Durew

Honorary Members
  • Content count

    238
  • Joined

  • Last visited

About Durew

  • Rank
    Advanced Member

Profile Information

  • Location
    Europe
  • Interests
    Computer security, amongst other things.

Recent Profile Visitors

2,332 profile views
  1. Hi gtr33m, My first and probably very bad idea is to mess around with live cd's. Thus I'm going to try a summoning spell that hopefully summons someone with better ideas. @AdvancedSetup I beseech thee to use thine wisdom to help a poor computer user with his/her unbootable PC. I hope this will help. Regards, Durew
  2. Dear all, Malwarebytes has a good reputation when it comes to detection and prevention of malware. What is bothering me is that when I am in a discussion with someone who thinks MB s*cks when it comes to detection I have very little to go on. I can, at times, explain why the testing methodology of the test they refer to is flawed. Against a lot of, perhaps flawed, tests in which MB is subpar I cannot pose a publicly available recent test preformed by an independent organization that show MB premium in in its supposed role: preventing infections alongside an AV and on it's own now av-replacement is claimed. MB3, the 'av-replacement' ended up below windows defender in the 2017 test of MRG effitas. The report stated to use recent threats, MB's specialty, and the malware doesn't seem to encompass a lot of viruses, if any. That MB was on its own is not a valid argument anymore with the 'AV-replacement'-claim. There may still be a flaw in the test, but with nothing better to put against it, I have little to go on. Telling that test X is flawed doesn't prove that MB is good, it leads to a "we don't know how good MB is" at best. There are some favorable tests, one in 2014 and one of 2017 that show good remediation scores. But that is not what the premium version is bought for and when MB fails a remediation test the argument is invariably "but MB would have prevented the infection because of layer X that was not tested here". The anti-ransomware test was small but showed a decent score. This however is not enough to show that MB can function as a valuable aid to an AV, let alone replace one. An old anti-exploit test shows a decent score but it was still only slightly above the median. As such I think there is a profound lack of tests that show Malwarebytes' real strength and its ability to live up to the claims. Thus I urge Malwarebytes to order tests from reputable independent testing facilities to publicly put MB to the test the way MB was intended to be used. Show how MB really compares to its rivals and how it lives up to its reputation. Kind regards, Durew referenced tests: https://www.av-test.org/en/news/news-single-view/17-software-packages-in-a-repair-performance-test-after-malware-attacks/ https://www.av-test.org/fileadmin/pdf/reports/AV-TEST_Enigma_Comparative_Remediation_Testing_Report_May_2017_EN.pdf https://www.mrg-effitas.com/wp-content/uploads/2016/11/MRG-Effitas-360-Assessment-Q3-2016.pdf https://www.mrg-effitas.com/wp-content/uploads/2016/07/Zemana_ransomware_detection.pdf https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf https://www.mrg-effitas.com/wp-content/uploads/2015/04/MRG_Effitas_Real_world_exploit_prevention_test.pdf
  3. Hi anth1225, I must be somewhat careful here as we do not support one AV over the other. Kaspersky does well in the tests. As for anti-virus or total protection. As far as I know the only meaningful difference generally is the firewall. What to do depends on your knowledge about computers and wallet. I've read that the windows firewall works fine and that an additional firewall is not required, however, this requires that the user knows what programs may en may not access the internet. (I use tinywall to make the control easier) If you don't feel comfortable making these decisions I advise going for the total security options. Emsisof Anti-Malware and Symantec Endpoint Protection have never given me problems with MalwareBytes. I did add exceptions to prevent MB scanning everything EAM does and vice versa. I advise looking at av-test to look at how the different packages score in protection level. Most of them should work fine with MB. You can always test this by trying the trial version of the package you have in mind. I hope this helps. Regards, Durew
  4. Hi NeoBeum, That would indeed be a nice option. Although I suspect it may be indirectly in there by automatically using the system language. (The language setting in MB controls the data notation in MB.) It's a bit too long ago for me to since I last installed it to remember what MB did back then. Regards, Durew
  5. Hi kamama, Could you tell a bit more? Like: What version of windows are you using? Are you trying to use system restore to 'restore you computer to an earlier date' (there are more options). What make you think it is the 'virus protector'? Do you want to restore the PC to an earlier date due to an infection? Is the 'virus protector' malwarebytes or another program? Our more expert members like to know this kind of stuff. To turn of malwarebytes, right click the system tray icon and select 'quit malwarebytes'. I hope this helps. Regards, Durew
  6. Hi pinkish, I think windows 7 is more vulnerable. see http://www.zdnet.com/article/microsoft-windows-7-is-way-more-exposed-to-ransomware-than-windows-10/ From what I read online I think windows 10 is better protected against malware in general. I hope this helps. Regards, Durew
  7. Hi aronya1, I'll have to add my little 'no expert' and 'no employee' disclaimer here: As far as I know, there is no license that covers 2 PC's and I'm not aware of any pro-rating. I'm afraid you'll just have to buy a seperate license for the additional system. I'll tag the license expert here so he/she can correct me if I'm wrong @celee I hope this helps. Regards, Durew
  8. Hi dont_touch_my_buffer, I'm no expert in this field but I can offer a source that might help: The first is a test in which Malwarebytes is tested for its ability to handle ransomware: https://www.mrg-effitas.com/wp-content/uploads/2016/07/Zemana_ransomware_detection.pdf I hope that Cerber can be detected by now. Youtube, your place for inaccurate testing, is not very promising. I hope this helps and I wish I had a more comforting story. Regards, Durew
  9. Hi all, I'd like to make a few remarks on some things stated. Basically, yes. There are many fora out there, like bleepingcomputers and wildersecurity where security nuts gather and talk. Malwarebytes has quite the reputation there. As addition to an existing AV though, AFAIK. As Porthos seems to support. Using MB without AV is not something I recommend either. Whether MRG effitas did or did not disable windows defender I don't know. Except that Malwarebytes must be able to work alongside other anti-malware/anti-virus software. Especially anti-exploit stuff is bound to cause conflicts and as such it is desirable to be able to turn parts of the protection offered by Malwarebytes off. (Some only wanted the anti-exploit as they have their other bases covered and didn't want to dedicate more resources.) A lot of people are/were asking to allow this without continuous warning. As such I consider this argument invalid. Better, I prefer to have the ability to tweak a program. Back in the time when the modules were fully separated a lot of people asked for an integrated solution. (Guess what happened when they listened tot he community...) Malwarebytes uses layers security. Although I agree that the anti-ransomware module does not seem on par yet, the case that is build that malwarebytes is more than the sum of its parts. That the anti-ransomware part would be breached would not mean that another layer wouldn't have stopped it somewhere in the infection chain. This makes accurate testing of the system as a whole difficult. For me, malwarebytes is only one of the security layers on my PC. Due to it's compatibility issues with sandboxie and the presence a few other security layers, malwarebytes doesn't do much. As such I cannot say much about its efficiency. It is hard to judge one layer if the collective holds off everything it faces. (AFAIK of course) https://www.mrg-effitas.com/wp-content/uploads/2016/07/Zemana_ransomware_detection.pdf They even made second place. Not bad considering the testing procedure. Sometimes someone slips through. The described procedure is "If no one has replied to your new topic after 48 hours please contact a Moderator or Administrator to let them know. " I suggest you send one a kind reminder. I hope this clarifies, feel free to ask I you have any questions left. Kind regards from a home user, Durew
  10. I seem to be missing something. How does anti-exploit prevent an attached executable (disguised as a more legit file-type) from being executed? As no software vulnerabilities are used I don't see when it would trigger. To return to the MRG Effitas report (https://www.mrg-effitas.com/wp-content/uploads/2017/05/MRG-Effitas-360-Assessment-2017-Q1_wm.pdf). It uses windows 10. The premise of downloading and trying to execute a malicious file doesn't seem unreasonable. (As discussed before with the e-mail attachment scenario.) Does the report look like a valid test to evaluate MBAM 3? I hope someone can give me some insight here. Regards, Durew
  11. From a security perspective I fully agree. From a practical perspective less so. When the boss of my lab sends out the report of last meeting she is not going to be pleased with sixty phone calls to verify authenticity whilst with only little inside knowledge someone could send a fake one a bit ealier than the real report. I was refering to the "important.pdf.exe" files with good looking logo 'n stuff. I have extensions visible by default, but most don't have that. And on my lesser days I may fall for it as well. Thanks for you speedy reply. Regards, Durew
  12. Hi Porthos/Aura, I don't consider myself an expert in judging the validity of tests, thus I'd like your opinion on this report. It seems quite legit to me. The only protection bypassed is the exploit protection but as Telos mentioned, via social engineering ("legit looking email with important 'PDF' attached") an exploit is not always required for infection. Could I have your view(s) on this? Regards, Durew
  13. Hi, Here is a document outlining why MBAM only participates in certain tests. Most youtube video's show simplified testing-methods that do not give accurate results. As Porthos already pointed out. (In case you don't think testing agencies are not that stupid, I once read a report of MRG effitas that tested the capabilities of sandboxie against keyloggers.) That said, I do agree with Iock that the number of tests that Malwarebytes participates in could and should be higher. I'd like to see the comparison between Malwarebytes and the competition in a fair match. I couldn't find it. CRDF seems to have tested MBAM, I can't find their site anymore though. I would welcome any links to a valid test of Malwarebytes 3.0 or 3.1 Regards, Durew
  14. Hi JonathanPDX, As a work around until something is done about this: change the display language of MBAM to "English (U.K.)" in settings->Application. This changes the date notation. I hope this helps. If you have any questions, please ask. Regards, Durew