Malwarebytes is a widely used anti-virus and anti-malware program from Malwarebytes Inc. The software includes an integrated mechanism that can assess the hosts file as malicious.
These misleading messages from malwarebytes refer to the presence of supposedly unauthorized versions where entries are present in the hosts file.
Fear of product "piracy" justifies false reports?
For non-legally purchased and installed versions of malwarebytes, entries are added to the hosts file to avoid contacting activation servers. A popular method is to use key generators, or auto-patchers, that take all the work off users.
Depending on this, this mechanism can turn out to be problematic if consumers have a legal license and still certain entries to the activation servers of malwarebytes exist in the hosts. In this case, there is an immediate alarm, the own device security is questioned and the hosts files are modified independently, although everything is fine and there is no danger for users.
The software from Malwarebytes, Inc. is an example of how those who declare security and rules first assert their own interests.
Data preparation by Trifacta
Malwarebytes uses Trifacta on AWS for data processing and analytics
Unsolicited modification of your own files and settings? Softening your own security settings? False reports? This can happen faster than you think, because the behavior is often observed in the wild with "snake oil software" and various "cleaners."
In addition to Wise Care 365 and IObit, Malwarebytes also exhibits this behavior under certain circumstances. Thus, the software deletes entries from its own hosts without feedback if certain entries are present, additionally outputs error fertilization for alleged threat scenarios and wants to move the corresponding file directly into quarantine.
Malwarebytes Telemetry
In addition to the activation servers and update checks, Malwarebytes is characterized above all by telemetry and recording of user actions
The two addresses that may NOT be in the hosts contain user data such as account ID, installation token, user IPv4 address, license key, time stamp of the last server contact, product version, product when received, license term, subscription model, affiliate data, etc. A part is of course required for the purpose of comparing the registration.
Scan log of Malwarebytes with the entries Keystone and Sirius. Result: Riskware.DontStealOurSoftware How about "Don't mess around in files that don't concern you"?
Data is thus sent via both addresses, which users can clearly identify and link to the program itself. This not only once, but for every program start, every program call and every call of the account tab.
If you do not want malwarebytes to connect to the Internet regularly, an exception rule must be created so that the entries are not deleted, or optionally a firewall or systems such as Pi-Hole are used.
Intentional false reports by malwarebytes
The aggressive behavior by independently modifying your own files is accompanied by false reports by the malwarebytes software, which put users before an alleged threat scenario. Users who use the filter lists in which entries of Keystone and Sirius are listed are guided here on the ice and deliberately unsettled.
Evil hosts?
If certain entries can be found in the hosts that affect malwarebytes activation server, the program issues intentional false reports regarding malware, deletes corresponding entries and wants to move corresponding files to quarantine.
Unwanted elements? Undesirable here is merely something from the point of view of the company Malwarebytes, Inc.
Always Online does not work without the Internet
Another nuisance is the "Always Online" mentality, because as soon as an internet connection no longer exists, malwarebytes are teetering elsewhere. Blocking by hosts is not possible without further action.
Activation Error?
Internet off? Immediately an important looking error message appears with the note that the user should please check his own connection. However, it also shows that (if possible) there is a permanent online connection.
Malwarebytes lies and deliberately issues false/positive messages
