Jump to content

jprism

Staff
  • Content Count

    87
  • Joined

  • Last visited

About jprism

  • Rank
    Regular Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. jprism

    VLC update

    @carmor, @Papageno, @RetiredChief We have updated our Anti-Exploit database to correct this FP. kindly check for updates and apply them and detection shouldnt occur anymore for this version of VLC hope this helps -jprism
  2. @Papageno @RetiredChief We have updated our Anti-Exploit database to correct this FP. kindly check for updates and apply them and detection shouldnt occur anymore for this version of VLC hope this helps -jprism
  3. Hi @Fatcap >> So knowing this, is it better for you to activate it? Do you mean if i advise for you to activate data collection? If that was your question, let me start off by saying that its your data and Malwarebytes respects whether you want to share it or not. For me, personally, i do encourage that you enable and send back information. This way, if we have these data in house, future updates to the MB product would have some knowledge about your system, thus minimizing the chance of incompatibility or problems when we deploy updates. but again, its your call :-). >> An option that would be interesting for the user, would be to be able to program a specific schedule, for example during an unused PC. Thank you! This is a great suggestion and ill relay this to the team so we can put it in our development list. Thanks again for your understanding and patience with us. -jong
  4. Hi @Fatcap Yes, the servers you mentioned are ours and it is part of our telemetry collection. What i think you are experiencing is that when we find malware, PUPs and other suspicious EXE files, we sometimes send this back up to our servers and these files are uploaded to the aws server you mentioned. We only collect application/EXE files only for tracking purposes and to improve detections. Below is a snippet of our privacy policy (https://www.malwarebytes.com/privacy/) Malware and PUP Data We collect data about the malware and PUPs that are detected by our products. We collect: The vendor name of the malware or PUP removed An encrypted description of which database rule was used to remove the malware or PUP in question Artifacts detected as malware, PUPs, or suspicious files Information related to detected artifacts Why? So our malware intelligence team can track malware and PUP outbreaks and improve the efficacy of Malwarebytes products. Hope this helps and my apologies for the late reply. -jong
  5. Thanks, Alex. We are planning to upgrade the 7zip version in the next MB3 release that should be out by the first week of February. This fix will be included in the Beta of the next MB3 release, so if anyone wants it sooner, we advise to use the "Beta Application updates" found in the "Settings->Application" tab. hope this helps.
  6. Got it. the scanning connections is when we check with our cloud-powered file reputation service (mostly for whitelisting). the not during scan connections are telemetry information that we collect to aggregate all user scan activities to mostly determine when do people usually do scan, or checks for license validation etc. you can actually turn this off from Settings->Application->Usage and threat Statistics hope this helps -jong
  7. Hi @Fatcap, my bad, i dont think you can save anything with TCPview apart from a text representation of the TCPview UI. Anyway, no need to send anything. just curious, was this your first ever scan with malwarebytes 3? -jong
  8. Hi @Fatcap, if you can save it to a file, zip it and post it here or PM it to me. if its too big (>29MB), let me know so i can arrange for a file share location. -jong
  9. Hi @Fatcap We do connect to certain AWS servers for telemetry and some operational aspects of the products such as making sure that suspected files or processes are not part of our cloud-powered file reputation service. Any chance you can share a packet or network capture? thanks -jong
  10. @JGustave Welcome to Malwarebytes! The current installer package does contain an older def package (v3791), but this did not contain the specific culprit that caused the RAM increase issue (v 3798 ~ v3802). What normally happens is that once MB3 is installed, it immediately checks for the latest def package, downloads and applies it. So in this case, even though an installation starts with an old version, it will jump the latest one, of which, both versions are outside the window of the bad def package. hope this helps -jong
  11. Perfect. it seems you are good to go, sir. -jong
  12. Hi @MAXBAR1 i seem to understand your concern now. correct me if im wrong, but it sounds like you are doing a full scan everyday and the long time seems to affect your computer usage, is that correct? For MB3 and even its predecessors, we actually designed the product to be an "install and forget" type where the default settings are what we believe should be enough to keep you protected, day in and day out. Full Scans are indeed longer because you are checking every file in your hard drive. Threat and Hyper scans are only checking areas where Malware typically reside when it gets installed in systems, so in some way, it is more pragmatic and somewhat smarter than the other scans. Here is what our customers typically do: 1. Just use product default settings and perform the daily scheduled scan that comes with the product - Perform a Threat Scan every day at 2am. 2. Best Practice: when you download a software or insert new media (USB Stick, DVD with data, etc), perform a right-click and "Scan with Malwarebytes". 3. Best Practice: perform a Custom/Full scan weekly or monthly 4. Best Practice: perform a Custom/Full Scan if we feel your computer has become sluggish after a Windows or 3rd party product update. You may also do this after installing an application and performance of you PC has dropped. Anyway, hope this helps. regards, jong
  13. Hi @MAXBAR1, Welcome to Malwarebytes! Did you happen to update windows recently? or any chance newer files were introduced? If you run the same scan again, would it still have the same time (52 mins)? any chance you can share debug logs? thanks -jong
  14. Hi @malfor my apologies for the late reply. i though i already did. Farflt.sys gets removed from the drivers folder when protection is disabled and re-instated when activated. so no need to manage it from there. This is, from my experience, a very rare case. System re-start typically helps, but i hate to make you do that every time. if you can execute the instructions on this page, ill let the team take a look. and post the resulting information here. thanks -jong
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.