Jump to content


Malware Hunters
  • Content Count

  • Joined

  • Last visited

Everything posted by alvarnell

  1. Simply disable the Malwarebytes extension until whitelisted temporarily and re-enable it after you are finished.
  2. Not against the vulnerability itself (which must be fixed by Apple), but any known malware that attempts to take advantage of this vulnerability should be found upon download by Real-Time Protection and during a scan if it was allowed to install.
  3. It's been years since I've allowed any of the mainstream AV software on my computer and I don't really feel like paying for any of them today just to find out. I checked Sophos Home (free) just now and see that the preference panel is locked with admin access for all settings. Switched to Standard user and all of the following allowed me to change preferences without a pin or password. Most had limited preferences (updates. scan schedules & action upon detection) without access to critical features. A few allowed whitelisting. Bitdefender Virus Scanner ClamXAV DetectX Swift Dr. Antivirus Dr․Web Light MacScan 2 (no longer supported) VirusBarrier Scanner A few of the above require registration which could be entered or updated by a Standard User, but none appeared to allow deactivation.
  4. Sorry, but I don't know what you mean by “the malwarebytes in-app download pop-up”? Can you post a screenshot of it?
  5. Yes, Mac world is much different. The default is that the first user is always the admin. A few users will establish a standard account for normal operations, but most don't know enough to do so. But even from a non-admin account, you can make admin changes by simply entering the admin login name and password in the presented dialog, assuming you know it. Other users of that Mac probably won't have that info.
  6. No, that's not really sufficient. My point was that only an Admin account should be able to change settings. macOS provides the appropriate API's necessary to implement such restrictions.
  7. My wife and all children have separate accounts on my Macs. There is also a restricted Guest account. If any were still under age, they would have parental controls imposed, which should provide protection against the situation you outlined. But I need to check to see exactly what those other users are able to do with Malwarebytes before passing judgement. After checking the Guest Account, I see that I was able to change settings, View and Disable the License, etc., so it does appear that some added degree of protection should be added. But I would recommend that it be the standard Admin password that is used for System settings, etc., rather than a unique PIN of some sort.
  8. I am totally shocked that you would allow anybody with such intent be allowed to access your Mac. Recent innovation requiring a login password / TouchID / Facial Recognition / Apple Watch proximity in order to access should be more than enough to protect Malwarebytes settings. Clearly there is much more sensitive information that would be available to such an intruder than just harvesting my license key. I would also strongly object to my having to perform an extra step in order to change a setting, something almost no other app require. Off the top of my head, I can only think of selected System Preferences and access to passwords in Keychain, Safari and most password management apps that require an extra step to simply observe or make changes.
  9. You must purchase through the Apple Store. Those are Apple's rules, unfortunately.
  10. Avast always does well in testing with regard to identifying all types of malware, but along with it comes a reputation for having the most False Positives. I haven't even tried it for many years now, mostly because of the latter reputation, so can't really speak from experience, but I'm certain your questions would be better addressed by Avast than here. I might be able to provide some general information if I knew exactly what the malware names Avast is alerting you to. You also might want to try the Malwarebytes Chrome Extension that's in beta testing to see if it confirms any of these alerts. If you aren't using an ad blocking extension with Chrome, you probably should, just to prevent something called "Malvertising" which are ads that contain embedded javascript which cause redirections and fake pop-ups.
  11. If you sign into your account at https://my.malwarebytes.com/en/support and contact Support->Billing, they should be able to help you with that.
  12. Please run through the applicable steps contained in the pinned article at the top of this forum: If that fails to solve the problem, let us know.
  13. This really should be a question for Patrick Wardle of Objective-See, the developer of Block-Block, but I can give you a couple of facts here. This isn't malware, just something that Google provides which will automatically update Google apps for you. If that's not what you want, check with Google on how to disable it. Not sure why it's happening every time you launch Chrome. There have been daily updates recently and it takes a few minutes for the updates to take place, so from what you posted one second between launches wasn't enough time for the update to take place. It's also possible that something about that automatic update mechanism isn't working, so best to select "About Google Chrome" from the Chrome menu to see if you need to manually update it. Although your screenshot indicates that the same temporary file is being run from /private/tmp/, I suspect the next time it happens the file name will be slightly different from "WHGrrl0UXH" which is why Block-Block can't remember it. Oh, and one more thing.... Note that Block-Block is still in beta testing (for several years now) so should not be expected to be perfect.
  14. There are a few new features that are being tested in beta now -- see: But as you have discovered, there are some hard limits on what Apple allows other apps to do, especially things that iOS reserves to itself, such as blocking calls. Someone from the staff will not doubt be able to address your specific request concerning Profiles, but my guess would be that it's another forbidden area. FYI, until recently, Comodo provided free certificates that allow individual users to sign and / or encrypt e-mails for one year, so that could have been what you found.
  15. I would only comment that I believe Malwarebytes strives to scan all known and currently active malware rather than just some. This does risk the same malware file being moved to a new location or a previously abandoned malware be reactivated, resulting in a new variant, but those occurrences are extremely rare and generally considered not worth expending the additional time and computing resources required to scan files that might possibly be or have never been associated with malware.
  16. I'll just point out that the extension is still in beta testing and relies heavily on testers like you to bring specific sites to their attention in order that it not unintentionally block any site that it should not. Were all 100 of the sites you posted blocked or alerted to? It's way past my bedtime, so I don't have time to test them all, but I only found about 10% of the few I tested gave me a "Clickbait" alert and some were not the site itself, but from an advertisement that the site was attempting to launch as a pop-up or pop-behind, which is something I don't want to see from any site I visit. In order to show bias, I think you need to post a list of 100 far-right sites for comparison.
  17. As @LiquidTension said, you probably don't need to do anything more as the threat has been placed where it cannot cause further harm, but if you care to: Open the Malwarebytes app, if not already open. Click on "Scan" which may tell you what threat was found. Now click on "Quarantine" and follow the instructions found there. If you have any further questions about what was found, return here.
  18. It is only available in certain countries at this time. The US App Store has it here: Malwarebytes Mobile Security by Malwarebytes https://itunes.apple.com/us/app/malwarebytes-mobile-security/id1327105431?mt=8.
  19. Bottom of this page: https://support.malwarebytes.com/community/contactsupport/pages/home-support
  20. I heard back from Apple security folks and apparently the list we have been looking at has been superceded. Here is the response I received with links to the January documents indicating that 2018121000 is the most recent list.
  21. Although Malwarebytes can remove the Advanced Mac Cleaner malware from your computer, it cannot reset any settings that were modified, so you'll need to do that manually. The pinned article at the top of this forum should contain enough information about various possible causes and how to fix them:
  22. Everything sounds right except that you should have received an e-mail message from "cleverbridge / MALWAREBYTES <no-reply@cleverbridge.com>" confirming your purchase along with your Malwarebytes Premium license Key. You may also have received an e-mail directly from Malwarebytes suggestion you set up an account to view your subscriptions, manage email communication settings, and more. You should still be able to do that at https://my.malwarebytes.com/users/setup_account.
  23. Malwarebytes for Mac does not block either popups or cookies in any browser.
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.