Newsletter Archives

• Malwarebytes gets a full version bump

  Posted on November 5, 2019 at 02:56 CST by woody • Comment in the Forums

  There’s a new version of Malwarebytes and it seems pretty spiffy.

  See the detailed review from Lawrence Abrams at BleepingComputer:

  New scanning engine, a new user interface, threat statistics and more. If you wish to upgrade to this new version you will need to download the installer directly from Malwarebytes site… With this release, Malwarebytes considers itself an antivirus replacement and will now register itself with the Windows Security settings as the primary antivirus solution on the computer.

  Now available at OlderGeeks.com.

  Antivirus Apps Malwarebytes

• Deanna’s Freeware Spotlight: Malwarebytes AdwCleaner v7.2.5.0

  Posted on November 29, 2018 at 05:55 CST by woody • Comment in the Forums

  Today we are gonna talk about a staple of any computer tune-up. An oldie but a goodie. Sure most of you are all like, “Pffft, been using this for years.” but there are some just-born computer techs out there that may be removing those initial crapware programs manually.

  AdwCleaner is simple. No install needed. Just run, scan remove. You just knocked 30 minutes off of a computer tune-up. AdwCleaner is also great for any novice computer user to use. Send the link to mom so the next time you visit, your day does not have to begin with computer repairs!

  https://www.oldergeeks.com/downloads/file.php?id=606

  Other Deanna's Freeware Spotlight, Malwarebytes

• Malwarebytes BIG problem

  Posted on January 27, 2018 at 21:04 CST by woody • Comment in the Forums

  There’s an acknowledged problem with Malwarebytes. Lawrence Abrams at BleepingComputer has the details:

  An update pushed by Malwarebytes today for their Malwarebytes Anti-Malware product has caused a lot of problems for those who use their program. This new protection update caused mbamservice.exe to consume a lot of memory and upwards to 90% of the computer’s CPU. A new update has been pushed that resolves these issues.

  If you’re using Malwarebytes, start it and check for updates.

  Once the update is installed, your computer should no longer be having problems and mbamservice.exe should be using the appropriate amount of resources again.

  Other Malwarebytes

• The Dangers of Posting Your X-Rays to Social Media

  Posted on June 16, 2017 at 02:53 CDT by Kirsty • Comment in the Forums

  Malwarebytes Labs published a post by William Tsing on June 9, 2017, explaining the problems that can occur when x-rays are shared online.

  The problem stems from the private details of both the patient and the hospital that are shown on x-rays. Most contain the patient’s full name, date of birth, and sometimes their Social Security Number, and will often contain the name of the medical facility that took the x-ray.

  The information can be used together to enable either identity theft or doxing, but it could also be used to jeopardise the security of the network of the medical facility. Personally, the name of the hospital would give your location, to add to your name and date of birth, and could be used to access property tax, tax or voting records. For the hospital, a networked x-ray machine connected to the internet could be identified in the x-ray details, which could be used to access the system. Malwarebytes were able to gain a lot of information from one x-ray they checked.

  “Yikes. Medical infrastructure security has problems. A lot of problems. But while the responsibility for an insecure network lies with the organization running it, posting photos that have exploitable information is also not a great thing. Given that vulnerabilities in the medical space can have catastrophic consequences, we should take extra care before exposing any data from inside a hospital or doctor’s office.”

  If you really must share an x-ray online, crop it first, so no identifying information remains. Read the full article on blog.malwarebytes.com

  Other Malwarebytes, Security

• Microsoft pulls MS 3197868, the Win7 Security Rollup that blew apart Malwarebytes

  Posted on November 23, 2016 at 14:52 CST by woody • Comment in the Forums

  Thanks to Abbodi…

  Microsoft has pulled KB 3197868. You can search for it in the Update Catalog:

  https://www.catalog.update.microsoft.com/Search.aspx?q=3197868

  That’s right. The November Monthly Rollup for Win7 ain’t there any more.

  I guess that settles the question of whether Malwarebytes or Microsoft made a mistake. Malwarebytes stated a week ago:

  This false positive was caused by Microsoft not digitally signing over 500 files included in “November, 2016 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB3197868)”. Malwarebytes triggered on these unsigned files despite efforts in the 1.80 and 2.x releases to enhance safeguards and prevent false positives on legitimate files. We are working on correcting what actions took place to better protect from this in the future.

  and they haven’t changed their tune.

  Malwarebytes fixed the problem very quickly. If you’ve updated Malwarebytes Anti-Malware in the past week, you’re fine.

  Those of you in Group A who haven’t yet applied the November patches can go ahead.

  Remarkably, the Preview of next month’s Monthly Rollup is still in the Update Catalog. Sounds like Microsoft forgot to sign 500 files in the November Monthly Rollup, but remembered to sign them in the preview of next month’s Monthly Rollup.

  No idea if we’ll get KB 3197868 back before the turkeys gobble.

  UPDATE: On Wednesday evening, both November Monthly Rollups, KB3197874 and KB3197868, came back online. They’re marked “Last modified: 11/23/2016”. No idea why they were pulled – and Microsoft isn’t saying.

  Windows Patches/Security KB 3197868, Malwarebytes

• Malwarebytes stumbles with false positive on KB 3197868, the Win7 November Monthly Rollup

  Posted on November 20, 2016 at 06:51 CST by woody • Comment in the Forums

  Thanks to SC for the heads up.

  Looks like those of you running Malwarebytes on a Win7 system using Group A updating are in for a rocky ride. Symptoms of the kernel32.dll false positive include locked up systems, and machines that take five minutes or more to shut down.

  On Thursday, Malwarebytes narrowed down the problem and posted this solution:

  What can I do if I have been affected by the Kernel32.dll false positive?

  This detection has been fixed as of database version v2016.11.16.11.

  This false positive was caused by Microsoft not digitally signing over 500 files included in “November, 2016 Security Monthly Quality Rollup for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB3197868)”. Malwarebytes triggered on these unsigned files despite efforts in the 1.80 and 2.x releases to enhance safeguards and prevent false positives on legitimate files. We are working on correcting what actions took place to better protect from this in the future.

  Malwarebytes’ solutions are to uninstall KB 3197868 if you haven’t rebooted after installing it, use System Restore, or manually replace some system files (which is a bear!).

  UPDATE: I see some debate online about who’s at fault for the false positive – some blame Malwarebytes, others blame Microsoft. Given the details posted in the comments by abbodi, I think it’s fair to say that neither side committed any grave error. I’m surprised at the way Malwarebytes Anti-Malware reacted to a false positive, but as for the detection there’s plenty of reason to blame (or exonerate!) either side.

  There’s a good note on the situation from Imacri on the Norton Community forum:

  Win 7 SP1 users could potentially be affected if they ran a MBAM scan in the 4-day period between 08-Nov-2016 (the release date for the November 2016 Patch Tuesday updates) and 11-Nov-2016 when MBAM released database version v2016.11.16.11 to fix the problem.  I don’t see a large number of recent reports in their False Positive board at https://forums.malwarebytes.org/forum/42-file-detections/ (link is external) so it doesn’t appear to be a widespread problem.

  Also, as abbodi notes in the comments, it’s likely that this problem also occurs with the Nov Win7 Security-only patch, KB 3197867 – that’s the “Group B” downloaded patch. I have no idea if it happens with the analogous patches for Win 8.1 – KB 3197874 (Nov Win 8.1 “Group A” Monthly Rollup) and KB 3917873 (Nov Win 8.1 “Group B” Security-only update) but wouldn’t be too surprised.

  Windows Patches/Security KB 3197868, Malwarebytes