Problems already with V. 4

[QuiGonJohn]

So I just uninstalled the 1.75 I had been using and installed the Legacy Version of 4.3.0. A file came up in a scan that I want to IGNORE. But this new U/I does not give me the option to do that from the Scan Results. WHY NOT???

Instead I have to try and see the FULL PATH to the file, then go over to my Allow List and Manually Add it. Freaking 1.75 you could directly IGNORE an item, Why can't we do this in this newer version???

Proof that so-called "improvements" really are not that.

[AdvancedSetup]

You uncheck the file found in the detection and click the Next button. It will then ask if you want to ignore once or always ignore. Chose an option and it will add the exclusion

Thank you

 

[QuiGonJohn]

All I saw there was QUARANTINE or CLOSE. But I will try again next time a scan runs if something else is found. On the older version, we could right click for more options (hovering over the specific file or folder).

[AdvancedSetup]

During a scan it will list all files or registry issues and it has a check mark on all of them. You simply Uncheck those you want to keep.

Thanks

 

[H4V0C]

@QuiGonJohn Thank you for sharing your experience, I will pass your feedback along to the design team. I'm sharing a couple screenshots to illustrate how this works.

 

When viewing the scan results, you can uncheck items that you do not wish to quarantine. Once you've unselected items that you do not wish to quarantine, click the Quarantine button to continue (Note: Only items selected with the check marks will be quarantined).

 

 

Malwarebytes will then prompt you to choose what to do with the unselected items. If you choose Always ignore, the the items are added to the Allow list and will be excluded from future scans. If you choose Ignore once, the items will continue to be reviewed in future scans.

[lmacri]

18 hours ago, QuiGonJohn said:

So I just uninstalled the 1.75 I had been using and installed the Legacy Version of 4.3.0

Hi QuiGonJohn:

Do you have a Win 7 SP1 OS, and does that mean that you used the Malwarebytes for Windows 4 legacy build installer described in AdvancedSetup's 23-May-2022 post in rickoz's Definitions Not Updating that can be used to install the old Malwarebytes v4.3.0.128 on a Win 7 SP1 machine that is not patched to end of support on 14-Jan-2020 and does not have the KB4474419 update (rel. 23-Sep-2019) that adds SHA-2 code signing support for digital certificates?

A fully patched Win 7 SP1 OS that has KB4474419 installed (or a higher OS like Win 10 or Win 11) can use the Malwarebytes v4 offline installer at https://downloads.malwarebytes.com/file/mb4_offline. Once that installer has run to completion and Malwarbytes v4.x is updated (Settings | General | Application Updates | Check for Updates) you should have the current Malwarebytes v4.6.11.320 with component package v1.0.2302 - see the 21-Mar-2024 release notes <here>.  From my Win 10 machine:

If you have a Win 7 SP1 OS go to Control Panel | Programs | Programs and Features | View Installed Updates and search your installed updates to check if KB4474419 are already installed.  Just make sure you search for the complete KB number (i.e., search for "KB4474419" and not "4474419").  If KB4474419 is missing then see the installation instructions in my 18-Feb-2024 post in MsN Bhatti's How to Fix Live Update Failed Error 8504, 102 in the Norton forum.  Note that the latest version of Norton 360 and many other software programs will not run on a Win 7 SP1 machine unless KB4474419 is installed.
------------
Dell Inspiron 5584 * 64-bit Win 10 Pro v22H2 build 19045.4170 * Firefox v124.0.1 * Microsoft Defender v4.18.24020.7-1.1.24020.9 * Malwarebytes Premium v4.6.11.320-1.0.2302 * Macrium Reflect Free v8.0.7783

Edited March 29 by lmacri

[QuiGonJohn]

Aaron, thanks for the info, I will try that next time an item comes up on the scan that I think is safe. I guess it's just so counter-intuitive to have to click QUARANTINE (but item is unchecked) then get a prompt about IGNORE.

lmacri, yes I installed the Malwarebytes for Windows 4 legacy build. I had found and downloaded KB4474419, but before I installed it, I noticed the option for the legacy version and figured I'd use that vs. taking a chance that this security update wouldn't break something else. As you might be able to tell, I am not very trusting of MS. Like their claims when Win 10 came out they were forcing updates (to keep people's systems safe). Well if that's true, why did so many of their updates dump new programs on us and all sorts of cosmetic changes in Windows, that had no bearing on "computer safety". So far the legacy version of MBAM is doing OK for me.

[AdvancedSetup]

As I'm sure you're aware. Windows 7 has been out of support from Microsoft now for a very long time.

If you're going to keep running Windows 7 then you should at least have ALL of the security updates that fix issues both security and non-security and in some cases fix exploits. Running Windows 7 without all the known updates is like take a boat out in the ocean with holes in the bottom and hoping you're not going to sink at some point.

 

I would highly recommend you update Windows 7 to the latest available updates

How to update Windows 7 to the latest Security Updates
https://forums.malwarebytes.com/topic/274496-how-to-update-windows-7-to-the-latest-security-updates/

 

I would also recommend that you use a product like Macrium Reflect to backup your entire drive to an external USB hard drive as an image. That way if something does go wrong you will always have the entire system available to restore 100% the way it is today.

Backup Software
https://forums.malwarebytes.org/index.php?/topic/136226-backup-software

 

Once Widows 7 is fully up to date you should be able to use Malwarebytes 5 as well unless your CPU does not support but most do.

 

[QuiGonJohn]

I'll consider doing that, will hold off until I have a lot of time to deal with it all. I have been using Acronis True Image to B/U my hard drive (to a second HD in my PC as it's quite large for a full backup). The thing is, back when Win 7 was still supported, MS changed from putting out individual updates to these bundles, typically each month. I came across many folks who started having various problems after they installed the updates. It was around that time that I stopped doing the updates, (and with 7 you can completely just not do them). Besides MBAM I use MSE for virus protection, pretty careful about sites I go to and things I open (emails, programs, etc.) So I have been mostly infection free. I still feel that many of the updates MS pushes out are either not really needed or not tested well enough to be sure they won't adversely affect something totally unintended.

[AdvancedSetup]

I understand as I've been doing Corporate Enterprise support as well during those times and many of the failures were due to computers already having issues with the system.. System that were running well without massive errors in the Event Logs did not have very many issues updating.

The reality is that Windows 7 simply does not have sufficient software to protect it well. The built-in MSE antivirus was and continues to be a joke.

As for well tested - that is probably true. There is no doubt Microsoft does release quite a few updates that can and do cause other issues, but in the end those also get resolved with the next update. Ignoring updates and pretending you're just not going to deal with Microsoft's mistakes is a mistake itself. Microsoft fixes or tries to fix by the next update or soon thereafter when they realize a fix is causing other issues.

If the computer can run Windows 7 in most cases it can run Windows 10. Getting onto Windows 10 (even though it's approaching end of life as well) would give the computer a few more years of life where software would run better on it. Most vendors simply just do not make software designed for Windows 7 anymore.

 

The reason for an IMAGE is that it is fully contained and puts the computer right back to where it is now. They do make 5TB external USB drives for about $120

Best of luck on whatever you decide

Cheers

 

[QuiGonJohn]

Thanks, a couple more questions.

1. How do I go to the Quarantined Items (Virus Vault)?

2. How do I choose a different scan from Threat. For example, Quick or Custom. A Google search said to click on the SCANNE Rectangle, but I don't see any other options there.

[Porthos]

3 minutes ago, QuiGonJohn said:

1. How do I go to the Quarantined Items (Virus Vault)?

2. How do I choose a different scan from Threat. For example, Quick or Custom. A Google search said to click on the SCANNE Rectangle, but I don't see any other options there.

User Guide. https://support.malwarebytes.com/hc/en-us/articles/360038984693-Malwarebytes-for-Windows-v4-guide

[QuiGonJohn]

Thanks Porthos, I found the info for Quarantine. But for Custom/Quick, when I click the "Scanner Card" I do not see "Advanced Scanners". But I did experiment and see if I go to Scan Scheduler and go thru those screens I can do Quick or Custom. Is this a glitch or does the Guide need to be updated?

[Porthos]

Keep in mind the threat scan is the recommended scan.

Malwarebytes is not designed to function like normal AV scanners and uses a new kind of scan engine that relies mostly on heuristics detection techniques rather than traditional threat signatures.  Malwarebytes is also designed to look in all the locations where malware is known to install itself/hide, so a full or custom scan shouldn't be necessary, especially on any sort of frequent basis (like daily), especially since the default Threat Scan/Quick Scan checks all loading points/startup locations, the registry, all running processes and threads in memory, along with all system folders, program folders and data folders as well as any installed browsers, caches and temp locations.  This also means that if a threat were active from a non-standard location, because Malwarebytes checks all threads and processes in memory, it should still be detected.  The only threat it *might* miss would be a dormant/inactive threat that is not actively running/installed on a secondary drive, however if the threat were executed then Malwarebytes should detect it.  Additionally, whenever a new location is discovered to be used by malware the Malwarebytes Research team adds that location dynamically to the outgoing database updates so the locations that are checked by the default Threat/Quick Scan in Malwarebytes can be changed on the fly by Research without requiring any engine or program version updates/upgrades.

If you need a flat file scanner to check archived data/drives, I recommend using one of the many available free AV scanners such as Kaspersky's Virus Removal Tool, ESET's Free Virus Scan, or even the built in Windows Defender that ships with Windows 8/8.1 and Windows 10 and 11.  Links to the first two scanners I mentioned can be found below:

https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
https://www.eset.com/us/home/online-scanner/

More info HERE https://forums.malwarebytes.com/topic/253972-malwarebytes-4-faqs/?do=findComment&comment=1346719

[QuiGonJohn]

Porthos, I wasn't seeing the first screen you put up (above) because a scan had run and it kept showing me the results page. I didn't realize I had to click DONE. After I click DONE, if I open the Scanner Tile, I see it like you posted. Is there a way to change the icon in the system tray. That color blue is almost the same as my taskbar, so the MBAM Icon is almost invisible.

[Porthos]

1 hour ago, QuiGonJohn said:

That color blue is almost the same as my taskbar, so the MBAM Icon is almost invisible.

No there is not.