lock
-
Posts
375 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by lock
-
-
8 hours ago, dcollins said:
This allows the engine to learn about this file, understand it's good, and adjust it's behavior for files that may behave similarly to this one.
Sounds a little bit SF....
...this file can be "fed" to the engine...the engine to learn about this file, understand it's good, and adjust it's behavior ...
Are you serious????
-
13 minutes ago, exile360 said:
poor practices on the part of whoever wrote the file that was detected. I've seen many such FPs. And if that was the case, then yes, the Dev would have simply whitelisted the file because the reason for the detection was legit.
Whitelisting it doesn't solve the problem on long run; yes , that particular file will not be detected anymore , but any other similar one will be again detected with 94% which will decrease the user confidence in this Machine Learning technology.
16 minutes ago, exile360 said:then he could have easily tuned it down
For a piece of software which may be downloaded in thousands of PC's no developer will modify something in 10 min and release it in the wild without extensive in house testing.
You do remember the incident from 2013 : "It saddens me to report that at around 3 PM PST yesterday, Malwarebytes released a definitions update that disabled thousands of computers worldwide."
-
One user reported a FP generated by Machine Learning / Anomalous 94%
I was surprised about 94%. If would have been 50% , that may be a FP , but 94% means totally wrong. So how trustworthy is this system???
39 minutes ago, exile360 said:it's just complex mathematical pattern recognition and what is known as "fuzzy logic"
Another surprise came from the developer who answered that this would be fixed in 10 minutes an a new update was released with the "fix"
Clearly the "fix" was not done in the "complex mathematical pattern recognition" , impossible to do it in 10 min, but rather in a "white list" associated with this Machine Learning / Anomalous.
I do not see at this point any value being added by Machine Learning / Anomalous detection; maybe is a premature mechanism at this point.
-
...and how is supposed to work????
-
26 minutes ago, KenW said:
Both my laptops have a second ssd for backups
If the backup is done with a software (Acronis, for example) , the resulting file (backup) may be impossible to get encrypted by ransomware.
-
5 hours ago, dhskier said:
I am happy that in the case of the rest of my machines Malwarebytes did stop the attack after only a few files were encrypted.
Did you have any antivirus running in parallel with MBAM ? If yes, what antivirus?
-
What you will get (most likely) is the all known answer " no antivirus can offer you 100% protection" and "MBAM is not an antivirus"
However, I tested Ransomware protection myself by disabling all other shields and executing "wanacry" ; after only 4 files encripted , the Ransomvare protection stopped it.
2 hours ago, dhskier said:Malwarebytes aware of this ransomware
In theory, this doesn't matter, the Ransomware protection it is not based on a signature.
-
....in order to preserve license.
I got that. But what if I do not format but restore an image (Acronis) , image in which MBAM is already there???
-
1 hour ago, aktiff26 said:
or can i use it stand alone whitout another av
MBAM is NOT AN ANTIVIRUS , so running it alone is not recommended.
-
1 hour ago, JohnBolder said:
Does it help fight off ransomware?
Well, this is the only "shield" of MBAM I was able to test.
I disabled all shields except the "Ransomware protection" and I executed "wanacry" . After encrypting 4 files, the ransomware was blocked , to my huge surprise.
I have been using MBAM ever since.
-
Kaspersky releases so called "patches"
See here the amount of changes from one patch to another.
-
17 hours ago, Davidtoo said:
I'll probably wait for a few months myself while any bugs are being worked out
There are no bugs to be "worked out" . Kaspersky routinely issues new updates to their product so is very likely that MBA will be incompatible again at a certain point.
Not to update Kaspersky to the latest 2019 only to accommodate MBAM is a bad idea.
-
3 hours ago, TempLost said:
Paid or not, his advice is positive, relevant and helpful.
An advice coming from a Product Support Service Engineer of MBAM is supposed to be like that...
-
1 hour ago, wormwood1978 said:
I believe and hope this will be my final update on this thread. Malwarebytes appears to be working fine now with my 2018 Kaspersky Total Security. I have 10 Malwarebyte exclusions listed in Kasperkey and I have to have the safe money feature in Kaspersky Total Security disabled. With the the exclusions included and the Safe Money toggle switch turned off in KTS, I have no compatibility problems.
I am pretty sure , with the right number of exclusions, everything is compatible with MBAM.
Now you have a malformed MBAM , "running good" side by side a malformed Kaspersky.... and you believe that you enhanced your PC security...
-
59 minutes ago, plb4333 said:
Just wanting to thank you dcollins for...all the time
Hello,
Devin Collins is the "Product Support Service Engineer" on Malwarebytes , and this is a paid position.
-
7 hours ago, exile360 said:
have faith in its products you tend to not put in so much effort to interact with them, unless of course there is some other reason that motivates your posting.
I had 5 lifetime MBAM licenses (I lost 2) , I still keep track of 3.
Using MSE and MBAM for 5 years now, never got a "substantial" detection from MBAM , other then "Web shield" (most of the time FP) and some insignificant registries (which did no harm). I suppose these are also classified as "remediation" , hence the high activity on the map.
All the significant detections were done by MSE , prior to MBAM.
In this situation is very difficult to "have faith" as long as I do not have any proving facts.
-
4 hours ago, exile360 said:
"The heat map" is just another way of MBAM self proclaiming its own efficiency. Is a waste of time; as long as MBAM is not tested by a third party in a controlled environment, this "heat map" is equal to zero. Who knows what exactly is being mapped? Maybe is just how many times MBAM updates...
-
2 hours ago, MariuxReloaded said:
The problem is that it's not true
February 2018 AVTest Kaspersky 100%
April 2018 AV Comparatives Kaspersky 99.6%
MBAM ...[anytime]....[anywhere]... ?????????
-
41 minutes ago, exile360 said:
Integrating a software firewall is a far cry from transforming a product into an antivirus. Like I said, this move will enable them to compete with tier 2 products, not base antivirus products. The distinction here is that Malwarebytes still won't be using the kind of engine and methods employed by the AVs.
let's review: Antimalware + Web protection+ Exploit Protestation + Ransomware protection + (Adw cleaner) + (WFC)
So, what exactly is missing from being an antivirus??????
-
3 hours ago, exile360 said:
I think the idea is that it will allow Malwarebytes Premium to finally compete with tier 2 AV products (also known typically as "Internet Security" suites and the like) which typically include some form of software firewall in addition to malware protection
Few years ago I suggested to MBAM upper management to "lease" the engine from a well known antivirus company (Bitdefender, Avira) and to make MBAM a fully fledged antivirus.
I received an angry answer saying "we do not intend to transform MBAM in an antivirus " .
Now , slowly slowly , MBAM is getting there.
-
2 hours ago, exile360 said:
Really? I've been using a WFP based firewall since Vista (I'm using one right now on 7 x64) and I've never had any problems with it. In fact, the vast majority of freeware firewalls available today are based on WFP.
I suppose you mean WFC.
You are not going to have "problems" . WFC doesn't suspend an application till you will make a decision, but simply will block the request. Some applications will "shoot" request after request if a path has been blocked and you will have 20 requests in 2 sec.
One more thing: WFC it is not recommended for inbound requests, this are still handled by Windows firewall.
-
1 hour ago, exile360 said:
Because of this I expect great things from this new technology once it is integrated and I believe that it should be capable of providing one more great layer of defense without compromising system performance or compatibility.
Most likely not for home users but rather for business environment. WFC is not as friendly as it looks; the firewall is still the Windows firewall which DOESN'T suspend a program pending an user decision, but will rather block it, which is extremely inconvenient.
Also WFC is recommended only for outbound connections.
-
Hi,
Are you going to integrate WFC anytime soon into MBAM? Just heard the news you bought it...
-
4 hours ago, AdvancedSetup said:
As we have said from the beginning, keep a copy of your proof of purchase
This is the problem, many users who bought the "life time" licenses did not keep the "proof of purchase" because at that time MBAM sold ONLY lifetime licenses , so was no confusion.
This happened many years ago; I doubt you keep "proof of purchase" for something which was in the range of $20 ,for all your life.
The process is easier than you think (see ESET) .
When you input your license, MBAM should ask for creation of "My account" with full info. If the license is "validated", automatically should be included in "My account".
Just hopping that somehow in time, the user wouldn't be able to provide "proof of purchase" and the license will be canceled , doesn't seem to be ethical.
MBAM slowness
in Malwarebytes for Windows Support Forum
Posted
What is the amount of "slowness" considered normal to be introduced by MBAM???
I installed MBAM premium on various combinations (only MBAM, MBAM+MSE, etc) , but regardless I can clearly see a significant impact on browsing, compared with any of top three antiviruses (I tried Avira, ESET and Bitdefender free)
The difference is significant. A PC with MBAM only is 2-3 times slower than a PC with the said antiviruses. MBAM and MSE even more.
Any personal experience???