lock
Honorary Members-
Posts
375 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by lock
-
Anti ransomware - giving a false sense of security
lock replied to lock's topic in Malwarebytes for Windows Support Forum
Hi AdvancedSetup, I may agree with you that I, as an average user , do not know how to test MBAM. But to claim that everybody out there ( AV Comparatives, AV Test, PC Mag) is testing MBAM in wrong way, is a little bit too much. Some of them were in business for so many years and are the "standards" in testing security solutions. And over 20 security solutions are comfortable with the methodology used.... -
Anti ransomware - giving a false sense of security
lock replied to lock's topic in Malwarebytes for Windows Support Forum
Additional information: Here is how Neil J. Rubenking performs his testing for PC Mag, regarding "The Best Ransomware Protection of 2017" https://www.pcmag.com/roundup/353231/the-best-ransomware-protection Testing Anti-Ransomware Tools "The most obvious way to test ransomware protection is to release actual ransomware in a controlled setting and observe how well the product defends against it. However, this is only possible if the product lets you turn off its normal real-time antivirus while leaving ransomware detection active. Of course, testing is simpler when the product in question is solely devoted to ransomware protection, without a general-purpose antivirus component." "If Trend Micro Antivirus+ Security detects a suspicious process attempting file encryption, it suspends the process, backs up the file, and keeps watching. When it detects multiple encryption attempts in rapid succession, it quarantines the file, notifies the user, and restores the backed-up files. I couldn't specifically test this feature when I reviewed Trend Micro, because it's not possible to turn off other layers of protection and leave only the behavior-based system, but my contacts at the company assure me this is how it works." So, is a clear cut procedure: turn off all other layers of protection and leave only the specific shield you want to test. Thanks! -
Anti ransomware - giving a false sense of security
lock replied to lock's topic in Malwarebytes for Windows Support Forum
Hi Ron, Thank you for your answer! MBAM has 4 distinct individual shields (Web, Exploits,Malware, Ransomware) which can be selected individually. These shields have been developed and sold as "stand alone" protections until recently , when they have been incorporated in the same "unit", MBAM 3.0 In fact , Exploit is still delivered as Perpetual Beta, and is expected to perform as such, without other shields. I see the test perfectly valid, I tested the Ransomware shield against a Ransomware , nothing else. Hiding the inefficiency of Ransomware Protection behind the other shields, and hoping that somehow they will catch the ransomware by "definitions" , doesn't serve anyone. In fact, in the second part of the test , the Ransomware protection worked quite well , using a behavior mechanism, and detected Wanacry as "generic" , which is perfect, tells me that indeed, is the behavior mechanism which detected it and not some short of definition. The only problem: a few files were encrypted ( 4 .docx files) before the Ransomvare shield reacted. Is this how "Ransomware protection" should work???? -
Anti ransomware - giving a false sense of security
lock replied to lock's topic in Malwarebytes for Windows Support Forum
Hi, I tested MBAM against Wanacry. With all shields enabled, MBAM will quarantine Wanacry upon execution ; nothing spectacular so far, each and any antivirus would do that. With all shields disabled , except "Ransomware protection", MBAM would automatically quarantine Wanacry as "Malware.Ransom.Agent.Generic" , AFTER SEVERAL FILES WERE ENCRIPTED ALREADY. Is this how "Ransomware protection" should work???? Thanks! -
Make website blocked notification less intrusive
lock replied to jayman1000's topic in Malwarebytes for Windows Support Forum
So, if you turn off notifications regarding website blocking, how would you know that a website is blocked ??? You will not be able to open the webpage without knowing why... -
Make website blocked notification less intrusive
lock replied to jayman1000's topic in Malwarebytes for Windows Support Forum
Read here how.... -
Thanks! Finally, the MBAM developers listened......
-
Yes, I did that, + uninstall, clean, install , but is the same ; once again, in my situation it is a DESIRED behavior. I have it installed on 2 PC , see picture:
-
Setting is OFF, but this is for notification (like pop up message) not for X RED MARK on the icon. On previous versions I had the same setting OFF, but un X RED mark was present on the icon, OK, how is on your PC???
-
...if this is the intended behavior? I disabled "web protection" and MBAM icon doesn't have a RED X mark on it (as usual) While I like this behavior, I am wondering if this is by design or is just a flaw in the present version (3.3.1.2183) Thanks!
-
MBAM getting stuck while scanning
lock replied to Kratch's topic in Malwarebytes for Windows Support Forum
-
MBAM getting stuck while scanning
lock replied to Kratch's topic in Malwarebytes for Windows Support Forum
I can confirm that. The same "MBAM gets stuck on a certain file " , in my situation is a .dll file. -
Scan result information not readable
lock replied to Samoreen's topic in Malwarebytes for Windows Support Forum
Yeh, probably you did....while skipping first 7 years from home. -
Scan result information not readable
lock replied to Samoreen's topic in Malwarebytes for Windows Support Forum
If you go with the mouse cursor right on the edge of the window, to cursor will change in a double arrow, and you can increase the size of the window. -
I added to MSE "Excluded Processes": C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe C:\Program Files\Malwarebytes\Anti-Malware\malwarebytes_assistant.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe to MSE "Excluded Files and Locations": C:\Windows\system32\Drivers\farflt.sys C:\Windows\System32\drivers\mbae64.sys C:\Windows\System32\drivers\mbam.sys C:\Windows\System32\drivers\MBAMChameleon.sys C:\Windows\System32\drivers\MBAMSwissArmy.sys C:\Windows\System32\drivers\mwac.sys C:\Program Files\Malwarebytes\Anti-Malware C:\ProgramData\Malwarebytes\MBAMService and to MBAM " Folders": C:\Program Files\Microsoft Security Client C:\Program Files (x86)\Microsoft Security Client
-
If you toggled off the setting 'Show Notifications when Real Time Protection" you will not get notifications, however, the icon in the task bar still had ( a month ago) the exclamation mark. With the new version , I toggled off " Show Notifications when Real Time Protection" and I do not get notifications and also the red mark on MBAM icon is not present. I did all exclusions between MBAM and MSE ( including .sys drivers for MBAM); the re is zero slowdown , while Web protection is disabled, but noticeable when is enabled.
-
-
Just installed again ( over 50 times so far) the latest MBAM ( 3.3.1.2183) and finally I can turn off various shields without the red "x" mark on MBAM icon. Guess which shield I turned off first? Web protection!!! Now MBAM and MSE work perfectly with ZERO slowdown. Well done MBAM!!!! There is one more step to get there: buy/ lease an antivirus engine (Avira, Bitdefender) and create another shield (Antivirus protection) Now you will have in the same product an antivirus and an antimalware and you can participate in AV Comparatives / Virus Total, avoid conflicts with any other antivirus (no need to install another antivirus), sell a full product.
-
Lifetime license pool
lock replied to DeluxeWarPlaya's topic in Malwarebytes for Windows Support Forum
A "Life time license" is a life time one, regardless of Marcin's approval -
Lifetime license pool
lock replied to DeluxeWarPlaya's topic in Malwarebytes for Windows Support Forum
-
Lifetime license pool
lock replied to DeluxeWarPlaya's topic in Malwarebytes for Windows Support Forum
It is Malwarebytes' decision , not Marcin's promise.....