Jump to content

Steve1982

Members
  • Content Count

    45
  • Joined

  • Last visited

About Steve1982

  • Rank
    New Member

Profile Information

  • Location
    Canada

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I appreciate the the response but again, even if there are only back-end changes, a change log should still be published because a change log is not only a log of what changed, but an audit trail of sorts that we (the end users) can look at to confirm the legitimacy of the updates occurring to our security software. As we saw just a few weeks ago, a bug in Windows would have allowed an attacker to sign an update file so that the digital signature appears to be from a trusted provider. I know the odds are slim of something like this happening (until it happens!) but it only takes MBAM a few seconds to post an update, and it only takes me a few seconds to verify the update against what was posted. BTW I know of at least two AV vendors that not only publish product updates, but they even go as far as publishing updates to their virus signature files (i.e. several times a day!). One, Microsoft, the other Symantec. Not saying MBAM should go that far, but at the very least, updates to the executable files should be published. Also, scanning the files at VirusTotal is something I do and totally agree with you on that, but unfortunately that won't tell me if the file was downloaded from the MBAM web site unless the MBAM web site also publishes the hashes so I can compare.
  2. Ugh! This is the second Component Update in a row without any announcement or notice of any kind. I get that there are no visible changes but that is besides the point. Unless we're talking vaporware something obviously changed. When the major components of my security software is updated I want to know that it's legit. Industry experts will always tell you to make sure that your software is updated regularly. They also tell you to make sure that you know what is being installed and/or updated on your system. For literally every other piece of software on my PC this is a simple matter of going to the vendor's website and looking at the change log, most of whom include file hashes. I love you guys but this is an area where MBAM really need to pull it together. If the application I use as a notepad can do it, surely you can do it too?
  3. Okay thanks, my anxiety levels are almost back to normal 🙂
  4. Thanks, I am ... 1.0.19004. So you're 100% sure this is a FP? How do you know for sure ... is it based on the domain, the IP, etc.? Did MBAM post a list somewhere? Just curious. Believe it or not, this is actually the first real-time web detection I have ever received because I'm excruciatingly careful about my browsing habits so needless to say, I almost had a heart attack when that alert popped up ! 😬
  5. I was just updated from Component Package 1.0.810 to 1.0.823. What are the changes in the new version? Thanks!
  6. To calm my rampant anxiety on this issue can someone please just confirm to me that the following notification I received is also part of this false positive problem? I only received it once but that was right before I had to run out to a meeting and this was all I could think about. Here's the log file. I have since update to the latest Update Package and Component Package versions and haven't received any notifications since. This is also one of the false positives related to this thread right? @Zynthesist @Dashke @shadowwar @AdvancedSetup -Software Information- Version: 4.0.4.49 Components Version: 1.0.810 Update Package Version: 1.0.18998 License: Premium -System Information- OS: Windows 10 (Build 18362.628) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\System32\svchost.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Phishing Domain: fe-bl02p-msa.trafficmanager.net IP Address: 40.90.137.124 Port: 443 Type: Outbound File: C:\Windows\System32\svchost.exe Thanks!
  7. I just got this update as well. I appreciate that you guys keep the product updated but I'm definitely not a fan of MBAM application and component updates without release notes. 😲 Remember, this is probably the most important 3rd party application most of us will install on our computers so I'm not really comfortable with "mystery" updates being applied to such a critical component of my computer's security. I assume that 1.0.810 must do something different from 1.0.804. Why not announce it?
  8. The "Regional format" setting for all the machines that exhibited the behavior in the screenshot was set to "English (Canada)". However, I just installed it on a system that was set to "English (United States)" and on that system AdwCleaner correctly pre-selected "English". So @nukecadyou probably have a point. If AdwCleaner doesn't find the system's region code in some internal list it defaults the UI display language to English but doesn't set that language selector accordingly.
  9. I run it at least once a week, so no. It loads new definitions every time you run it as well.
  10. I'm extremely skittish about installing one-off things on my PC. That said, just open AdwCleaner 8.0.1 on a machine where it hasn't been opened before, then check the settings tab. I've seen the same behavior on 2 other Windows 10 PC's so it's very easy to replicate.
  11. Okay so maybe it's just me but can we change the default color of the ring under "Real-Time Protection" if there are 0 detections? Currently if you have 0 detections it's orange which is the same color used for Exploits. Opening that tab always gives me a moment of anxiety when I see the big orange ring until I see "0 Total"! 😀
  12. I would like to add my vote for checksums as well. I would especially love to see an archived list of previously released setup files with their checksums. Not necessarily to download them, just as a reference. I have a very elaborate and time consuming process I follow to make sure that a file is legit before I go ahead and run it. I then save that file offline for audit purposes. While I can always run one of those older files through VT again, it won't tell me if the file was originally available on the official MBAM website. That "relationships" tab is hit and miss.
  13. Ah, I also just noticed why I thought updates weren't being posted in the pinned thread ... the forum software no longer updates the last edited date in the thread view so I didn't bother to look as the last edited date was back in November, 2019, even though there were more recent updates. 😉
  14. Hi, I've never enrolled (now, or in the past) in the Beta program. Are these being pushed by mistake?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.