IAm Marcin Kleczynski, founder and CEO of Malwarebytes. AMA.

Just wanted to say thank you. Spent three years working in a local computer shop and about every computer was fixed thanks to malwarebytes.

You're welcome! I worked at a computer shop where we reformatted every. Single. Machine. I couldn't take it anymore.

Am I the only person who's annoyed by the way, when you manually update Malwarebytes definitions, and then accidentally highlight another window while it's downloading (, that you can't just tab back to the update window when it finishes because it hasn't created anything in the taskbar yet? So then I have to minimise windows to dig back to it and continue rather than clicking through the taskbar.

Or am I just being stupidly petty?

Because otherwise it's a damn fine program. But this has always bugged me.

Nope, I just tried it and I'm annoyed. Off the to development queue it goes.

Marcin,

Thanks to you and your team for allowing me to fix my computer after I browse shady porn sites.

That's what we're here for.

I was doing my monthly parental computer fix and Avira wanted me to uninstall MB. Guess who ended up getting uninstalled instead?

Thanks for the awesome Polish parent computer saving application.

I hope they see this.

Did you have a hand in making combofix?

Whoever came up with that is my hero.

Nope, but he works for us now!

Marcin, first I want to think you for saving me countless headaches when I didn't know much about computers, and now for helping me clean client's PCs very easily. I have a number of questions:

• Quick scan vs Full scan: When do you really need to do a full scan?

• Why are not all threats immediately chosen to quarantine? I hate going through every single one and clicking the box next to it. If this isn't an option, why isn't there a "Choose all" option?

• If MBAM doesn't take care of everything, do you have a next go-to program?

• What's the record for most infections? Ours is 350,000 on a single computer.

Thank you!

• Never, seriously. We've designed the quick scan to detect everything. The full scan is there for people who won't believe us.

• By default, any actual threats should be pre-checked. Right click on the item and you'll see more options to check every item.

• An antivirus can go a long way on older, less aggressive threats that we have not seen. If you're looking for pure cleanup tools, I would recommend ComboFix as a last resort.

• You probably hold the record. I don't know if a congratulations is in order or ...

The threats that aren't checked usually are .PUP and little spyware things like that. On fresh installs of MBAM, they do not have some of those checked. But now I know there's a "check every item" option so that's good to know.

Thank you for the response!

Also, check out Settings -> Scanner Settings -> Actions for PUP software.

If it hasn't been done already, could you please add a feature to flush the DNS cache to Malwarebytes?

It makes sense to clean out this last bit of crap that some malware leaves on the machine, and a DNS flush is something important that is not well-known as a necessity for the majority of non-techies... heck, even for some real techies out there.

Like a setting in the settings tab, i.e. "Flush the DNS cache after each removal?"

You said layered security is always better. In addition to Malwarebytes, what other software would you recommend running on a computer to help keep it safe? I'm always looking for the best combination to protect my less computer literate parents and friends.

To put the question another way, if you were working with a fresh install, setting up your parents computer, what programs would you install, what "package" would you create, that would best protect that computer after you walked out of the house? What AV? Any other malware/spyware programs (spybot comes to mind)? Any programs that lock down settings and files?

Avast, Malwarebytes, LastPass, and TeamViewer. The first 3 to help protect them, the last one to log in when shit hits the fan.

I'm curious why you feel Avast is the go to Antivirus software. Care to elaborate for us?

I have the most experience using it when fixing friend's computers. Just like any other techie, I use what works!

What's your thought on Microsoft Security Essentials ?

meh

I've noticed, on occasion, that MSE will happily fuck the dog until I run a Malwarebytes scan... but when that scan finds something, MSE wakes up and sees it too.

What might cause this phenomenon? Is it most likely attributable to shitty MSE, ballin' Malwarebytes, or both?

That's a really good question. I'll see if we can try to reproduce it.

Honestly, I'd appreciate if you could expand on that. It's free, unobtrusive, and has low false positives. That makes it great for geeks to install on relatives computers.

If the detection rate is low, could you provide a source or at least anecdotes? It would have more value coming from somebody with experience in the field.

I've seen zero-day testing on it and it is miserable. It can't detect many threats in the first 24 hours of their life. Once 24 hours have passed, it gets significantly better, probably because of honeypots it picks up. However, how many customers were infected in those 24 hours?

These findings can be backed up by MalwareResearchGroup and some other places, i.e. VirusTotal.

Could you please comment on the fact that some of the more vicious malware nowadays tries to block the user's installation of malwarebytes - and what you guys do to combat that?

I thought you'd never ask!

Chameleon

this functionality has worked most of the time for me. On most computers I only have to run one of them, but I did encounter some shit that made me run all 4 or 5 of them before it would clean them. Back in the day, I used to rename mbam.exe to yourmom.exe and it would work, then they got sneakier, glad you guys did too.

lol @ yourmom.exe

[deleted]

Already here!

How did you handle the transition from sole creator of Malwarebytes to becoming CEO of a company? Are you still involved at all on the technical side, and if not, do you miss that?

I don't let anything get out the door without understanding how it works technically. I love programming, but I love growing Malwarebytes even more. It was a hard transition, and they have to remind me every couple of days that I'm no longer a programmer.

Congratulations on your success.

-How did you overcome the technical challenge involved in finding and removing malware that the big companies seemed to miss?

-Why were you able to do this, when they couldn't?

-How old are you?

-Did MB make you a rich person, and is so, how did/is that changing your life?

Really good questions.

• The engine was written to detect zero-day threats and focus on what antivirus misses. In a nutshell, we focus on their misses and then add the rest.

• Finding the right people to use the technology. Our engine can only go as far as the researchers that utilize it. We don't have 9 to 5 people, we have people that were in the community doing it for free.

• I am 23.

• I reinvest most of my money back into the company to help it grow. It did not make me a rich person, but it did get me out of my parent's house.

what are your thoughts on wearing shorts to work or company events?

I highly encourage it. The shorter the better.

That sounds like a challenge.

And one ball sack away from a lawsuit.

Sorry, I thought these were the cleverbridge guys making fun of me -- I wore shorts to one of their formal events once.

Who do I have to blow to get a job at Malwarebytes?

I would hope nobody.

Edit: Oh, and say hi to Duncan for me.

Any plans on making a Malwarebytes rescue CD in the near future? I've dealt with Malware that had made Windows completely unusable, even in safe mode. A rescue CD would help in this case.

I know we've been working on one. Shhhhh!

Of the 50+ people helping you fight the evil malware writers who is your favorite to work with?

That would be me. If he says otherwise he's lying.

Clearly Robert is delusional.

What are some of the worse viruses you have seen?

Whats the most common way people get viruses?

What is your favorite joke?

Any rootkits or ransomware. Focusing on being able to remove those is what made us so popular.

Key generators, definitely. There are easier ways to get free products, i.e. promotions or simply asking.

This one made me laugh yesterday: http://www.lolroflmao.com/wp-content/uploads/2011/07/sodium.jpg

[deleted]

Let me get through this IAMA and you've got yourself a deal.

haha you poor guy... I'm good though. Here, have a riddle I just read instead of a key request:

You and I are standing at a bus stop, I tell you I have three daughters and their ages, when multiplied together, equal 36.

A * B * C = 36

My bus comes, seeing the number, I mention that my daughters ages, when added together, equal the bus number.

A + B + C = Bus number

As I hop on the bus you tell me that you haven't enough information to calculate my daughters ages. I respond, "My eldest daughter has brown hair".

What are my daughters ages?

[edit] reformatted

Is it sad that I stared at this for a few minutes instead of continuing the AMA? Kudos.

So, I have the 0Access Rootkit. Just wondering how easy this beast is to get rid of. Been too lazy to get rid of it, will it do any damage to any reg files or anything important?

Contact support, we've got a cool new tool in the works that can help you.

[deleted]

Majorgeeks still offers it. I know we had some technology changes but I'll see if we can restart this.

1. Do you think an experienced, safe user (Windows 7) could get away with running MBAM PRO alone?

2. Will the UI be receiving an update any time soon?

1. Without knowing their actual habits, I would never recommend it. Layered security all the way.

2. Oooohhhhh yes.

How do you feel about people that think they don't need any security software on a Mac?

Their day will come.

Do you have a plan for a "Malwarebytes for Mac" offering?

We really want to focus on what we're good at -- Windows. However, there are technologies, like our Website Blocking, that are cross-compatible. You'll probably see those for Mac first.

Your program has saved my ass more than once. so thank you!

What is your take on malware for smartphones? Will that be a problem? Are you already working on that?

I don't think it'll be a problem, but if it becomes one, we're ready. Many people will disagree with my statement.

Big fan of Malwarebytes here! I can't count how many times that program has helped me in cleaning up malware that regular anti-malware programs would not catch and remove.

My question: What exactly is implemented in Malwarebytes that makes it pick up malware that regular anti-malware programs normally don't catch?

Glad we could help. I think the fact that our engine was built just a few years ago helps our team detect malware that other vendors just suck at. We also have an evil genius at the head of research.

Thanks for such a fantastic product. Even though I haven't had malware problems in years, I purchased a Pro license.

Good products deserve support. Throwing money at a company like Symantec or McAfee doesn't generate better products, it just generates more bloated crapware.

Thanks for your support, we tremendously appreciate it!

What is your web browser of choice, and why?

Chrome. I think it's really easy to use and I find it faster than Firefox. I like the syncing and the plug-ins I use, LastPass and StumbleUpon, are both compatible.

Just curious, have you tried any of the newer versions of Firefox, like Nightly? Using that now, it's pretty damn fast.

Nope, I'll install it on the laptop tonight.

I know that there are a lot of destructive viruses/malware out there so what is the most "entertaining" virus/malware you have come across?

OK, so this is old school, and more adware than anything else.

http://en.wikipedia.org/wiki/BonziBuddy

Clippy's cousin.

Worse.

Read about half the AMA before I got the urge to ask:

I've been using MBAM for a very long time now, on my personal computers and work computers. On my own machines, I look at porn. I download cracked software. I do a lot of torrenting. On work computers, I keep as clean as I can with what I do (obviously).

It seems to me that I'll run MBAM every few months on my own computers and hardly anything, IF anything, will be picked up (latest updates from you, full scan, etc). However, at work, people who hardly even use the internet for anything, on our own firewall'd network with updated Semantec on every PC, can get a whole lot instances of malware.

Any ideas why? I hope I'm making sense with my explanation. It just seems that with all the stuff I do online, I'm BOUND to have some viruses/malware/etc....but nope. Surprisingly clean. Am I just that good and picking and choosing where I get content from, or is there some underlying thing going on?

EDIT:Also, sorry if this has been asked in some way before.

Not to be rude to those other people who aren't here, but it's probably because you know what you're doing. Most malware isn't installing with browser vulnerabilities or hiding in warez - people download and install it because they've been fooled into doing so.

You probably wouldn't download and install software from a popup that says that the internet police have detected that your computer is running slow and it needs their totally legit registry optimizer, but millions of people think 'wow, it sure is nice that the internet police are looking out for me' and run the damn thing.

I like this answer. A little bit of common sense can go a long way, and you definitely have it.

When I start it up and click the scan button, what is actually happening? In other words, in a nutshell, how does the detection process work?

Without going into proprietary details, we enumerate the items on your system and link them via environmental cues to get a holistic picture of your whole system. We then go through the files and registry keys/values in certain "hotspots" and scan them against our database and heuristics.

What's your zombie plan?

Dodge, dip, dive, duck, and dodge.

I have a friend w/ Windows 7 x64 and he has some kind of search engine hijack/rootkit that I just cannot remove using MBAM free, kaspersky or nod32.

If I purchase MBAM, will support help isolate where it's coming from?

Also, do you know of any programs like Rootkit Revealer that work on 64bit Windows?

What if I told you Malwarebytes had a product called Malwarebytes Anti-Rootkit that you can only get ahold of through support?

We'll help you for free, just contact support.

Any chance of that going into a regular release of MBAM?

That's the plan! Stop reading my mind.

But seriously, we're testing it standalone to ensure stability.

Echoing a lot of what people are saying about working in shops and using Malwarebytes. I got one of your guy's shirts when I was hanging out in the smoking area at Defcon and I love it!

What do you think most AV companies are doing wrong these days?

What's the most annoying obfuscation technique in use today?

What do you think would be a good solution to the shortage of highly trained workers in our industry? Are the schools doing enough?

Would you guys be willing to sponsor my Bsides? :P

• I think they are focusing on silly av-tests instead of focusing at the threats their customers are actually exposed to.

• I'd have to ask our researchers. I know this isn't "obfuscation" but fake file extensions are really hurting our customers.

• As somebody just out of college, I can tell you schools are NOT doing enough. I took one security class, and it was optional. We need a security track at most schools.

• Message me!

Didn't you go to U of I? I wish I had run into you on campus. Did you ever work out a site license for the school?

Yes I did! You might still see me on campus, I visit quite often.

Are there ever any criminal charges/follow up to the creation/dissemination of malware? Do you folks ever get involved in such an investigation?

We work with several government agencies and we help with hundreds of website takedowns monthly.

Hi marcin I would like to know at what moment you decided to hire your first employee? What was the element which made you decide to pass from a "one people - one software" model to a company? What was the very first economic model of malwarebytes? Freeware with donations and ads?

Thanks marcin

Yes, it was definitely freeware. The minute I opened my inbox and saw 200 e-mails from the previous night, I knew I couldn't do this alone.

[deleted]

Got a call from my mom a few years back saying that she saw a window pop up on her computer that told her the computer was infected. She paid $75 to purchase the tool that allegedly would help her fix the issue. I knew right away this was ransomware and we had to chargeback the credit card and more.

It can do more than stealing your logins. It can use your Facebook, Twitter, bank websites, you name it. Worst of all, it can make the computer unusable.

Hey man best tv show?

Breaking Bad. I was also a House addict back in the day, it was a serious problem.

I like you because your name is Marcin, I too am a Marcin.

We should take over the world.

As someone who is clearly knowledgeable on the subject, what are your thoughts on Windows 8 and its changes? Namely the controversial ones; Metro, no Start button, the marketplace, etc.

Will any of them affect sales in a negative way amongst the IT orientated audiences? Should it?

I don't think so. I think Windows 8 migration will be slow and I think Metro use without touchscreen will be low.

[deleted]

The author of ComboFix works for us and some of the technology has been incorporated. We're trying to keep our tool user friendly and as safe as possible.

What's your advice to people who are inspired by your success (especially at your age) and want to emulate it?

Don't let anything stop you and do it because you enjoy it. I enjoyed programming and I can't imagine myself doing anything else.

How many females work for you? I thought Marcin was a girl's name for a moment...

We have quite a few, at least one in each department. And I've gotten that before, it's Polish.

If one of the big guys like Avast, AVG, McAfee, Symantec, etc., offered to buy your company, what would it take for you to consider it or would you never?

http://www.youtube.com/watch?v=jTmXHvGZiSY

AV's have tried, it wasn't the right time. Malwarebytes is my baby and I'd like to see it grow for now.

1. What was the toughest virus you guys ever dealt with?

2. Any tips for avoiding viruses and trojans aside from the usual "Don't download anything suspicious."?

Bonus: Norton or McAfee?

Avast anyone?

It's what I tell my parents to use!

Do a lot of people buy the paid version of your program? How is the money?

The money helps us build a team that builds better technology. Many people understand that they don't want to be infected by the same malware that just got past their antivirus and tack us on as additional protection.

What was the most troublesome virus you've ever encountered?

Personally? It wasn't a single piece of malware, it was a dropper that put everything on the system. Literally, half of the HijackThis entries were malware. At that point, it's very hard to remove the infection because each piece helps another regenerate.

[deleted]

I think it's best thing since sliced bread. I used to be very active in open source before Malwarebytes and it's something I want to get back into. I know a majority of our development team works on open source software and we're looking to sponsor some projects as well.

Why is the FBI ransomware so hard for AV software, even MBAM to detect? And do you guys know how it is spreading so quickly?

Your second question answers the first -- it's hard because it spreads so quickly. There are new variants each day. It's spreading so quickly because it makes the criminals the most money. It fooled my parents, and they purchased it!

you have a better feel for trends in malware evolution than just about anyone on earth, i imagine. what do you see as the next big thing in malware -- or can such a thing be foreseen?

We've seen rootkits. We've seen ransomware. Rootkit ransomware? Seriously, any threats of the future will likely be bundled with a rootkit. It's a very effective tool for malware writers.

Thanks for working so hard to protect folks! You've been a savior for me and my friends! I help out at my kids school and use MB all the time personally. Is there an education discount? The school is non profit and can't afford to pay the yearly corporate rate...

We do have an educational discount, take a look at our enterprise site.

Any thoughts on making a portable version of MalwareBytes so I can put it on a flash drive?

We're thinking about something for techies to use. What is most important to you? Portable version? Rescue CD, USB, etc.

When scanning with Malwarebytes, would you say it is important to scan each user individually?

I think it's important to remove the remaining traces that may have been left on a per-user basis, i.e. the start menu folders. However, the core of the infection will be gone.

My job would be much harder without your product. Thank you. I would love to see downloadable updates for offline use brought back.

Check this out:

http://data-cdn.mbamupdates.com/tools/mbam-rules.exe

I-L-L!

I-N-I! Although you won't catch me at the games anymore.