Malwarebytes: The end of the line

By | July 12, 2013

Today we are officially suspending our recommendation of Malwarebytes as the best utility to remove malware from your computer. While it is still a good tool to remove serious Trojans from your computer, there are better trojan removers, and better rootkit removers. Malwarebytes value, in our opinion was its ability to detect and remove the most commonly found form of malware (which Malwarebytes called PUPS) which are adware toolbars, browser hijackers, homepage hijackers and search engine hijackers.

While Malwarebytes has not answered our email to them, they have answered several of our subscribers who wrote expressing their concerns; they all received the same canned answer from Malwarebytes which, by omission, admits they’ve stopped detecting PUPS, ostensively  because these are things some people want — and if they don’t want them, they are easy to remove. Neither of those things is true. We have yet to find anyone who wanted Ask Toolbar, Conduit’s toolbars, Search Scopes, Installmate, or any of the dozens of other malware programs and toolbars we find on peoples’ computer every single day. In fact, most people are shocked they even have them installed.

If we can’t trust Malwarebytes to remove the most commonly found malware, then we can’t recommend it to you any longer.

We have no idea why Malwarebytes has taken this tack. We can only speculate that something has changed behind the scenes — we can only hope they haven’t changed because of threats received from the multi-billion dollar malware toolbar industry, or worse, because they’ve received compensation from these kinds of companies. We cannot say. All we know is that Malwarebytes greatest value to us and do our readers was its ability to detect and remove malware toolbars and hijackers that often times crippled users’ browsers, redirected their searches, took over their home pages, and hurt their computer’s performance.

Any good anti-virus should be able to detect the most malicious Trojans. And while Malwarebytes may be a viable backup to a good antivirus, that was not why we recommended and endorsed it.

So today, we’re pulling our recommendation of Malwarebytes and we’re conducting tests on several other promising anti-malware programs. If and when we find one that works as well and as safely as Malwarebytes once did, we’ll let you know right away.

This is not something we wanted to do. We have waited weeks and weeks for Malwarebytes to explain why they’ve changed. They have never answered our email. So, at this point, because we can’t trust Malwarebytes to detect and remove the most ubiquitous malware — the kind that infects most of the computers we see every day, we can no longer recommend Malwarebytes to you.

If, in the future, Malwarebytes decides to return to their former higher standards, we will certainly take a look at it, test it, and if it is as good as it once was, we will certainly recommend it to you again.

29 thoughts on “Malwarebytes: The end of the line

  1. Larry Hubble

    Well, this is really sad news. It is bad when a company goes over to the dark side and doesn’t take care of their own customers’ needs above being paid off to turn a blind eye to malware that most people do not want or need, all because greed is sometimes more important to people than doing the right thing. Let’s hope they see the light, and care enough about their reputation to do the right thing, and help folks keep malware off their computers. There’s no point in paying for a program that promises to remove malware, and then doesn’t do the job, simply because they do not want to classify the malware they choose to ignore and bypass for what it is, malware!

    Reply
    1. Darcy

      Hi Larry, I don’t think they have gone to the dark side. I just know they no longer detect almost all adware, hijackers, toolbars, browser addons (PUPs) etc. and I do know they used to. Their explanation is that you are warned when they install, and they are easy to remove, so they no longer detect PUPs. I know that most of these are added without the user knowing and they are difficult to remove.

      Spyware Doctor did the same thing years ago, and we pulled our endorsement. We continually test and evaluate what we recommend, and as those who have been with us through the years, we stick to our guns.

      We have been testing a lot of malware removers and we are very happy to announce the new #1 choice for both malware protection and detection.. Emsisoft. We tested it for quite some time and we tested it against all the most common downloaders, toolbars, malware, BHOs and it caught every single one. It is not often we are this impressed with a find, but it tops our list!

      We did manage to work out a discount for our members/subscribers, so be sure you check your newsletter this week! Or you can go to http://thundercloud.net/emsisoft for more info.

      Darcy

      Reply
  2. Jean Leclair

    Now I know whats behind some of the problems I have been having. Today Darcy worked on my computer for about an hour, she even did a stored repoint, but the day for her was ending. I was able to read my email and get rid of junk email. She will contact me later and see what else has to be done. I ran Malwarebytes yesterday and it pulled up over a 120 malware, I was able to get rid of them, but disappointed that malwarebytes didn’t pick-up on them.. All 120 showed pups. Webcake was the base of this.
    I also found conduit on 3 and got rid of them, I think. That also found on a search I did. Malware didn’t pick that up. Its to bad they have come to this.

    Reply
  3. LEE

    ABOUT A MONTH AGO THEY PUT OVER 3,000 TROJANS ON MY COMPUTER. THEY SAID IT WAS DONE BY A BAD UPDATE. MY COMPUTER WAS SO BAD I COULD NOT GET THEM ALL OFF USING THE LINKS THEY SENT ME. SO I HAD TO SEND THE COMPUTER OUT AND THEY COULD NOT GET THEM OFF EITHER. SO I LOST ALL MY STUFF. I SENT THEM THE BILL SEEING IT WAS THEIR FAULT AND I GOT NO RESPONSE FROM THEM. I USE THE PAID VERSION AND WHEN YOU FIND A NEW ONE I’M LEAVING THEM. THEY HAVE MADE CHANGES I DO NOT LIKE EITHER. SAD.

    Reply
    1. infoave Post author

      I seriously doubt MWB would put Trojans on your computer. We never said MWB was malicious, we just said it’s become weak and ineffective. Though we’ve tried to learn the truth but MWB has been evasive, suddenly claiming that things they once removed as PUPS were not so bad after all. Something’s fishy, but we don’t know what. But we know that MWB would not put Trojans on your computer…we are sure of that.

      Reply
  4. Euan

    You guys are so very special and I have enormous admiration for your Malwarebytes stand and the principles you live up to. No need to wish you a good night’s sleep as you can always sleep well in your beds. Well done and a big thank you.

    Reply
    1. Darcy

      Thanks Euan!

      It’s a good thing too! We have turned down a lot of heavy hitters offering us lots of $$ to recommend them. If we don’t believe in the software, and if it not something we would use, we don’t recommend it. On the other hand.. we could have been rich, but we enjoy our sleep much much better!!

      Reply
  5. Lind

    What do you recommend in Malewarebytes place??? You did not refer to another program except advising that a good Antivirus program should remove Rootkits, etc.

    Reply
    1. infoave Post author

      We’re testing things as fast as we can — it might be a one-two punch combination. We will let everyone know as soon as we’ve run our tests.

      Reply
      1. peterws

        Malwarebytes finds plenty of pups. It`s when they`re removed that the fun starts; no internet! System restore, here I come! Pups restored . . . .I guess without tracking devices and resulting tailored adverts, there`d be no point in free stuff would there?

        Reply
        1. infoave Post author

          This is not true, but we’ll allow it to be posted anyway. Malwarebytes can’t decide whether they want to be good guys or protect the bad guys, but we can tell you that Malwarebytes, when they’re playing good guys, removed PUPS well. And since we have worked on about 2500 computers and we used to (before Malwarebytes decided to ignore PUPs) run in on a lot of computers, we never once saw all or any of the problems you report. You seem to have a lot more wrong with your computer than just PUPs.

          Reply
  6. Geoff Hatcher

    try IOBIT i have been using it and find quite freindly
    all the best Geoff.

    Reply
  7. paul

    I use spy hunter & have had good luck with it so far… it costs about $40 but is worth the price.It removed a lot of malware and viruses from my computer and it’s a lot faster now.

    Reply
  8. Anna Kerr

    Took your advice today to remove Malware. Unfortunately, clicked ad (“Remove Malware-Free”) at the bottom of Your article. Got “SparkTrust PC Cleaner Plus Malware Removal Tool”, ending up paying $38.39 through Paypal. I received confirmation from “SafeCart Payments” confirming my payment to SparkTrust and advising that I was now enrolled in an automatic yearly renewal service. If I wished to cancel automatic renewal service, log into my SafeCart account (which doesn’t seem to exist) at http://www.safecart.com/new-login/. I can’t manage to get in to cancel this automatic renewal and have found some similar complaints from others on the internet. Please help me canel this automatic renewal. I should have taken the advice in your next article to read things more carefully. Thanks for your help.

    Reply
    1. infoave Post author

      The fastest, easiest way to get this done is to call your credit card company and tell them you’ve been scammed. Do it right away.

      Reply
  9. Cindy

    Thank you so much for all the work you do for your subscribers. I will be contacting you to do a malware removal on my desktop because I think I’ve picked up something just the way things are acting … thanks to Malwarebytes changing their program and leaving me unprotected from things I thought they were protecting me from. I will be waiting for you to let us know when you’ve found something trustworthy to replace it as I know you will be on the lookout.

    Reply
  10. Bill Jacobs

    Thanks. It’s gone. An old friend. So sad to see them go to the darkside.

    Reply
  11. Joan G

    I have just removed Malarebytes from my PC. I will rely on Microsoft Security Essentials and Super Anti-Spyware Pro to keep “MY PERSONAL COMPUTER” mine, and as secure as possible. I do hope you discover a trustworthy replacement program for all of us that appreciate you and your efforts. In the meantime, I would greatly appreciate instructions on how to search for, and remove, PUPS and Malware, such as Ask, Conduit, etc.

    Reply
  12. YvonneInBetween

    In the past couple of weeks I have contacted Malwarebytes and expressed my disappointment in their new decision to not detect PUPS. I also got the same ‘blanket’ response others received. But I did one better. Yesterday I sent a copy of Cloudeight’s decision to no longer recommend them and told them as soon as a better service is found, I am switching. They replied that I will not find anyone else to remove PUPS. I wrote back and told them “they used to” and someone will be able to do it again.

    Reply
  13. James Sparks

    Should we remove Malwarebytes Antimalware from our computers?

    Reply
  14. Charlie

    I feel this is a lot of hate for a company who has done nothing wrong. I have been using Malwarebytes for years and I never had a problem with them. They have removed many infections in which my family has depended on me to remove. So because they don’t remove legit company like Ask (based in Oakland) and Conduit (based in Foster City) your going to jump the bandwagon onto another program. Wow, I feel like you guys would never be satisfied even if they did remove those.

    Reply
    1. infoave Post author

      Charlie, outside of your family’s computers, how many computers have you actually looked at; and I mean really looked at?

      There is not hatred on our part for Malwarebytes. We’re sad they’ve turned their backs on their customers, much the way many companies have done. We don’t know what when on with Malwarebytes, and we don’t have time to coddle a company much, much richer financially than we are. We just think, that for those who trusted Malwarebytes, they are the ones who jumped ship, and that ship was full of trusting companies like yours.

      A logic professor once told me not to argue with anyone whose premise was illogical — and that would be your premise, Charlie. What possible difference does it make where a company is based? Are you saying all American companies are good and all foreign companies are bad? That’s illogical, Charlie, and you know it is. Just because you can google Conduit or Ask and name their home cities, doesn’t mean you know a lick about what they make. Would you like to know?

      Ask is part of Interactive Corp. This is the fine company who brings you and your children FunWebProducts, MyWebSearch, WebFetti and other such wonderful programs which all install when you install one, of course this is not really mentioned during the installation. Suddenly, browsers are loaded down with toolbars, all injected by Interactive Corps’ bundler. And if Ask is the benign friendly program you seem to think it is, why does it hijack your home page, your search engine, and your browser? These are not my opinions, these are facts. If Ask is such a good search engine why do they have to resort to hijacking?

      Conduit doesn’t even make anything you download, indeed it makes things you download worse by allowing companies to create what are known as silent installers, whereby things are installed in the background while you are installing something else. If you think this behavior is legitimate and good for people, that’s your opinion, but I think you’re blowing smoke, covering up for a company which abandoned you and others like you for reasons which they won’t say.

      And if your argument is Ask and Conduit are benign, why, until 3 or 4 months ago did Malwarebytes list them as PUPS and allow people to remove them quickly and easily? We have an idea why, for the same reason a lot of other bad things happen — money. You can take from that what you wish.

      I’ll make you an offer, you write us and set up a time, and I’ll personally scan your computer for malware – since you blindly trust Malwarebytes to protect you — then we’ll go through the list of the malware I find on your computer and we’ll google each one of them, together. If you’re so sure that these programs which Malwarebytes now claims are benign, yet several months ago claimed were unwanted software, then take my challenge and let’s look at facts and not blind faith in a company that I don’t feel deserves your faith or your trust anymore. Do you always stick with the same things in your life — if you bought a jar of your favorite peanut butter and got sick, would you not jump ship and try a brand that didn’t make you sick? Are you really that naive?

      Things change in this world, whether we want them to or not, and clinging to something with blind faith and then trying to mislead people into believing that just because something was wonderful in the past, we should stick with them through hell or high water, all the while our computers fill up with software made by companies who you claim are good just because they’re American companies.

      I’ve personally worked on hundreds and hundreds of computers and I’ve seen first hand the damage these so-called benign programs like Ask Toolbar and it’s FunWebProducts toolbars. Oh and your wonderful ASK makes a toolbar which lures people by calling it a Bible Toolbar — then hijacks their browsers, search engine, start pages, and starts with Windows using resources and causing problems.

      And Conduit, the benevolent company you mistakenly claim is based in the good old USA. You’re wrong. Their company is in Israel. Nothing wrong with being from Israel, but your googling failed you. They have a U.S. Office, but if you want to sue them, you have to sue them in a court of law in Israel. Just in case you ever had a problem with them — but you never will, Charlie.

      Conduit makes such wonderful things possible like Search Protect, SearchScopes, and other wonderful gems which hijack home pages, hijack searches and search engines, redirect users to different pages than those to which they intended to go.

      Ask and Conduit make money by showing you adulterated search results – results in which the first 10 or 15 entries are not search results at all, but advertisements disguised as search results. The object being to get users to click advertisements thinking their genuine search results thus earning money for every such click. So not only do they deceive the user, but the deceive the advertiser who has paid to place advertisements with their companies. They make money by deceit — and if you think that’s benign, that’s your prerogative, but I don’t think it’s right to deceive people or take money from advertisers who are probably not even remotely aware how the clicks they’re getting are being generated.

      So how about you take my challenge. Let me look at your PC and we’ll go through the malware I know I’ll find, one by one and I’ll show you what it’s doing to your browsers and your computer — but don’t worry, I won’t remove it unless you want me to.

      Why do I get the feeling you’re not going to take me up on this challenge?

      Reply
  15. SN Harden

    TC & EB,
    I wrote a few weeks ago about this whole malwarebytes fiasco and am now back with a few more findings and unfortunately its not pretty. I’ve looked at a couple dozen PC’s and Laptops over the last few weeks and can confirm that Malwarebytes has definitely changed their detection practices. All the PC’s I’ve looked at have both Malwarebytes (free and paid) and Windows Defender or Microsoft Security Essentials installed and all 3 programs seem to have faults. Windows Defender and MSE had no problems with installing and asking to enable the Ask toolbar although conduit was stopped on all but 3 PC’s and I don’t know why. But Malwarebytes lets all of that install or enable without any problems. The Microsoft programs stopped most of the malware (Lets call a spade a spade here) but it wouldn’t stop you from installing some of it if you chose to do so. I had 3 jobs call me back to say the malware was somehow magically back on their computers and I think but can’t prove that somehow the users are responsible for that although they seem to not want to admit it(after glancing at their history in ie), but that’s ok.

    One other thing I want to mention is that Windows Defender and MSE will get uneducated people in trouble because it will just let you install some of it such as the ask toolbar(or enable toolbar) which no one in their right mind would want on their machines anyway. Ask gets installed whether you enable it or not, don’t know how that can be legal to do but there you go.

    Anyway Malwarebytes is sliding down that icy slope to the pot of gold waiting at the bottom and after the money is all spent that’s where they’ll be at the bottom.

    I also don’t know what a good alternative would be at the present time because I just don’t have the time to play around with it all right now. As of yesterday I have removed Malwarebytes from all of my machines and I won’t recommend them anymore to anyone. Before I forget 5 PC’s I looked at had the paid versions of malwarebytes so the detection rates between free and paid seem to be letting the same malware go undetected.

    I’ve even started to offer customers to just reinstall Windows an do a complete reset on Windows 8 because some of this stuff is just to time consuming to track down and find aside from the ask toolbar which is probably the easiest to get rid of than some of the conduit stuff which can be all over the place.

    A friend of mine who is also in the computer repair business still swears by Super Antispyware but I don’t know(personally never really liked it but that just personal). Ten people will tell you ten different things so I guess its a individual choice.

    Someone asked me the other day “if these programs aren’t detecting this stuff how will we know if we have malware?”, I told her you’ll know because it will take your computer a long time to boot, your computer RAM and CPU will be maxed out most of the time and no matter how fast your internet connection is your computer will run as slow as molasses on a winter day and most webpages will take a long time to load. I was monitoring the Ask toolbar a while back on a old laptop I use to experiment on and with the program “Process Explorer”(was a systernals program but now its Microsoft owned) and watched the ask toolbar making connections up to a 100 times a minute doing god knows what. And all the peer to peer stuff is the same way trying to connect 100’s of times a minute. So you can easily see how it slows down your connection and the connections these programs make are priority connections which means they basically over ride everything else going on.

    I wish I had time to go into more cause I could really offer up some programs and ideas to help people cope with the malware onslaught that seems to be just getting worse and worse. I think the days of set and forget programs are gone. Users have a lot more to do for themselves and the uneducated or less savvy users are going to be the losers.

    People really have to be better educated and a lot more vigilant or else they will wreck havoc on their internet activities.

    I’ll close with this for everyone that comes to this site. “If you are going to go to questionable websites, download free software and music and lets not forget the adult content (that’s where a lot of infections come from but most people won’t admit it) YOU ARE GOING TO HAVE ALOT OF PROBLEMS! END OF STORY! And at the end of the day you are going to pay people like TC and EB and also me to get rid of it for you. And folks this stuff is getting harder and more time consuming to get rid of unfortunately”.

    The very last thing I want to mention (sorry I know this is long winded) is those lovely download sites which are so full of surprises and pop-ups and unders, you know like freakshare, bitshare, uploaded, sendmyway, fileshare(only the tip of the iceberg folks), this share and that share everywhere share share share. These pages are loaded with buttons to download, upload and in fact no matter where you click on the pages its a link to something and most of its not pretty(think ilivid download manager, theres a piece of work for you). There could be dozens of links and there’s only one link to the file you are trying to download, try it some time but without clicking just position your mouse any where on the page and its probably a link to a little goody waiting for you to download.

    Too bad about malwarebytes, but adaware, spybot s&d all went the same way and look where they are now. Thanks again for your time.

    Reply
  16. SN Harden

    To Lee above. NO THEY DIDN’T! Your infections came from somewhere else. My guess is you need to get some educating there fella. 3000? Really? If you really had that many your PC or Laptop would be toast. Been in this biz 30 years and I thought I’d seen the worst there is, but 3000? But if its true I bow in your honour because you’ve achieved what I think is impossible to do and have a computer that still works. Well done! Sorry folks just couldn’t resist. Lee get TC or EB to help you they charge less than I do by the way.

    Reply
    1. infoave Post author

      Malwarebytes owes every one of their users an apology. The sad part of this who thing, we were the only ones writing about their sabbatical from protection the users who trusted them.

      They never admitted they stopped detecting them, why the did, or why the decided to change back to what they were. It’s a very political statement which admits nothing — and one has to be skeptical of a company who leaves millions of users who trusted them, in the lurch for 3 or 4 months.

      Malwarebytes full version (the only version that supposedly protects users from becoming infected in the first place, is not free, it’s commercial software – and they left those users who had paid, in the lurch too.

      We have answers from Malwarebytes to our readers from just a week or two ago claiming PUPs were not malware – not bad at all – just things people might want and if they don’t they can easily get rid of them. That is not true. Suddenly, after we brought it to the attention of many, Malwarebytes is singing a different tune.

      Emsisoft is a superior product; it’s free version (after the trial expires) removes malware, just like Malwarebytes used to do. But Emsisoft has a top-rated antivirus and the best anti-malware and more in the paid version. And we think it’s worth every penny. And trust us, we’re going to stay alert and if we see any changes in Emsisoft, we’ll contact the CEO and bring it to his attention and things will get done. We’ll never leave our customers in the lurch.

      It will be interesting to see how long Malwarebytes stays on this road. We trusted them for a long time as did many others — but a few months ago they made changes to the program which left millions of users thinking they were protected from the most ubiquitous PUPS, but weren’t. It’s ironic that the picture of the PUP-riddled browser looks amazingly similar to a screenshot we took of a Cloudeight Direct customer who was infected that badly, and she was a Malwarebytes user at the time.

      We wish Malwarebytes well and hope they stay on the right road this time. We imagine many will continue to trust them – and that’s fine. But this time they’ll have to earn our trust because once bitten, twice shy.

      Reply
  17. RodM

    Thanks for your site which I’ve just found trying to decide whether to continue with TrojanHunter subs. I am impressed with your genuine helpfulness and will subscribe. Thank you. I will try Emisoft on your recommendation.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *