lock
-
Posts
375 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by lock
-
-
11 minutes ago, CillaR said:
Malwarebytes new version 3.6.1.2711 is flagging a lot of "trojans", leading me to think they're false positives. I clicked to open msn.com today and immediately flagged (s.aolcdn.com) 192.229.211.36 as a trojan. I temporarily excluded it . I googled the address and came up with error 404 - page not found. FYI
Just take a look at Website blocking false positives:
https://forums.malwarebytes.com/forum/123-website-blocking/
7 from 10 reported are indeed FPs.
So, you can judge yourself...
-
12 minutes ago, soulalways said:
hi,
ok...what would you recommend please ?
thankyou for replying LOCK...
What I am running now , very table is Win7 64bit +MSE 4.10.209 (as my antivirus) + MBAM paid (but Web protection off) + PC Tools Firewall Plus (as firewall) (add all required exceptions)
If you do not like PC Tools, you can use Windows Firefall Controll from Binisoft (is free now, is an interface for Windows firewall)
As browser Firefox + Malwarebytes extension (is free) + ublock origin
I had good results with ESET as antivirus , also Bitdefender free.
-
4 minutes ago, soulalways said:
MB is also an anti virus or not
MBAM is not an Antivirus!
Doesn't have the capabilities of an Antivirus, regardless how is advertised on Malwarebytes site.
So, get a good antivirus (not very sophisticated because will conflict one way or another with MBAM) and add MBAM paid.
From my own experience of over 5 years running MBAM, I can say that I did not see any benefit running it on top of a good antivirus.
-
Hello,
For long time now, the FP's for Web Protection seems to be out of control.
Just out of curiosity, look in the specific area of this forum and you will see that 7 out of 10 reported FP's are indeed FP's , with the well know answer "Thanks.Block is being removed"
My question is how do you generate the list of blocked site OR where are you getting this list from???
With this amount of FP's, the Web Protection is very questionable if not equal to ZERO. In fact I disabled the Web protection on my PC and I use something else (ublock origin)
Thanks!
-
21 minutes ago, eriko89 said:
malicious software that would try to remove it?
Malwarebytes has a "self protection module in Settings /Protection, so in theory soul be self protected to removal, bu who knows?
I would run the uninstall tool provided by Malwarebytes (MBAM clean.exe) from here:
And reinstall it from scratch.
-
51 minutes ago, eriko89 said:
Should I be worried about any risk?
If Malwarebytes got removed without your knowledge or action, what is your best guess: should you be worried or not?
-
3 hours ago, adas said:
You can also remove the telemetry.malwarebytes.com entry
DO NOT remove the telemetry!!!! Disabling the telemetry in settings doesn't stop MBAM sending data about your PC to their servers.
This has been discussed and agreed upon on this forum.
-
8 hours ago, Wutai said:
Explain please!
It is not only the telemetry; MBAM will establish over 18 connections to outside world , see here:
So, unless you have a good firewall to selectively block the connections, nothing can be done!
Still waiting for an official ansver from Malwarebytes.
-
29 minutes ago, exile360 said:
I also believe that one of the aspects of the cloud/Machine Learning heuristics
Thank you for your explanation.
If you have any "connections" with Malwarebytes management , can you push this issue , please?
Malwarebytes is connecting now (or is trying to connect) to at least 18 websites , so is very confusing to figure out which connection is legit, which is absolutely necessary and which is not.
Thanks!
-
8 minutes ago, exile360 said:
Web Protection component functions/is installed.
I have Web protection disabled.
However, I use Firefox with Malwarebytes browser extension 1.0.30
-
Mbamservice.exe [C:\Program Files\Malwarebytes\Anti-malware\Mbamservice.exe] is trying to connect to TCP port 80 to:
cs9.wac.phicdn.net
crl3.digicert.com
crl4.digicert.com
ocsp.digicert.com
All these sites they do not seem to be related to Malwarebytes; So, are these connections legit or my Malwarebytes is compromised somehow?
Thanks!
-
1 hour ago, randombytes said:
As for intentionally not detecting EICAR, Malwarebytes is doing us customers a disservice
It is not only this. By intentionally not detecting EICAR, MBAM reserves the right to say, down the road, that intentionally did not detect this or that for various reasons.
Look for example of their anti exploit test file mbae-test.exe ; it is not detected by ANY antiexploit in the market but MBAM !!!!
This is not classified as " an extremely outdated method of testing " and is OK , but Eicar not.
-
Hello,
Any news about what/where is MBAM communicating?
I need these to create my firewall rules.
Shouldn't be so complicated to ask the developers about something which is ALREADY implemented in MBAM.
-
18 minutes ago, David H. Lipman said:
Ok, sorry if my mix-up created confusion.
-
40 minutes ago, David H. Lipman said:
As a Web site that exist on the Internet, there is no software generating it on the PC in question for Malwarebytes' software to find.
So, do we need the "Web protection" or not???? As long as "there is no software generating on the PC" , why have "web protection" and not wait for the "software to be generating on the PC" and be detected by the other shields?
-
1 hour ago, stonehopper said:
There are 35,569 items in the quarantine folder. That can't be right??
This is within the first 15 minutes of using Malwarebytes. Now I don't know what to do about all of those items and have no way of telling if they are really junk files and can be deleted. I'm worried about what to do about the contents of this folder and if any of the items are important to keep.
Would appreciate guidance.
Are you using an antivirus??? Did your antivirus quarantine something???
Restore several items from Quarantine and check them on VirusTotal.
-
3 hours ago, exile360 said:
I hope that helps to clarify things
Thanks, but I need specifics in order to create firewall rules.
-
Hello,
The question has been asked before but I did not get a clear cut answer.
It seems like ever .exe from MBAM is trying to communicate OUT over internet:
C:\Program Files\Malwarebytes\Anti-malware\Mbam.exe
TCP 443 to www.malwarebytes.com
TCP 443 to cleo.mb-internal.com
TCP 443 to links.malwarebytes.com
C:\Program Files\Malwarebytes\Anti-malware\Mbamtray.exe
TCP 443 to cleo.mb-internal.com
TCP 443 to www.malwarebytes.com
TCP 443 to cdn.mwbsys.com
TCP 443 to links.malwarebytes.com
C:\Program Files\Malwarebytes\Anti-malware\Mbamservice.exe
TCP 443 to iris.mwbsys.com
TCP 443 to my-device.malwarebytes.com
TCP 443 to cdn.mwbsys.com
TCP 443 to sirius.mwbsys.com
TCP 443 to keystone.mwbsys.com
C:\Program Files\Malwarebytes\Anti-malware\Assistant.exe
* communicates using Mbam.exe
Can anybody clarify, please , why there is need for such "correspondence over the internet and which connection is ABSOLUTELY necessary for MBAM to work properly?
Thanks!
lock
-
links.malwarebytes.com ?
Thanks!
-
7 hours ago, exile360 said:
This is why Malwarebytes has invested so heavily in signature-less and behavior based technologies to augment their base Malware Protection component because their threat Researchers and Developers have discovered this truth
And all the other Researchers and Developers are stupid and still in the dark???
Malwarebytes did not discover anything: they simply bought whatever product was available on the market, (ransomware shield, antiexploit shield)
In-house products (web shield. anomalous detection) are not quite successful, look at the amount of FPs in this forum ... (many reports with 100% anomalous detection which are FP's in fact)
So, let's not exaggerate....
-
5 hours ago, exile360 said:
AV replacement means that it is capable of preventing infection by the same broad landscape of modern threats faced by systems today on the web, rather than using some limited database that only detects a small sub-set of infections currently in the wild.
Do you hear yourself???
Malwarebytes marketed as an AV replacement means "dich your antivirus and use only malwarebytes" nothing else!
5 hours ago, exile360 said:Malwarebytes is now capable of stopping attacks at multiple points in the attack chain without having to rely on huge databases of signatures
What happened with "Malwarebytes doesn't target older malwares than 6 months?
-
MBAM has continually grown since v1.75 , adding various shields (by purchasing software) and today the compatibility is going to be the main issue with MBAM.
Version 3.5 is very likely to interfere with any antivirus which is running on the same computer; adding the exceptions MAY solve the problems but this will introduce additional risks on your defense.
Your antivirus has definition updates daily and major updates several times a year; this major updates are very likely to conflict with MBAM and again , developers have to workout a solution , over and over again.
On long term this is not feasible.
So, either MBAM will became as soon as possible a fully flagged antivirus (by buying a well known antivirus engine) OR
slowly slowly user will abandon the software , keeping only one major Antimalware solution on their PC.
-
On 9/12/2018 at 4:14 AM, achzone said:
Hi,
I still have a number of valid lifetime licenses I purchased for Malwarebytes Premium, but recently purchased a MAC computer and want to use one of them on the MAC.
Problem is that the Licenses I have are in the format:
ID: XXXXX-XXXXX
Key: XXXX-XXXX-XXXX-XXXX
The MAC Malwarebytes only wants a License Key and does not accept the Key: as shown above as a valid entry to Activate the License.
How can I convert the above format license into a format the MAC will accept?
Many thanks for any help.
Andrew
What about installing an older version of MBAM which still accepts ID +KEY and after that update MBAM???
-
23 minutes ago, cdettman said:
that it's more important to use a good anti-exploit program, makes sense to me.
I figure if I'm going to go with Malwarebytes Premium, I'd prefer not to install a commercial anti-virus (or one of the free versions) and rather just allow Defender to do its job.
I know this forum is likely to be strongly biased towards supporting Malwarebytes, but if anyone can offer an objective view on this, I'd appreciate it.
You can use only the Antiexploit part of MBAM (which is free) on top of Defender.
https://www.bleepingcomputer.com/download/malwarebytes-anti-exploit/
Of course the full paid MBAM has more shields, however from my own experience of 5 years and 3 computers ,I never had a detection initiated by MBAM Pro before MSE (or Defender in Win10)
Hi miekiemoes,
in Malwarebytes for Windows
Posted
You locked the topic so I have to create another one:
About "Web Protection...how the list is maintained"
1. So, once the list is created, nobody ever will review it? Just wait for somebody to report a wrong block???
2. Which one is your "hphosts" from ublock origin, see below:
Thanks!