Jump to content

lock

Members
  • Posts

    388
  • Joined

  • Last visited

Everything posted by lock

  1. You cannot send it from MBAM quarantine as it is encrypted (or it is supposed to be). You need to restore it first, submit it and quarantine it again.
  2. Well then, if "there isn't a category of existing threat known that Malwarebytes is incapable of targeting ???" , Malwarebytes should be very successful in participating in AV Comparatives or AV Test. Up to that time is only your world , as Malwarebytes employee.
  3. "Can I replace my antivirus with Malwarebytes for personal use?" Mr. David H. Lipman provided a comprehensive answer to this question here: In a nutshell , the answer is NO, MALWAREBYTES CANNOT REPLACE AN ANTIVIRUS MBAM is incapable of dealing with File Infecting Viruses MBAM is incapable or removing malicious code that has been prepended, appended or cavity injected into a legitimate file MBAM does not target script malware files via signatures MBAM is not a historical anti malware solution. So exile360, what is so difficult to understand????
  4. I tried again with "AntiTest.exe" from Spyshelter. "AntiTest.exe" is not detected by MSE as malicious but it is detected by MBAM. Tested on 3 different PC , 2 of them without firewall ; triggered MBAM detection 10 times but NO DOT popped up on the map. I cannot provide logs as I am concerned about privacy (hence blocking all telemetry in normal operation) However, this is easy to reproduce by anybody , so if you will try it and get a dot on the map, I am OK. So far, the only conclusion is, that the map has nothing to do with reality. But I may be wrong (wouldn't be the first time!)
  5. In my situation, telemetry was blocked at firewall level; as I said, disabled the firewall prior the test That is funny explanation why you blocked telemetry....I am quite sure the servers can handle millions of transaction , so data from your house will not "flood" them .
  6. Hello, Another user posted a question which disappeared meanwhile... "How to test "Malwarebytes remediation map"" So, I tried to reproduced what the OP posted and I did not get any reaction on the "Remediation Map" I was able to zoom on the map the area I live in (no detection) Now, I disabled my antivirus and my firewall and unzipped a malware and scan it with MBAM. Sure enough, MBAM detected it and I quarantined. Repeated several times. NOT A DOT POPPED UP ON THE MAP. So, how does it work??? On some other forum somebody posted a funny map:
  7. If the process to make sure is accurate and acceptable is so laborious, how come NOBODY involved in this process noticed the missing hot potato, "telemetry" exile360, you seem a nice knowledgeable guy, but statements like this just add insult to injury...
  8. my firewall did not detect any attempt to connect to www.malwarebytes.com:443 , so my best guess is that the member of support tried to "substitute" telemetry.malwarebytes.com:443 with www.malwarebytes.com:443 for evident reasons. The revision would take 1 minute, yet nothing changed. I really do not understand why we need 3 pages on this forum , only to find out what /where /how Malwarebytes sends data from our PCs to outside world.
  9. When the "support article" says the the connection to " www.malwarebytes.com:443 " is " used to verify connectivity to the Malwarebytes servers " and In reality the connection is to "telemetry.malwarebytes.com:443" and is used for telemetry...... the trust is dead.
  10. Read this topic : and see what Malwarebytes is sending over the internet , one way or another: look how a firewall populated with rules is:
  11. Dear Sir, I am positive that Malwarebytes complains with California Consumer Privacy Act of 2018 but I do not know how is this relevant for a product sold internationally , where different legislation may apply. As a paying customer I have the right to "deliver" the data you collect or not. That's why you have a selection in "Application / Usage and Threat Statistics ON/OFF" However, even though the selection is OFF, Malwarebytes will continue to collect data, which it is not a fair practice.
  12. Earlier another user advised to "trust" Malwarebytes... The "support article" says the the connection to " www.malwarebytes.com:443 " is " Used to verify connectivity to the Malwarebytes servers " In reality the connection is to "telemetry.malwarebytes.com:443" and is used for telemetry.... Why not being honest???? How do you want tho gain "trust"?????
  13. Thank you for following up with my request. Unfortunately the support article is pure informative; I cannot see any information about telemetry... Anyway, the way the information is presented is impossible to use in creating firewall rules; see below the Windows Firewall Control rules; so, which is what????
  14. There are different degrees of trust; to begin with, my level of trust in Malwarebytes would increase if they will explain somehow each and every connection their software is making over the internet ( 24, so far , based on my firewall). I blocked all but 4-5 , and everything works fine , hence my question.
  15. I have Web protection Off on my MBAM and instead I use Firefox with ublock origin and Malwarebytes browser extensions. Seems to work much better.
  16. Have you recently seen the " Malwarebytes for Home Support / False Positives / Website Blocking "??? 8 from every 10 reported are indeed FPs with the message " Thanks, the block will be removed. " So, no, not "excellent at blocking malicious sites"
  17. Thank you for your answer! *.smbcb.com may have been a FP , but from being a FP to sending data to it , seems a long way. I have Web Protection off om my MBAM; I will wait for clarification from staff regarding the 24 remote connections initiated by Mbamservice.exe on TCP80. Thanks!
  18. My firewall is PC Tools Firewall plus : I do not do frequently a full scan (of a C drive), maybe this is first time in months, so I do not know if this will happen after each scan. However is worth mentioned that Malwarebytes services is trying to connect now to 24 remote addresses on TCP80 and 1 remote address on TCP443 for which I did not get any explanation; all of them are blocked, MBAM updates properly. I am eager to get an answer about MBAM connections to various remote addresses....(next week, as you said?) Thanks!
  19. [C:\Program Files\Malwarebytes\Anti-malware\Mbamservice.exe] is trying to connect , at the end of a scan , with s2.symcb.com (TCP80) Several years ago , MBAM determined s2.symcb.com as being malicious ; today is sending data to it .
  20. Thank you very much for not ignoring my request! Meanwhile my firewall detected 17 new connections asked by Malwarebytes, hence the new post...
  21. Waiting for "a member of the staff ".... Please do not ignore this request!
  22. For program updates is TCP 443 cdn.mwbsys.com For update check is TCP 443 sirius.mwbsys.com For licensing check is TCP 443 keystone.mwbsys.com For cloud classifications is TCP 443 hubble.mb-cosmos.com What about the rest of 17 connections? I do not want to live with the feeling that MBAM is collecting data about us and deliver i it to different channels...
  23. Thank you for your answer! What about : C:\Program Files\Malwarebytes\Anti-malware\Mbam.exe TCP 443 to www.malwarebytes.com TCP 443 to cleo.mb-internal.com TCP 443 to links.malwarebytes.com C:\Program Files\Malwarebytes\Anti-malware\Mbamtray.exe TCP 443 to cleo.mb-internal.com TCP 443 to www.malwarebytes.com TCP 443 to cdn.mwbsys.com TCP 443 to links.malwarebytes.com C:\Program Files\Malwarebytes\Anti-malware\Mbamservice.exe TCP 443 to iris.mwbsys.com TCP 443 to my-device.malwarebytes.com TCP 443 to cdn.mwbsys.com TCP 443 to sirius.mwbsys.com TCP 443 to keystone.mwbsys.com C:\Program Files\Malwarebytes\Anti-malware\Assistant.exe * communicates using Mbam.exe
  24. Hello, [C:\Program Files\Malwarebytes\Anti-malware\Mbamservice.exe ] is trying to connect to the followings: TCP80 cs9.wac.phicdn.net crl3.digicert.com crl4.digicert.com ocsp.digicert.com crl.microsoft.com www.microsoft.com ocsp.verisign.com crl.verisign.com e8218.dscb1.akamaiedge.net ocsp.thawte.com crl.thawte.com ts-ocsp.ws.symantec.com ts-crl.ws.symantec.com s1.symcb.com sv.symcd.com sv.symcb.com TCP443 my-device.malwarebytes.com I have web shield disabled, so are all these connections legit? I would rather prefer an answer than having this post joint to the other unanswered ones! Thanks!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.