Jump to content

Recommended Posts

Hi

I want to bring to your attention this article on Facebook etc. It does impact on your product. I am a subscriber to your Malwarebytes software and if you follow the instructions here:

http://www.iobit.com/en/tips-how-to-protect-yourself-from-petya/goldeneye-ransomware-101.php  Especially this: want to disable SMBv1? : then it disables malware services?

Thought you might like to know.

K

 

Link to post
Share on other sites

I would leave the WMI service running. From my understanding, WMI is used by NotPetya once it infects a system to retrieve admin credentials and move laterally across the network. But if you don't get infected in the first place (and disabling SMBv1 is enough for that), there's no need to disable WMI.

Link to post
Share on other sites

Hi

 

Thanks for the response.

I have done as you suggested and disables SMBv1. The main reason I bought it to your attention was that I was aware of a long running dispute between malewarebytes and IObit and thought that they might be trying to undermine you with the WMI approach re disabling your service.

All good at my end though.

 

K

Link to post
Share on other sites

You're right about the dispute between Malwarebytes and IObit, though I doubt they would go that far, so many years after what happened. But someone from the Staff should still see this thread and see what it is about (like, if one of them can explain why Malwarebytes relies on the WMI service for instance).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.