exile360

Administrators
  • Content count

    16,554
  • Joined

  • Last visited

About exile360

  • Rank
    exile
  • Birthday

Contact Methods

  • Website URL
    http://www.malwarebytes.com

Recent Profile Visitors

106,027 profile views
  1. Greetings The trackers on our websites are only for the sake of figuring out useful info such as which areas of the forums, support articles and products our users are most interested in/find most useful. We also allow crawlers/bots like Google to index our sites for the sake of improving search references when a user is using a web search to find info about us/our products or something we may have a useful topic or help article about such as a particular threat/infection and how to remove it etc. We don't do any sort of PUP/malware/advertisement loading or anything like that because that absolutely would be against everything that we stand for. We also do not associate the info that does get tracked with individual users; it's just blind statistical data that helps us keep track of how often various pages are viewed/visited etc. Additionally, some of the tracking/cookies etc. come from IPS which is the forum software we use. As far as I know they do not participate in any malicious activity either, but like us, they do gather statistical data and use cookies, including of course for saving your logon info during/between sessions (unless you delete your cookies of course). Of course, some users do not wish to have anything tracked or to use any cookies etc. in which case there are options, like the plugin you mentioned among others and each major browser has options on blocking tracking cookies to various degrees (I have my own primary browser, Internet Explorer 11 set to block all cookies and prompt me to allow/block them for each site so I can choose which ones to allow and which ones to keep off my system). In Chrome I use a plugin called Privacy Badger that shows me all websites trying to track my activities and allows me to select which ones to allow and which ones to block and another called Disconnect which serves a similar function but works a bit differently. I hope you find this information useful and that it helps to at least somewhat set your mind at ease with regards to the stats/telemetry aspects of our websites.
  2. I just heard back from the team and was informed that this issue has indeed been identified and a fix for it will be included in our next full upgrade release. Just FYI for you or anyone else reading this, the issue affecting the scheduler also affects several other forms/pages in the main UI which use checkboxes and they should all be fixed once the new version rolls out.
  3. Hey guys, I just wanted to add one minor point to this discussion. While the Chameleon capability of getting Malwarebytes started up on an already infected system where the malware is blocking us from running has not yet been integrated/included in 3.x, the Chameleon self-protection driver actually has. This means that for paid/trial users, they can enable the Self-Protection setting (enabled by default in 3.x) to have our Chameleon driver protect Malwarebytes' files, folders, registry keys and processes from being shut down, modified or deleted by malware (this driver/capability is one of the key functions of Chameleon to keep Malwarebytes running once it's able to bypass an already active infection).
  4. Hello Thank you for the suggestion. Also, I've reported the bug you found to our team so that they can verify the issue and get it fixed in a future update. If you have any more suggestions/ideas and/or bugs to report please don't hesitate to let us know. Thanks
  5. Hello and welcome Thanks for the suggestion. Yes, adding something like a 'quiet' or 'gaming' mode is definitely something we're considering adding for just these types of situations. I do not know precisely if or when this feature is to be added for certain, but I do know it is something that we have been looking into so hopefully we will see it in a future version of Malwarebytes.
  6. Greetings Thanks for the suggestions. I'm sure that our team will find them useful, and hopefully may someday implement some, if not all of them. Also, specifically regarding bundled installers/installation of additional software, while we do not have a comprehensive solution specifically designed to deal with such checkboxes and offers for other products/software, we do have incredibly aggressive PUP (Potentially Unwanted Program) detection and generally will flag/stop bundled software from being installed (even if the user accidentally leaves the boxes checked). I've seen this myself on several occasions where I was installing an application and the installer tried to install some additional component and Malwarebytes stopped the additional component/software from being installed and quarantined it for me (the main application still installed just fine). We also often flag/block bundled installers known to install PUPs for the same reason, and the same goes for many of these so-called "download managers" which are often nothing more than a means to attempt to get the user to install tons of unneeded/unwanted software. That said, I certainly see nothing wrong with a feature like Unchecky etc., I just wanted to point out that even with our existing protection users should be pretty well protected from these types of installations/bundled software.
  7. Hey guys. I would like to add one comment regarding these new layers of protection which have been added to clarify why we've done so. Over the past few years exploits have become pretty much the number one means of malware infiltrating systems. In the past we offered our exploit protection as a completely separate product, thus requiring our customers to purchase both our Anti-Malware and Anti-Exploit in order to have all of the protection we offer. We took a look a this and decided it would be better both from a performance perspective (one app/service etc. rather than two) as well as from a cost perspective for our customers, not to mention it would enable us to offer a far superior product capable of protecting our customers from a lot more threats. Likewise, when our Anti-Ransomware technology was developed, which we felt was important due to the recent overwhelming increase in ransomware threats, we wanted to integrate this new protection into our primary product rather than forcing customers to have to run yet another separate application in order to have a robust solution capable of stopping every threat that we could. It's the same as when we started to include malicious website blocking back in the MBAM 1.x days and when we integrated our new rootkit scanning capabilities and Malwarebytes Chameleon self-protection technologies into MBAM 1.x/2.x. I understand that some customers/users view some of these modules as unnecessary, however based on what our Research team has observed and the frequency at which we've seen users showing up infected by these types of threats we felt it would be best to offer a solution capable of protecting our customers from these new attack vectors which have become so common rather than expecting them to pay for yet another separate product to run in realtime alongside their Anti-Malware protection because really, it's all malware, just different types of malware which use different attack vectors. These are just more specialized modules which target these specific classifications of threats/attacks so they all fit within the classification of malware prevention. This is not to say that you do not have the right to disable one or more protection components/features if you so choose. Of course you do, it's your system. However the reason we warn you about it is the same reason your antivirus or internet security suite warns you whenever one or more if its protection components has been disabled: because you aren't as safe as you could be and we don't really have a way currently to reliably determine if you turned it off deliberately, there was a problem causing it to fail, or if it was disabled by a malicious hacker or an infection so our current default policy is to inform you/warn you no matter what. That said, yes, an option to disable this type of notification is certainly planned for the future for scenarios where the user has deliberately disabled a component/changed a setting and does not wish to be notified about it. I hope this helps to clarify some of the issues.
  8. Greetings No, Malwarebytes should not/does not detect the EICAR test files. This is by design because, while we do believe Malwarebytes 3.0 is capable of replacing traditional antivirus, it is still not an actual antivirus and therefore does not detect this file as a threat (though we could add detection for it easily enough if we wished). With that said, we have still designed 3.0 to be fully compatible with other security products and software, including antivirus, so if you wish to continue running an antivirus alongside Malwarebytes 3.0 you are free to do so, though we suggest using one of the many reputable free AVs out there to save some money if you feel you still need an AV since 3.0 includes several advanced layers of protection, not just one.
  9. I've personally tested HitmanPro.Alert in free mode alongside Malwarebytes 3.0 and the two seem to function just fine together, at least on my 7 x64 system where I did the testing (though I did set exclusions for HMP.A's program folder in Malwarebytes). As for the paid version of HMP.A, I'd argue that it overlaps with Malwarebytes 3.0 a bit too much. I'm confident that our anti-exploit is equal to or superior to theirs (and any others out there such as EMET etc.) and our anti-ransomware, while still somewhat new, has proven quite effective and is being improved all the time to keep up with and stop the latest variants and new families of ransomware. The free version of HMP.A does have some features not currently included in Malwarebytes such as keystroke encryption for browsers to protect against keyloggers as well as some other protection features, so I do think the two can compliment each other quite well if desired, but I'd much rather turn off any potentially overlapping/conflicting features in HMP.A before doing so in Malwarebytes only because I know from our own testing that those layers have proven themselves against in the wild threats. I haven't seen any up-to-date comparisons between our own anti-exploit technology and HMP.A's, but I would be curious how the two stack up now (the latest info I've found compared an older build of Malwarebytes Anti-Exploit which did not include all of the types/layers of exploit detection/protection tech included in our latest release). I'm confident based on what I've seen that we'd do quite well in any live exploit tests.
  10. Mostly it's useful if the user has multiple license keys installed across multiple systems or if they are planning to move their existing license from one system to another or reformat/reinstall their OS. In all of these cases, having easy access to their license info makes things much simpler that way they don't have to worry about tracking down an email (which might be years old, especially if they have a lifetime license key) or having to contact whoever they purchased their license from (Cleverbridge, a reseller etc.).
  11. I'm honestly not sure where they're stored in 3.0. There is a means of exporting/importing settings in our Business/Enterprise version though (although 3.0 for business hasn't been released yet) and that it may be automated via scripting/batch though you'd probably need to ask our business support folks over in the Malwarebytes Anti-Malware for Business section to get the details or refer to the documentation provided with the product upon purchasing a business license/licenses/seats. I hope that helps a little, assuming you have any clients/customers using the business product at all.
  12. Yes, it's stored in an encrypted configuration file stored in Malwarebytes' data folder, so it is absolutely encrypted/inaccessible by normal means
  13. Actually, in 2.x it would likewise show a notification whenever any component of realtime protection was disabled even if notifications were turned off. I think the only exception was when the main UI was showing at the time (though at one point it even showed them then before that behavior was changed in a later 2.x release). That said, there was a bug with 3.0 and notifications from the tray that would occur whenever a database update was downloaded. That issue has been fixed in version 3.0.5 which was just released so hopefully that helps reduce the number of notifications you guys are seeing.
  14. OK, thanks for letting me know. It was worth a shot. I know that several performance issues are being worked on right now. Hopefully this one will be resolved soon.
  15. I passed them on to the 3.0 team. I'm sure they've reviewed them by now but I'm not sure if they've made any progress on finding a fix yet. I do know there are several compatibility and performance issues with our anti-ransomware module being worked on for an upcoming release, so hopefully that will also include this issue with Trend.