Jump to content

pbust

Staff
  • Content Count

    3,368
  • Joined

  • Last visited

Posts posted by pbust


  1. What's the pop-up you are seeing? Is it a balloon notification from the system tray saying that "XYZ application is protected" or something to that effect? If this is the popup you are referring you, please check the Anti-Exploit settings, specifically the "Show system tray notification tooltips" checkbox.

     

    image.png.c0191e08c31683fe237281e547825026.png


  2. From here: https://forums.malwarebytes.com/topic/191650-malwarebytes-3-frequently-asked-questions/#comment-1077438

    Quote

     

    What is an antivirus replacement, and how can Malwarebytes 3.0 replace my antivirus?
    Antivirus replacements utilize signature-less and behavior-based detection technologies to catch the latest and most relevant threats, as opposed to anti-virus programs that rely on large databases of signatures that can quickly become outdated and are typically ineffective against many modern threats. In combination, all of our technologies can replace antivirus if a customer wishes to do so. Over 50% of our home user customers have already replaced their Symantec, McAfee, etc. with Malwarebytes Anti-Malware Premium. We believe in layered defense and built Malwarebytes 3.0 Premium to provide the right mix of proactive and signature-less technologies to combat modern threats and zero-day malware. The combination of our Anti-Malware, Anti-Exploit, Anti-Ransomware, Website Protection, and Remediation technologies provides better coverage against modern and zero-day threats than the traditional antivirus companies that charge more for less effective protection.

    Traditional antivirus vendors have struggled to keep pace with rapidly-changing malware, especially ransomware and data breaches where 0-hour protection has become the only meaningfully-relevant protection. In today’s modern threat world, where professional malware writers make their living engineering new ways to bypass protection, it is more important than ever to utilize signature-less technology and layered security to provide the greatest possible chance of defense. It is just as important to provide comprehensive remediation capabilities to clean up active malware when all else fails.

    Prior to Malwarebytes 3.0, our software was intended to be layered together with a traditional antivirus. Malwarebytes 1.x and 2.x contained only two primary layers of defense (Malware Protection and Website Protection) plus remediation, none of which is fully signature-less. But in Malwarebytes 3.0, with the addition of the three signature-less anti-exploit layers and the signature-less anti-ransomware layer, Malwarebytes defense against real-world threats has finally surpassed that of the traditional AVs.

    We didn’t originally expect to draw this conclusion. But after we developed the anti-exploit, anti-ransomware, and other Application Behavioral Protection technology in Malwarebytes 3.0, our researchers tested our performance against the full landscape of real-world threats and found we offered our users more comprehensive protection at a better price with Malwarebytes 3.0 than by recommending you buy a separate traditional AV. So we did it.

    For our users who do prefer to continue using a traditional antivirus alongside Malwarebytes, by all means please continue to do so. Malwarebytes will always maintain compatibility with all major security software on the market, both free and paid. In particular, Microsoft’s traditional antivirus Windows Defender is included by default and for free with Windows 8 and 10, and is a useful additional layer alongside Malwarebytes 3.0.

    So in summary, our recommendations are:

    • If you would prefer to use only one security product, choose Malwarebytes 3.0 Premium. Based on our testing, Malwarebytes 3.0 alone provides excellent protection against today’s threat landscape.
    • If you would prefer to pay for only one security product, choose Malwarebytes 3.0 Premium and add a free traditional antivirus like Windows Defender (pre-installed for free in Windows 8 and 10). Malwarebytes installs alongside Windows Defender by default, so this is the default configuration in Windows 8 and 10.
    • If you would prefer to pay for two security products, by all means feel free to do so. Malwarebytes is compatible with all major security products on the market.
     


     

     


  3. On 7/8/2017 at 9:58 AM, Sampei_Nihira said:

    I do not think so for 2 reasons:

    1) With Process Explorer you would see mbae.dll.

    2) Rename the Exploit Test Tool (HPA3) as 7-zip/winrar/..............exe:

    Like Ron said, the internal shields for the compressor family works in a different way than regular shields. It cannot be tested the same way as the regular shields (i.e. looking for dll injection, renaming the tool, etc.).

     


  4. That's a hard block. You don't want to allow Word to perform those types of actions. Its one of the top 3 malspam infection vectors. The only way to allow it is to deactivate the Word shield, which we obviously don't recommend.

    Seems like the parent is Java. Could this be by some in-house or third-party application? If that's the case, I'd be having a conversation about basic security best practices with the vendor.

    I know this puts you between a rock and a hard place and am sorry for that, but unfortunately from our perspective allowing this type of Word behavior would practically equate to allowing our customers to become infected.


  5. Sorry it took so long. The MB 3.1 beta has just been published here:

    https://forums.malwarebytes.com/topic/200230-new-beta-malwarebytes-3101716/

    It includes the fix for the Office issue.

    FWIW I think you are all right. We've had a lot of issues in the past for how to deal with conflicts with betas and 3rd party software, but OTOH MSFT started throttling Win10 CU and MB3 should be compatible out of the gate. Let's keep it civil and thanks for keeping us honest.

     


  6. David, I can assure you we are giving this issue top priority.There are a couple of other big moving parts with the impending release of 3.1 which includes this fix and is almost code complete. As soon as we have the build we will post it here and release an automatic Component Update to the entire user base.

    Sorry for the problem this has caused all of you. It was triggered due to an unforeseen last minute change in the Win10 Creators Update. We have been in communication with Microsoft since the first time this was reported and are working with them on a daily basis to deploy the fix asap.

     

     

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.