exile360

Greetings, Most ad blockers should work just fine with Malwarebytes. I myself am currently using a large HOSTS file consisting of entries from multiple sources to block ads, trackers as well as malware (currently it has over 900,000 entries) as well as Adblock Plus in all my browsers (including IE) along with several for SRWare Iron (a Chromium based browser similar to Google Chrome but without any of Google's tracking and advertising built in) including Disconnect, Ghostery, DuckDuckGo Privacy Essentials, Windows Defender Browser Protection (the equivalent of Smartscreen, but for Chromium based browsers like SRWare Iron which I use) as well as Malwarebytes' own Malwarebytes browser extension beta (this one is particularly useful as it actually speeds up blocking by the Malwarebytes Web Protection component to make loading pages even faster when any content is blocked by it). That last one is probably the best fit for what you're looking for, but that said, you should be able to use pretty much any ad blocking browser add-on/extension alongside Malwarebytes without any problems. You can learn more and download the Malwarebytes browser extension beta at the following links if you're interested: Chrome Firefox The Chrome version should work with most Chromium based browsers including SRWare Iron and Vivaldi among others.

Ah, good to know. Hopefully the new version fixes it.

Have you tried disabling Web Protection yet? If not, give that a try and see if that eliminates the blocks. If not, then it seems likely that Malwarebytes isn't the issue (or at least not directly as it could be some kind of conflict with something else on the system).

Excellent, I'm glad to be of service

Cool, yep, that's what I figured. Also notice what they said about "your firewall rules" because that's the key wording. They didn't say "our firewall rules" or "its firewall rules", they specified "your" which tells me that they are indeed using the underlying Windows Firewall with Advanced Security rules to control access for applications just like most other WFP based firewalls, meaning they all pretty much do the same thing and simply add their own functionality into the built in firewall functionality. That's both a good and a bad thing. It's good because it establishes a standard and makes working with and troubleshooting these firewalls universal and simple, but it's bad because if ever a serious vulnerability is discovered in the WFP framework that the bad guys learn to exploit we're going to be in real trouble because most firewalls and web filters (including the Web Protection in Malwarebytes 3 as well as the former Binisoft WFC of course) are using it. That said, I think it's pretty solid and has proven itself at this point. It's been around since Vista which goes all the way back to 2006/2007 and has yet to show any real weakness that I'm aware of so I think we're in pretty good shape.

As long as you're using the free version of GlassWire there shouldn't be, but if using the paid version with the full firewall capabilities baked in then you may end up getting double alerts/notifications and such (but I believe both still honor the built in WFC with Advanced Security rules so if one is set to alert and the other is set to be silent it should be OK).

Yep, I use Simple DNSCrypt (which uses both DNSSEC along with the DNSCrypt protocol) for this very reason. I also have it configured so that it randomly rotates between multiple DNS servers to disperse my traffic across multiple providers/routes thus further randomizing my traffic.

I don't know, to me, closed is closed, so as long as the firewall (be it the built in Windows Firewall, a WFP based front-end/replacement for the Windows Firewall using the same APIs, or a third party firewall) is keeping all the ports closed/stealthed as they should be and Windows has all the appropriate sharing/remote etc. protocols locked down/disabled (the Public profile configuration) then I don't see a real difference. The big advantage, to me, of a third party/more granular firewall is for inside-out communications, i.e. greater control over the programs that communicate with the web. The local network stuff that you have to be concerned with on a public Wi-Fi connection/network don't really translate to suddenly requiring a more granular firewall, at least based on what I've learned of such things. The main thing is just keeping things closed/locked down to prevent other devices on the network from gaining access which should be fairly straightforward for any firewall and even Windows itself. That said, if you're dealing with the class of hacker that can and does bypass those kinds of protections on public networks, no beefed up third party firewall is going to stop them any better than the more standard WFP stuff would, and anyway, since Microsoft themselves recommend that all firewall devs use WFP they are all going to be subject to the same kinds of potential vulnerabilities that might exist in the protocol regardless of how robust their implementation might be; at least that's my take on it. Reference Windows Filtering Platform for more info. The other threat is a man-in-the-middle attack where the attacker might try to alter traffic through DNS manipulation/packet manipulation and the like, but since that takes place outside your system, no firewall is going to aid you in dealing with those kinds of threats as it all comes down to the security of the internet connection itself and so tools like VPNs and DNS encryption protocols become much more important (i.e. TOR, VPN tunneling tools, proxies, encryption protocols like DNSSEC, HTTPS, and DNSCrypt etc.).

Yep, that's what most WFP based firewalls are these days, especially the free ones. They're either front-ends for the existing firewall or they use the same framework, APIs and functions, usually while adding other features such as prompts for outbound connections (as is the case with the former Binisoft firewall).

Yes, if they do decide to integrate the firewall (which seems likely), it shouldn't interfere with Windows Defender/MSE at all so I expect them to continue to support keeping it active by default whenever Malwarebytes Premium is installed/activated.

Greetings, If you just want the free version that only works as an on-demand scanner then please open Malwarebytes and follow the instructions in this support article and that should deactivate all of the active protection components and return you to the normal free version. If you have any trouble or if there are any other issues please let us know. Thanks

OK, good. I guess it just needed to refresh once the scheduler was up and running and processed the scan. I'll still be reporting the GUI bug where it showed 'None' after you created the scheduled scan in case QA can replicate the problem so that the Devs can hopefully fix it so that the UI stays in sync with the scheduler.

OK, good. It may be that the browser plugin doesn't like the site hosting it for some reason (it has a lot of heuristics that look at things like page behavior, layout and scripting to try and determine when an unknown site might be malicious). You can report the FP in the Chrome browser extension beta forum and they should be able to whitelist it.

Excellent, I'm glad that it's working properly now. If there is anything else we might assist you with please don't hesitate to ask.

Greetings, You should be able to fix this by opening Malwarebytes and navigating to Settings>Application and toggling the Show Malwarebytes options in Windows Explorer setting Off and then On again; if that fails, please try restarting you system to see if that resolves the issue or not. If it still isn't showing up then please do the following to perform a clean installation of the latest build, which should correct the problem if all the other options failed: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Clean button, and allow it to restart your system and then reinstall Malwarebytes, either by allowing the tool to do so when it offers to on restart, or by downloading and installing the latest version from here If the problem still persists then please do the following so that we may take a look at what's going on with your Malwarebytes installation and hopefully find a resolution for the issue: Run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Please let us know how it goes, and if necessary, provide the requested ZIP folder and we will continue troubleshooting the issue with you. Thanks

I provided tons of info on the Shark007 codecs (my personal favorite which I used for years) and a bit more info on the K-Lite Codec Pack above in the 'spoiler' section in case you're curious. I also included a link to some nifty video/codec analysis tools that can be super helpful when trying to determine what codec is required for a new/unknown file/format. Anyway, if Malwarebytes has any issues with the new build of VLC please let us know. I haven't experienced any problems with it on my own system, but I also only use the portable version so it could be different for the installed build you're using.

You can find lots of info on the various features with Malwarebytes business products on this page and additional details by clicking on the various Learn more links listed throughout the page beneath each brief product description and next to each of the associated REQUEST DEMO and SEE PRICING buttons/links found there. You may also review the relevant support documentation for each product using the links under the Business Solutions section on the right side of this page.

Greetings, It is possible that a previous installation is still active in the system and needs to be reset to give you access to your license on another device. Please try using the Deactivate all function in your account at My.Malwarebytes.com to reset the number of devices/activations and then try activating the product with your license key again on your preferred device and hopefully that will resolve the issue. You will find instructions on how to do this in steps 3.-5. in the first section of this support article. If that fails to resolve the issue then please contact Malwarebytes Support directly via the form found on the bottom of this page and they should be able to aid you in getting your license key working properly again. I hope this helps, and if there is anything else we might assist you with please don't hesitate to let us know. Thanks

Ah, that certainly could be it. All it would take is a bad signature in AVG writing the wrong path or using the wrong API and not getting the correct/native path and writing that to your registry to cause this. If it comes back though, please do let us know as I am curious to know just what may have caused it in case this issue comes up again.

Yes, it is true that some do, however in my personal experience having used a wide array of them (not to mention the years I spent working QA for Malwarebytes testing various AV/IS products for compatibility) that the vast majority do not, and like Malwarebytes, will only install database updates/signatures and component updates automatically, leaving major releases either to be downloaded manually (many won't even notify you/offer any new major builds) or doing what Malwarebytes does, requiring the user to run the installer for the new version from an administrative user account. That said, I have requested that they add an option to silently/automatically update major product versions via the service since it has the privileges/permissions necessary to accomplish automatic/silent application installs, however at this point unfortunately it isn't an option as it has not yet been implemented (and I don't know if they actually plan to implement it or not, as that decision would be up to the Developers and the Product team). Now, with all that being said, there should be a way to push updates via remote administration using something like PSExec over a domain if they are configured that way (for remote troubleshooting and maintenance purposes where admin permissions are required for IT/sysadmin access like malware cleanups, software removals/installs/upgrades etc.) and I believe this is how it is accomplished in the business products using the console as a remote administration tool and pushing new builds' installers over the network to the endpoints (it still doesn't happen automatically to my knowledge, unless something has changed since last I checked, which is possible of course).

Greetings, Depending on what file format it is that you're trying to play, you should be able to install the appropriate codec(s) to enable playback in Windows Media Player (I've been doing this myself for years and never had need of any other players for even the most obscure formats thanks to packs such as the K-Lite Codec Pack, though there are other options/packs available depending on your needs). That said, version 3.0.6, the latest build of VLC Player can be downloaded directly from here. You might try downloading and installing it directly rather than trying to upgrade through the app as that may resolve the issue (plus, being on such an outdated version, it's very likely that compatibility issues may arise as build 2.0.7 is nearly 6 years old at this point, having been released in June of 2013). I'd definitely suggest trying a manual upgrade first to see if that resolves the issue, though I'm sure the Devs/QA team will take a look at the logs you provided in case there is some issue in Malwarebytes that needs to be fixed (the most likely culprit would be Exploit Protection since VLC is among its shielded applications).

The tray icon is the Malwarebytes icon located near the clock on the taskbar at the lower right (it may be hidden; you'll find info on how to display hidden icons in this article). Try exiting Malwarebytes and then launching it again, or you may try restarting your system (just make sure that fast startup is disabled, otherwise it may not work as expected; you can find info on fast startup and how to disable it here as well as here).

You're welcome, let us know how you get on if you wouldn't mind as I'm curious about this myself as other users may come here seeking answers to the same question.

It shouldn't change that key, Userinit is a system process, but you never know I suppose. If it's a really old app with some odd function that tries to verify/write that key/value for XP/32 bit operating systems then I suppose it would be possible for it to modify it, but with that said, my guess would actually be some kind of older malware scanner or system error fixing/system optimization application (I'm thinking something along the lines of Registry Mechanic or System Mechanic or a utility like Dial-a-Fix etc.) as any older system error fixing app/security tool could be liable to accidentally write the wrong entry there due to Windows WOW64 redirection that would point them to SysWOW64 instead of the native System32 (though theoretically it should also point them to the HKLM\SOFTWARE\Wow6432Node key/branch also rather than the native one where this issue is being detected).

Thanks I think I see the problem. For some odd reason your key is pointing to the 32-bit/x86 copy of userinit.exe located in SysWOW64 rather than the default/standard native x64 copy located in System32. I'm on Windows 7 x64 myself, and here's what my key looks like: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\Windows\\system32\\userinit.exe," Here's what the export of yours shows, and is likely the very reason it's being detected: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\Windows\\SysWOW64\\userinit.exe," Note the difference in the path there between the two. I'm pretty sure it's supposed to be System32 so I'm guessing that for whatever reason, some application changed it on your system at some point so now it's triggering this detection (since malware has also been known to modify this value to load their own Trojans/malicious executables). Malwarebytes and ADWCleaner both have a lot of generic heuristics signatures like this that detect any modification of default system loading point values for this very reason, because theoretically they should never be altered from their defaults. You may await a response from fr33tux or Elisabeth if you wish, but I'm pretty sure I figured out why this is being detected. I can do some more research and hit up Microsoft's web documentation as well if you wish, just to make certain there's no legit reason for it to be pointing to that copy of the file before you make any changes, but I don't believe it should do any harm to set it back to its default value (which is what ADWCleaner should do when it removes/quarantines the detection, though you can verify that as well if you wish by trying it again and then checking the value left behind afterwards).