Jump to content

exile360

Experts
  • Content Count

    23,589
  • Joined

  • Last visited

Everything posted by exile360

  1. Was it an active threat or just a dormant file (like an installer containing a bundled PUP or something similar)? The reason I ask is because any active threat should be detected by the Threat scan, and any dormant threat on any secondary drive or in any location that the Threat scan doesn't check would first have to be executed to present a threat to the system (which is why I suggested using the context menu scan function if you have a tendency to save files from the web on secondary drives etc.). There is also the possibility that it was a false positive, but the only way to know that would be to check the file on VT and/or maybe submit the file to the Research team in the FP area to have them take a look.
  2. The Hyper scan is to do a fast check of the currently running processes in memory as well as known loading points and the registry to quickly determine if the PC might be infected. If the Hyper scan finds anything, it's a good idea to go ahead and perform a Threat scan. Basically the Hyper scan is useful for a really quick check to see if there might be any active infections on the system.
  3. Greetings, Thanks for the suggestion. I definitely like this idea now that we have the My Account web portal to manage licenses/devices. I will submit your proposal to the Product team for review and consideration. Also, just for future reference, any suggestions/feature requests etc. for Malwarebytes 3 should be posted in this area. Please feel free to post if you have any further ideas/suggestions/feedback/feature requests. Thanks
  4. Greetings, You may try to resolve this yourself using the Deactivate or Deactivate all function under your My Account page at My.Malwarebytes.com and you should then be able to reactivate the software on your system again. If that doesn't work then wait for Support to respond to your ticket and they will assist you, but simply deactivating the device currently listed under your account should free it up so that you can use your license key again to get the product reactivated.
  5. You may also find the information on this page to be helpful. It's a good writeup on the differences between traditional antivirus and modern anti-malware.
  6. The Threat scan is recommended because the Research team finds all the locations used by threats in the real world and this is what comprises the Threat scan. It is also dynamic, so whenever a new location is used by malware the Research team can add that new location in a database update (in other words it doesn't require a new Malwarebytes build/version release to change the locations checked by the Threat scan) so it is very efficient. One thing to also keep in mind is that the Threat scan checks all running processes, threads and modules in memory, so even if an active threat were using some new/previously unknown location (even a location on a drive other than C:\) Malwarebytes would still can/detect it because it checks the files for all running processes in memory. Of course Malwarebytes also checks all the usual loading points found on disk and in the registry for startup items, so even if a threat is installed in an unusual location it should still get caught because there is no way off-disk for a piece of malware to load on boot/startup. The only time I would suggest anything beyond the Threat scan would be for cases where you might store downloaded files from the web on another disk, in which case I'd suggest simply right-clicking on that location or the individual file and using the Scan with Malwarebytes option in Explorer to check those items to make sure they're not threats (though even this is optional as long as you've got Malwarebytes Premium as its real-time protection would detect/block/quarantine any such item from any location as soon as you tried to run it).
  7. That is odd; it's supposed to prevent the second activation from happening. You're supposed to get the error message that the license is already in use. You'll probably need to contact Support to find out why that happened and see if there is anything that can be done to prevent it in the future. You may contact them by filling out the form on the bottom of this page. In the meantime I'll be reporting this to the team for review; hopefully it's just a bug and they can get it fixed soon. Please try waiting a few hours and then try to activate the license once more to see if that resolves the issue. If it does not, then please contact Malwarebytes Support by filling out the form on the bottom of this page and they will assist you.
  8. I wanted to let you know that I have written up a feature request based on this thread to ask the Research team to provide some kind of online database to detail why each site is blocked in the Web Protection database. The idea is that when a block occurs, in addition to displaying the information that it currently does, it might also include a clickable link that says something like 'Click here for details' or something similar which, when clicked by the user, would open up a webpage to an online threat database created by the Malwarebytes Web Research team documenting what the malicious content is that is found on the IP/domain/server, why it's dangerous and why it was blocked. I also requested they consider including further details like when the threat was first seen in the wild/when the site was added to the block database etc. With that said, do keep in mind that it isn't up to me so it may not happen; all I can do is put in the request. It will be up to the Product team and Research team to decide whether or not to implement it, as well as how to do so/what it will look like/how it will work, if they do decide to make it happen.
  9. By the way, you should find the information in this support article as well as this support article to be informative on the subject.
  10. Greetings, Once the software has been activated on one machine it can no longer be activated on another until you either deactivate your license on that machine using the Deactivate License button in the Malwarebytes UI, or uninstall the software from that device, or deactivate your license using your account at My.Malwarebytes.com. This means that for someone to try and use your key when it's already in use by you, they would first either have to gain access to your machine to deactivate your key in your copy of the software, or they would have to access your account at My.Malwarebytes.com. This is one of the reasons the My Account/My.Malwarebytes.com license management system was created so that customers such as yourself could have full control over your license keys and devices, monitor where they are installed/activated, and more easily deactivate them to move them to other devices if you ever need to (if, for example you got a new computer and needed to move your license to that new system from your existing system). Before the new My.Malwarebytes.com license management system existed, and especially while multiple activations were still allowed on single device license keys it was much easier for someone to steal another user's license key and use it on their own device without the actual owner knowing about it or being able to do anything about it, but now with the new system you can not only deactivate your key from any device where it has been activated remotely via My.Malwarebytes.com, but now you can also see where the license key has been activated so you can quickly identify whether the active device is your own PC or not.
  11. They don't need to be checked to be active. Anything listed in the Exclusions tab will be excluded. If you still aren't able to reach those sites then you may need to clear your web browser's cache and DNS cache. Sometimes after a site has been blocked and redirected by Malwarebytes, Windows and/or your browser may remember that modified route/connection so that when you attempt to visit the same site again after excluding it in Malwarebytes you still aren't able to reach the site because Windows doesn't route it correctly/make the connection. The only reason checkboxes exist in the Exclusions tab (and any other tab in Malwarebytes) is so that you can select multiple entries at the same time for doing things like deleting multiple entries at once (you'll notice that when you check the boxes next to any of them that the Remove Exclusion button becomes active, and if you check the box next to 2 or more of them that the button changes its text to plural Remove Exclusions instead of just Remove Exclusion).
  12. Greetings, If you have not done so already, please create an account at My.Malwarebytes.com, if possible using the same email address you used when you first purchased your license (assuming you still have access to that email address; if you don't, then just use your current email instead). Instructions on how to do so can be found in this support article. Once that's done, if you don't see your lifetime key listed under your account there, try adding your license as described in this support article. If that was successful, try resetting your licenseusing the Deactivate all function described in this support article and that should reset your lifetime key so that you may activate it again. If that doesn't fix the situation then you will have to work with Malwarebytes Support to get it reset. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  13. Thanks. Your logs show that the following items exist in your Exclusions for Malwarebytes. They are all Web Exclusions (i.e. items excluded from the Web Protection component): shop.zverinfo.ru/track/314594180/anons/1200096803/https%253A%252F%252Fvk.com%252Fapp6051158_-52197716%2523MhxDkB?_hash=n272tdBFRH94oZEoV4IyNjl1oDTZpQ6%2Fn%2FDgAiRo5NU%3D stalic.ru/blog onfillm.online stalkerfish.ru/recipes/ Was there anything else you were trying to exclude that is not listed there?
  14. By the way, here are some additional resources about Web Protection that you may find helpful: https://support.malwarebytes.com/docs/DOC-1040 https://blog.malwarebytes.com/101/2016/08/explained-the-malwarebytes-website-protection-module/ https://blog.malwarebytes.com/malwarebytes-news/2013/05/oh-the-sites-you-will-never-see/
  15. They determine whether an IP contains malicious content the same way anyone would. They find malware samples, malicious advertisements, malicious exploits and the like as well as grab the IPs/domains that malware samples (such as Trojans) reach out to and they add them to the database to be blocked. They are then categorized based on the reason for the block, in this case it is categorized as a Trojan. I don't know what level of detail you expect, but I've never seen any security product provide any more detail (and more often than not much less) than Malwarebytes does when they block a malicious website. In this case, Trojan traffic was detected connecting to the site in question, but like I said, if you suspect that it may be a false positive (which you would need to determine based on where the traffic is coming from; there's no way for us to know what sites you're connecting to in your web browser or what the traffic looks like or what you were doing when the block occurred beyond the site that was blocked and the process that was attempting to connect to it; in this case firefox.exe) then you can post in the Website Blocking FP forum to ask them to investigate it, otherwise you can simply trust that Malwarebytes is doing its job to block malicious content and move on. If it were me, I'd probably start with checking each individual site that I had my web browser set to connect to on startup to determine which page contains the content being blocked and go from there. That would be a good place to start to find out precisely where the content actually is and what its purpose is (for example, if it's just an ad on a webpage being blocked as I suspected it may be, or if it is something else).
  16. Greetings, It looks like the upgrade install for the new version didn't complete. Reinstalling it should correct the issue. First, please try downloading and installing the latest build from here. Once that's done, check to verify that Malwarebytes is now working properly. If the problem still persists or it won't install for some reason please let us know and we'll proceed with further steps. Please let me know how it goes. Thanks
  17. Excellent, I'm glad the Support Tool was able to fix the problem. Please let us know if there is anything else we might assist you with. Thanks
  18. Greetings, Please do the following so that we may take a closer look at what is going on with your system to try and solve the problem: Download and run the Malwarebytes Support Tool Accept the EULA and click Advanced tab on the left (not Start Repair) Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your next reply Thanks
  19. I did a search and it looks like www.voxxintl.com is an electronics retailer. I'm guessing they had an advertisement embedded in one of the pages you were visiting and that the IP address being used for their website is also being used by some Trojan(s) for malicious purposes. Unfortunately this is a common problem as the same IP address can host multiple websites/domains, so while www.voxxintl.com may be perfectly safe, other content hosted on the same IP address 174.128.41.178 is likely malicious. When Malwarebytes categorizes a block as Trojan it is generally because it's been observed by Research to be used by some known Trojan(s)/malware for part of its communications (for example, receiving commands from the bad guys or uploading stolen data etc.). If you suspect this to be a false positive you may report it by reviewing the information here as well as here and then create a new thread in the Website Blocking FP area by clicking here. I hope that helps to clear things up. If there is anything else we might assist you with please let us know. Thanks
  20. Greetings, All you need to do in order to resolve this issue is create and login to your account at My.Malwarebytes.com (instructions on doing so can be found in this support article) using, if possible, the same email address you used when you originally purchased your licenses (not a requirement, but it does make it easier during the initial setup to sync your licenses to your account automatically). Once that's done and you've logged in, use the Deactivate all function described in this support article to reset your license key/device status so that any out of service/no longer in use devices will be removed from the active device list thus freeing up all 3 of your device activations for use on your current system(s). If that failed to fully resolve the issue, then please contact Malwarebytes Support directly by filling out the form on the bottom of this page and they will assist you in getting things setup and your license/device activations reset. I hope this helps, and if there is anything else we might assist you with please let us know. Thanks
  21. Understood, yeah if you can't sign in then Support will have to take care of it for you. I just figured the only issue was that the email address needed to be changed. Support will be able to move your license to your new account so that you'll be able to manage your license and get it deactivated and reactivated on your current installation.
  22. Most likely what happened was that the new 3.8 version was downloaded and was proceeding with the upgrade installation process but didn't complete for some reason which happens occasionally which resulted in the original version of Malwarebytes being removed but the new 3.8 version not being installed so your system was left without Malwarebytes on the system any more. To correct the situation you simply need to reinstall the latest version as mentioned by Maurice above and you should be all set. Once it is reinstalled, open it up and make sure everything checks out and that you are able to perform a scan to completion and you should be all set. I hope this helps and if there is anything else we might assist you with please let us know. Thanks
  23. You'll find information on changing your email address for your My.Malwarebytes.com account in this support article. If that doesn't work then Support will be able to make the change for you. Good luck, and if there is anything else we might assist you with please let us know. Thanks
  24. Thanks for the confirmation LiquidTension. I was aware of an issue specific to one of the Exploit Protection settings for Microsoft Office, but I wasn't aware that there were also additional settings impacted by such issues. Thanks for letting us know.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.