. I guess we'll just have to wait and see when dcollins returns, but I suspect we might hear a familiar sounding explanation when he does.
  6. You can if you wish, as the crash on shutdown (as well as several other bugs/issues) is supposed to be fixed in the beta. I already installed it and everything seems great so far; it even scans faster for me by several seconds than the previous build did, so I'm quite pleased with it .
  7. I think it does actually connect to www.malwarebytes.com to verify connectivity (I believe this is the initial check that occurs when it starts up and tries to check in with the update/licensing servers) and I'm guessing that's what he was referring to. As for updating it, it takes much longer than 1 minute because every change he submits must go through a review and approval process to make certain it is accurate and acceptable; he's not the one in charge with the final say with regards to public facing official documentation, he's just the one writing it up, just like Developers have to have their code reviewed by their managers prior to submission into the final release build of the product. I believe he also said he was going on vacation so it could be a while before the update happens, but we will remind him upon his return (I will if you don't) and I'm certain he'll take care of it.
  8. Ok, thanks. Yes, it probably is then. You can test by shutting down your system and making a note of the time, then waiting a few minutes and then starting your system up again. After starting it again, check the logs to see if a new error was created around the time that you shut down the system. If so, then it is indeed the issue I mentioned which occurs during system shutdown.
  9. Correct, most software telemetry is quite harmless and is generally used for a valid (and quite anonymous) purpose to actually make their products better and to learn about the wants and needs of their users/customers. However, the issue that some (including myself) take with what is called "Big Data" (i.e. mass-telemetry collected from multiple sources like that collected by the likes of Microsoft, Google and others from various services and software offerings) is that once it is collected and connected to a single source, which is rather trivial to do, it can then be used to determine much more about a person than that person might realize, including identify exactly who they are, where they live and more, even if no PII (Personally Identifiable Information) is collected, just through the aggregate and cross-referencing of various data collected, especially when things like social media and public postings/comments are included. They can also use this data to determine much more than what the data itself reveals by using machine learning and data pattern analysis to make mathematical leaps of logic based on what they have collected from you and other users with similar use patterns, which can reveal things about a person that they never actually exposed directly online. With the rate at which AI and similar technologies are being invested in and developed, it will not be long before this kind of mass data collection rivals straight up full blown government surveillance with regards to the potential risks it may pose to our privacy, exposing everything from our political leanings and beliefs, to our identities, genders, sexual orientations, tastes in everything you could imagine as well as purchasing habits and even make predictions within a high percentage of accuracy about our potential future actions, decisions and of course purchases (one of the things companies are most interested in, which is why they always want your info when you check out at many stores these days). With that said, I know Malwarebytes, and I know that they are NOT interested in collecting that level of data about their users at all, and if that ever changed, I would no longer be here myself, period, and they know it. I trust them because I know there are many like-minded individuals high-up in this company who feel very much the way I do about things like privacy, integrity and fair play, and that is why I've stuck around as long as I have. However, I don't expect anyone to take my word for it, and if they do not trust this company, then there is likely nothing I could say to sway them and that's fine, everyone is entitled to their opinions and must do what they feel is right in protecting their own privacy.
  10. telemetry.malwarebytes.com:443 is NOT the same sub-domain as www.malwarebytes.com:443 and given the name of it, I would think its purpose would be pretty clear: it is for telemetry data. The member of Support who wrote it already addressed this when you first brought it up and already said he would revise it to include it. Frankly, virtually all of your posts since you first showed up have been negative in some way towards Malwarebytes, yet here you remain, constantly posting more of your arguments and statements about how "inadequate" and "untrustworthy" Malwarebytes is, so I have to wonder why you continue using the product and keep spending so much time and energy here on the official Malwarebytes Support forums if you have such a problem with this product and this organization. I get that you do sometimes have valid questions and criticisms, and I don't want anyone to think that I or anyone else would discourage that kind of feedback, however anyone who views your posting history can clearly see that there is obviously some other agenda/motive behind the vast majority of your postings here given their nature and tone and how you constantly harp on the same exact thing no matter how many times it is answered by how many authoritative sources. If you wish to continue using Malwarebytes, then great, please do so, however if you really don't trust them, then don't use their product. I can't understand anyone being willing to spend so much time and energy on any product/company that they clearly take so many issues with. If I were you I'd just move on already and find a product/security company that I did trust and find to be adequate according to my own standards rather than wasting so much time and energy harping on every perceived flaw that you can find about this one on their Support forums. Obviously this is just my opinion, and you're going to do what you like, however I cannot understand at all why you continue to use Malwarebytes and remain here so much given how much you clearly dislike Malwarebytes. It just makes absolutely no sense to me unless there is some other motivation that we are not aware of behind it all, however if there is some other motive, only you know what it is as I do not believe you've ever shared it on the forums if there is one, but I am curious for sure after so long and so many negative posts.
  11. This is a public forum, and while members of the Malwarebytes staff to post here frequently, it is primarily handled by volunteers such as myself. If you seek a direct statement from a Malwarebytes staff member then I would suggest contacting Malwarebytes Support directly via the options found on this page. As I mentioned previously, I did already submit these requests to the team for review so they are aware of them, however I do not know if or when they plan to roll out any features for these specific requests but someone from Support may be able to get you a clearer answer from an official source.
  12. You should also find the information on Malwarebytes Labs to be most informative. It contains tons of information as well as links to additional information and articles all about tech support scams and how the work.
  13. Greetings, Did this occur while shutting down or restarting your system(s)? If so, then this is a known issue and should be corrected in the next release.
  14. Greetings, Yes, that is correct. This occurs because one or more of the objects that System Restore is attempting to replace is protected by the Malwarebytes Self-Protection component which is designed to guard your Malwarebytes installation as well as its processes and registry keys from being altered, terminated or removed by threats, and since Malwarebytes cannot identify whether the process (in this case, System Restore) attempting to make these modifications is malicious or not, it simply blocks all unauthorized/non-Malwarebytes processes from making any changes to its components (this is also a good idea because sometimes malware will use built in system tools like System Restore to modify a system in a malicious way or to remove or disable security software). I hope this helps to clear things up. As for which specific item(s) were being prevented from being altered/replaced, I do not know, however it/they must have been components of your Malwarebytes installation. Also be aware that often times after running System Restore, you may be required to reinstall Malwarebytes as it may cause your installation to become corrupt due to some of its databases, configuration files and other date/version sensitive components may end up being out of sync after doing so, however to correct it all you should need to do is download and install the latest version available here over the top of your existing installation to correct such issues should they occur (you will know if it is necessary because you will see some kind of error message from Malwarebytes after performing the restore). I hope this helps and if there is anything else we might assist you with please let us know. Thanks
  15. You may also want to review this support article as it gives a good overview of the main connections/communications that Malwarebytes makes. There are also many connections to the various digital certificate validation servers/services from various organizations that handle digital signature deployment and enforcement for checking and validating digitally signed files (since malware will often use fake/spoofed/invalid/expired/revoked digital signatures to attempt to bypass many security functions in Windows, browsers, security software and of course to attempt to establish a false sense of security in users who check a file's info etc.).
  16. That is a valid point, because frankly, there are plenty of ways around monitoring utilities and firewalls (malware does it all the time) so when it comes down to it, you have to put some level of trust into the software you are willing to install as there is always the outside possibility of unknown/undocumented/undesirable behavior no matter what sort of software it is (just ask anyone who isn't willing to "upgrade" to Windows 10 due to the telemetry and Automatic Updates issues, including myself). I trust Malwarebytes because I've used it for so long and have had such a longstanding, close relationship to it, the organization and the people behind it (though I trusted it long before I was ever employed by them, and in fact their high level of integrity and innovative detection/protection methods were the very reason I started hanging out here on the forums years ago and using their products so much to begin with; there's no way I'd spend so much of my time and energy trying to aid a company and a product that I didn't completely trust as that would be silly, if I wasn't confident in this company and this product I would have moved on a LONG time ago because devoting that much of my time and effort to a company that I have no stake in and no faith in would only be a waste of my time, not theirs).
  17. It is likely related to the fact that Chrome renders videos differently than other browsers, typically utilizing HTML5 rather than Flash more often than not (especially on YouTube) and the fact that it tends to have overall higher resource usage (RAM, CPU and graphics card/GPU/graphics memory etc.; I've verified this myself comparing its behavior to IE11 as well as Firefox, though I don't have Edge as I'm still on Windows 7, but I think Edge relies on Flash more frequently than Chrome).
  18. Greetings, Unfortunately that feature was removed for a valid reason so I don't believe that it will be returning. Many users complained because they were accidentally excluding sites by clicking the notification when they had no intention of doing so, thus reducing their protection. In the meantime, the functionality of being able to right-click on the tray after a block has occurred and being able to exclude the most recently blocked site is still present so you don't have to go through the pain of needing to open the main UI to add the exclusion manually. I hope this helps make things a bit easier for you.
  19. Interesting, this definitely sounds like a latency/IO issue then. If you want to dive further into it and how each module affects performance (like when you enable/disable a particular component of protection) you can use a tool such as DPC Latency Checker or LatencyMon as that should give you an idea of the impact on I/O throughput performance when various modules are enabled/disabled as well as processes, devices and drivers/hardware. They're good measurement tools to see how various configuration changes and existing hardware configurations can impact streaming performance and latency/lag etc.
  20. You can submit it in a new topic here and you can also submit the site it came from here for analysis. Just be sure to follow the guidelines and instructions in the pinned topics in each area to make sure they have all the info they need.
  21. Yeah, it's kinda silly that Microsoft hasn't done better with removable device identification yet. Each chip/hardware plugged in has a specific serial number unique to that specific device that Windows can see, so it theoretically could identify when you've plugged in the exact same device vs an identical make/model from the same vendor and tell the difference without having to create it as a new device/connection every time, but they just don't. It probably has something to do with the fact that most systems have multiple USB ports and it's possible to move a device from one port to another and they're playing it safe to avoid some kind of hardware/device conflict, but still, I would think they could come up with a more elegant solution than just increasing the number of the drive/device/connection constantly like this. At least with removable drives you can assign a specific drive letter and write it to the autorun.inf file so that Windows (most versions at least) will assign the same drive letter to it every time (I typically use "X" for my portable drives) but with networking devices and dongles you don't have that option unfortunately.
  22. It's possible that the detection is an FP or that the scripts were never allowed to execute (if they don't run, they're harmless). I would suggest submitting them to Research for analysis so that they can confirm their contents.
  23. By the way, have you tried disabling Self-Protection at all yet? I don't know if it's related but it could help. It is located under Settings>Protection under the Startup Options section.
  24. Ah, I see, that's a different issue then and likely has more to do with CPU usage spikes and/or GPU usage spikes than anything. The issue I was describing is unrelated to mouse movement (like fullscreen video playback where the mouse remains completely still, yet occasional stuttering occurs).
  25. OK, I've been testing for about a day now, and so far while it doesn't seem too severe, I do believe I've been able to replicate this issue. While it is so brief and rare that it is almost unnoticeable, I am seeing occasional stuttering when viewing content on YouTube (HTML5) in SRWare Iron (Chromium based browser, alternative to Chrome) with Ransomware Protection enabled. In my case, I suspect that the high specs of my system hardware are compensating for the issue more and that is why I'm not seeing as severe or frequent stuttering as some others are.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.