lock

So, how does it feel to be on the other side now, asking to be removed from the list??????

Did you get any files encrypted before the ransomware being quarantined? (usually 4)

https://www.virustotal.com/#/file/487313b869a4d73c9f7288786e70a1660893a9c7243b81ccd49ccc051caf0fa9/detection But detected by free MSE!!!!

VB100, AV Comparatives, AV Test. ... is generated by MBAM itself. We need a "third party " certification not self proclaiming. All over the internet there are hundreds of security solutions which will proclaim themselves as being the best thing since sliced bread.

Link?

OK, where can we see that???? Usually is HitmanPro the first tool used for disinfection... Who certified that "it works"? Any link /anytime /anywhere?????

Hello Aura, You are absolutely right. I respectfully ask you to post a link from " an authority in independent Antivirus and Antimalware testing" where MBAM was tested , so we can see the tests results.

a link, please?

You are absolutely right; our discussion has nothing to do with the OP original problem : a conflict between Kaspersky and MBAM.

Is not that simple as you described. Many AVs (if not all) the have some sort of behavior blocker which will analyze the behavior ON EXECUTION , in the same time when MBAM is supposed to kick in, hence a BIG source of conflict. Some other AVs will run a suspicions item in a virtual machine , how MBAM will react at this time??? Most antiviruses have their own Web protection, another source of conflict / slowdown at least , for websites being inspected twice. And I can continue.

This was the philosophy at the inception of MBAM (1.75) when the purpose of the software was to target zero day malwares. Now, Malwarebytes bought the Antiransomware module from CriptoMonitor, the Antiexploit from ExploitShield , AntiPUP from ADW Cleaner and most recently Windows Firewall Control from Binifoft and packed them nicely in a single product saying that "is compatible with your antivirus" MBAM is not an unitary product but rather a collection of "modules" ; the chance of incompatibility is high, especially with very sophisticated antiviruses (like Kaspersky). It may work good with a basic antivirus (like Defender or MSE) , which doesn't change its structure with frequent updates.

Seems very complicated (STEP1-4) Isn't easier to just uninstall Kaspersky and see if the conflict will disappear?

To be sure 100%, uninstall Kaspersky and see if the issue is solved; if YES, there is a conflict.

Most likely the issue is here. What are you trying to achieve running MBAM on top of Kaspersky which by itself offers excellent protection (100% in all possible tests)????

Who certified that MBAM can provide adequate protection for a PC ? Please post the link to the testing site (s) Thanks!

Run RanSim simulator for ransomware; MBAM (only the Ransomware protection) blocked 10 from 13 scenarios , which is very good ; by comparison ESET did not block ANY of them.

Well, I did. For 5 years now I used MBAM on top of a well known antivirus. NEVER EVER, in 5 year , I had a detection initiated by MBAM, anomalous or not, before my antivirus. So, what your point gonzo???

If MBAM machine learning classifies something as 100% malicious when in fact it is not, how can you affirm that "it works"????? 100% wrong is not "less than perfection" , is A LOT less than perfection. My suggestion: remove it from MBAM and continue working on the lab, test it 100 times and after that integrate it into the program and try to sell it as "machine learning" You remember "ThreatFire" ? and Mamutu??? All of them at the time claimed to be the best in antiviruses since sliced bread , signature-less. All of them failed.

No, MBAM says initially that is 100% malicious, the user says no, MBAM says "sorry, is our "Anomalous detection", we will whitelist it in 10 min.

Nobody said is simple, but really doesn't work. What's the point of inducing a false sense of security with "machine learning" (!!!!) , when in fact the technology used is immature , classifying something benign as "100% malicious"????? Just continuing to add them to the "white list " will not solve the problem but will only perpetuate an illusion ( mmm! machine learning!!!)

"False positive Anamolous 100%" Every other day this will pop up in the forum, asking for correction. Like never happened before, a "malware analyst" will answer with "This is detected by our Machine Learning engine" and "this is a heuristic engine" and " give me 10 min to fix the problem (usually adding it to a white list ) And next day again; and again; and again. Maybe is time to reconsider this "machine learning" ...

if this 100% Anamolous, this is not "possible" is a disaster

Oh boy, you really have a lot of time in your hands...5258 characters !!!!!

If is grey, that means the key is wrong / incomplete.

Nowadays , there is no antivirus which will check only "signature"; all of them do sophisticated analysis, heuristic / behavior, cloud, you name it , and most of them will do this ON ACCESS. MBAM is supposed to do it ON EXECUTION (or alt least this was the initial philosophy behind MBAM). When I surf the internet, not a lot of things are being executed, so my expectation would be a minimum impact. I saw here on this forum, advices to disable the "ransomware module" in order to speed up the PC, because ransomware module doesn't do much and is the last in the analysis order...