Jump to content

Disappointment


Recommended Posts

Hello:

After using the free version for 6 months, I paid for the licensed version and am disappointed I was misled to believe there were differences between paid and free, including being able to specify an exclusion (ignore) list of folders.

Instead, after viewing this forum, I can see that one has to use File Explorer and find a way to select all the folders to scan (include), a very tedious and ridiculous task when the folders and subfolders containing static files (for example .pdf or .jpg files) are all over the folder tree of the drive being scanned.

As a result, a full scan takes 2 hrs instead of 10 minutes.

Worse, this forum misleads people into thinking that full-scans are really not necessary and does not explain why -- says all one needs is a quick scan if they are running in protected mode. I take this to mean that theoretically at least one full scan should be done once and then only quick scans are necessary provided you are in "protection mode" and you start the Malware protection when Windows starts.

What malwarebytes.org needs to understand is that sometimes one has to turn off protection for a period of time for a variety of reasons. And so a full scan would be needed in that case once the protection is turned on again (particularly if one wishes to remove malware *before* the malware is launched). Full scans are also needed for other hard drives which may not have been connected or networked even while the protection/scanner was enabled.

In summary, I was told there was folder exclusion features in the paid version (again I don't consider the selection of folders all over the place every time a manual scan is needed) and I cannot find these and am **disappointed** -- the ability to enable real-time protection is useful but not as important as doing full-scans on demand and WITH an exclusion list (like any good AV program works).

And finally, a detailed explanation of what a quick scan does should be included i your documentation and you should state why (and under what conditions) a full-scan is or is not needed. For example, in the free version without realtime protection, one must always do a full scan, period, end of story. In the paid version, one must do it if they ever encounter the situations I descrived above. Reading your forums will confuse them and deceive them into believing otherwise.

I know you mean well. So, please, beef up the documentation and PLEASE, PLEASE get the exclusion list going. Even a simple flat ascii file specified on the command line that has folder names to exclude would be very helpful. Example below (note the /S flag to indicate subfolders).

"C:\PHOTOS"

"C:\TEMP" /S

"C:\MYPDFS"

"C:\DOWNLOADS\Microsoft"

"H:\USER-DATA\PRIVATE" /S

Send the folder scanner code o me for "Full scan" and I will implement it in a couple of hours. :-) :-)

Regards,

Harry

Link to post
Share on other sites

Send Malwarebytes Customer Service an Email. My guess is that they will refund your money if you tell them you are not satisfied. I think you would be making a mistake as the active protection is a good addition to whatever your AV program is already doing. Plus, you are supporting people that really are trying to help you rather than bleed you like some of the big AV companies.

Look through the HijackThis help forum. Many of those people have horrendous problems. I routinely look to see what is going on. I don't recall anyone ever being asked to run a full Malwarebytes scan. That along with what Marcin and the other Malwarebytes staff say is good enough for me that a full scan isn't generally needed.

Link to post
Share on other sites

Worse, this forum misleads people into thinking that full-scans are really not necessary and does not explain why -- says all one needs is a quick scan if they are running in protected mode. I take this to mean that theoretically at least one full scan should be done once and then only quick scans are necessary provided you are in "protection mode" and you start the Malware protection when Windows starts.
Ample explanation has been given regarding the recommendation of the Quick Scan over the Full Scan. The Full Scan is never necessary, paid or free version. That's because the Quick Scan is designed to check all active locations of malware that Malwarebytes' is capable of detecting. This has been stated by many several times, including the developers themselves. MBAM is not a typical file scanner like an AV, it doesn't detect a file based simply on a normal hash check. It uses heuristics for the bulk of its detections, looking for infection patterns that help it to accurately identify active infections.
Link to post
Share on other sites

  • Staff
Hello:

After using the free version for 6 months, I paid for the licensed version and am disappointed I was misled to believe there were differences between paid and free, including being able to specify an exclusion (ignore) list of folders.

Instead, after viewing this forum, I can see that one has to use File Explorer and find a way to select all the folders to scan (include), a very tedious and ridiculous task when the folders and subfolders containing static files (for example .pdf or .jpg files) are all over the folder tree of the drive being scanned.

As a result, a full scan takes 2 hrs instead of 10 minutes.

Harry

Just who was it that 'misled' you? What documentation have you seen of this feature on our website or been told to you by any staff member? I dare say you won't find any such information on the site or presented by any staff.

Let us know when you find that and we'll address it.

Link to post
Share on other sites

Just who was it that 'misled' you? What documentation have you seen of this feature on our website or been told to you by any staff member? I dare say you won't find any such information on the site or presented by any staff.

Let us know when you find that and we'll address it.

Two items that are misleading is as follows:

1. There is nothing n the online documentation regarding the difference between full vs quick scan--- so users are left to assume it behaves like a typical scanner. So far so good.

2. In this forum, while looking around for whitelisting discussions, I stumble into repeated assertions that a full-scan is not necessary. That is misleading for the reasons I gave -- it should clearly state that this is only true if [a] if you have the paid version and launch it with windows, and you do a full scan at least time on the fixed hard disks, and [c] you understand the caveats of removable drive that becomes attached to your PC.

Okay, if you wish to know who misled me in a private email you will have to email me privately. Here is the modified email from a few weeks ago -- focus on [1]. As I said, I was misled. No question about it. The fellow misunderstood and I am not angry -- just disappointed and just want my money back. The product is of no use to me. I am happy with my Norton/Symantec scanner and occassionally I am willing to do a full scan with the free version (which, BTW, as you know, is what most of the world does). If you would wake up :-) :-) and force folks to only have the paid one support a blacklist (a blacklist, which will likely be far smaller than a whitelist, is far preferable == the only reason I described a whitelist is because your only workaround right now is to manually do all folders one set of folders at a time [always resticted to multiple folder selections within the same parent folder]).

So, if you had such a blacklist - you'd do very well -- regardless of what you think since your product has gone on a long time without it and the implementation is rather simple. Yesterday, I did a full scan on my computer that took 4 hrs. Did you hear that? 4 hrs. Who knows what you are doing during this time but my Symantec scanner also only looks at non-data and takes a long time too -- but A VERY SHORT TIME with the exclusion list it allows me to specify.

Let me know how I can get my credit please and let me know if you need the email snippet shown offline. And don't get the employee in trouble. As I said, mistakes are made all the time, such as your development team spending way too much time on this forum and not enough time on detailed documentation and a simple blaklist feature.

Regards,

HarryO

================================

================================

Hello Mr xxxxxxxxxxxx,

[portion snipped]

To answer your questions:

1) The product is capable of your stated need.

2) Command line parameters will allow you to run in the middle of the night.

[portion snipped]

Best Regards,

xxxxxxxxxxxxxxxxx

[the above was a reply by one of your employees to what I, harryo, said below]

....Also, I need to make sure the following needs are met in the corporate version -- can you comment:

1. Easily exclude drives and folders (and their subfolders) through local settings and/or global settings

2. Command line interface so a full-scan can be launched in the middle of the night with Task Scheduler

[remainder snipped]

Link to post
Share on other sites

Send Malwarebytes Customer Service an Email. My guess is that they will refund your money if you tell them you are not satisfied. I think you would be making a mistake as the active protection is a good addition to whatever your AV program is already doing. Plus, you are supporting people that really are trying to help you rather than bleed you like some of the big AV companies.

Look through the HijackThis help forum. Many of those people have horrendous problems. I routinely look to see what is going on. I don't recall anyone ever being asked to run a full Malwarebytes scan. That along with what Marcin and the other Malwarebytes staff say is good enough for me that a full scan isn't generally needed.

I 100% disagree with you. We have some computers that can't take the performance hit of both a real-time malware bytes and a real-tim Symantec running. Instead, we want to increase our coverage of problems detected as follows: (a) run Symantec real-time, (:) occassionally (scheduled or as needed) run a full-scan of malware bytes. This has been a wise and useful approach. You should consider it. What discourages that is the time it takes to run a full scan. Period. End of story.

Second, if you read my postcarefully, you would see that sometimes in troubleshooting one has to turn off the real-time protection. Have you ever done that? If you did, then know this: you beeter keep track of every single file that shows up on your system, with all kinds of file-dates, and then you better scan them one at a time even after turning malware protection on? Or maybe your mind says: "no problem, when these unknown files get loaded, if ever, that's when I will find out they are malicious and so no need to do a full scan". Well, that's not how the real-world operates in a security environment. Maybe you copied some of those files to a thumb drive before you REMEMBERED to turn on Malwarebytes realtime protection. Maybe, maybe, maybe... we don't operate the way you all suggest because we have a lot of experience that there are too many scenarios where we regret not doing a full-scan after re-enabling a scanner. What discourages anyone from doing a full scan (whether you think they are useful or not is not my problem) is the time it takes to do it without a blacklist feature. And that is exactly why many of the other professional scanne rcompanies put in a blacklist feature.

Period.

Plain and simple.

HarryO

Link to post
Share on other sites

I 100% disagree with you. We have some computers that can't take the performance hit of both a real-time malware bytes and a real-tim Symantec running. Instead, we want to increase our coverage of problems detected as follows: (a) run Symantec real-time, (:lol: occassionally (scheduled or as needed) run a full-scan of malware bytes. This has been a wise and useful approach. You should consider it. What discourages that is the time it takes to run a full scan. Period. End of story.

Hmm, my 2004 vintage laptop with a 1.8 Centrino and 1.5 GB of RAM running XP Pro SP3 is hardly a powerhouse, but it has no problem with 360v3.5 and Malwarebytes Protection. 360 runs frequent automatic background quick scans, and I run a 360 full scan weekly (takes about 2 hours). I run a Malwarebytes quick scan a couple of times a week. I haven't run a Malwarebytes full scan since I first installed Malwarebytes last December. I'm not the best one to argue with you about Malwarebytes full vs. quick scan as there are others here much more knowledgeable than I am. At this point, I'm satisfied following Malwarebytes' advice on the issue.

Link to post
Share on other sites

That is misleading for the reasons I gave -- it should clearly state that this is only true if [a] if you have the paid version and launch it with windows, and [b you do a full scan at least time on the fixed hard disks, and [c] you understand the caveats of removable drive that becomes attached to your PC.
Using the Quick Scan over the Full scan has absolutely nothing to do with having realtime protection or not. I don't understand how you're coming to that conclusion over and over again. It has been stated on this forum (I know, I know, not in the documentation) that MBAM only has a Quick Scan because some people expect there to be one. But again, because of the way that MBAM works, the Full Scan is useless.

You could literally take a piece of malware, place it on say your D: drive, scan it with MBAM, and MBAM will most likely not detect it. If the same piece of malware is running in memory and you do a Quick Scan, it will be detected, along with whatever files and registry entries it has created. This is the nature of MBAM's heuristics and the reason it's so effective, and also the reason it only needs to perform a Quick Scan. Most of MBAM's detections are based purely on heuristics, not actual file signatures, that's why it will miss dormant malicious files in other locations on your hard drives, but pick them up if they're active, and has nothing to do with whether you're running the free or paid version. The only difference is that the realtime protection will block a malicious file on execution, note that it will not detect a malicious file simply because you downloaded it, it needs to catch it running in memory.

Link to post
Share on other sites

Using the Quick Scan over the Full scan has absolutely nothing to do with having realtime protection or not. I don't understand how you're coming to that conclusion over and over again. It has been stated on this forum (I know, I know, not in the documentation) that MBAM only has a Quick Scan because some people expect there to be one. But again, because of the way that MBAM works, the Full Scan is useless.

You could literally take a piece of malware, place it on say your D: drive, scan it with MBAM, and MBAM will most likely not detect it. If the same piece of malware is running in memory and you do a Quick Scan, it will be detected, along with whatever files and registry entries it has created. This is the nature of MBAM's heuristics and the reason it's so effective, and also the reason it only needs to perform a Quick Scan. Most of MBAM's detections are based purely on heuristics, not actual file signatures, that's why it will miss dormant malicious files in other locations on your hard drives, but pick them up if they're active, and has nothing to do with whether you're running the free or paid version. The only difference is that the realtime protection will block a malicious file on execution, note that it will not detect a malicious file simply because you downloaded it, it needs to catch it running in memory.

This is so tiring. Why should I believe you? Why can't the developers formally document it in the already skimpy documentation? Instead they say this:

"Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system. "

This doesn't sound anything like the mind-numbing discussions here. Get professional: document. How sad. A product whose users have to scour through a forum to truly understand what the proper usage of the tool *really* is. Also, if you really believe a full scan is not necessary, get rid of it. Have the paid version hide the "Full Scan" button.

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

or a full scan

or a full scan

or a full scan

or a full scan

or a full scan

or a full scan

Harry O

Scanner: The scanner tab allows you to run a quick scan or a full scan. This will reveal any malware on your system.

Link to post
Share on other sites

Not to turn this into a flame war, but did it ever occur to you that being a small company that is so successful at what they do (detecting and removing malware), that it might be a little hard to document everything? I hear it all the time at work, documentation is everything. But at least they respond in the forum when a question is asked and they have a great supporting community who volunteer and "chip in" as well.

You are talking about being professional yet you pasted the same line 7 times... Do you think we can't read? If you want to be taken seriously, grow up and learn how to have a productive conversation.

Link to post
Share on other sites

Not to turn this into a flame war, but did it ever occur to you that being a small company that is so successful at what they do (detecting and removing malware), that it might be a little hard to document everything? I hear it all the time at work, documentation is everything. But at least they respond in the forum when a question is asked and they have a great supporting community who volunteer and "chip in" as well.

You are talking about being professional yet you pasted the same line 7 times... Do you think we can't read? If you want to be taken seriously, grow up and learn how to have a productive conversation.

This is not a flame war. The developers spend 1000x times more on the blog/forum than on the documentation or a simple feature. That is wrong. Plain and simple. One person has a blog where they use the f*** work -- also unprofessional -- and yes, we have freedom of speech. I have grown up enough to know when a point I make is not rebuttable. Saying "grow up" is a fallacious rebuttal (ad hominem attack). Acknowledging the salesperson who emailed was in error, spenhding five minutes to update what a full vs quick scan is, or implementing a whitelist is a much better rebuttal.

I pasted the line 7 times to emphatically make the point. Small companies go out of business doing this kind of stuff.

And when will someone look at the email sent me and the reply? When will someone rebut the unrebuttable there?

And where is my refund? That's all I want.

Link to post
Share on other sites

This is not a flame war. The developers spend 1000x times more on the blog/forum than on the documentation or a simple feature. That is wrong. Plain and simple. One person has a blog where they use the f*** work -- also unprofessional -- and yes, we have freedom of speech. I have grown up enough to know when a point I make is not rebuttable. Saying "grow up" is a fallacious rebuttal (ad hominem attack). Acknowledging the salesperson who emailed was in error, spenhding five minutes to update what a full vs quick scan is, or implementing a whitelist is a much better rebuttal.

I pasted the line 7 times to emphatically make the point. Small companies go out of business doing this kind of stuff.

And when will someone look at the email sent me and the reply? When will someone rebut the unrebuttable there?

And where is my refund? That's all I want.

correction:

Acknowledging the salesperson who emailed was in error, spenhding five minutes to update what a full vs quick scan is, or implementing a whitelist is a much better rebuttal.

should read

Acknowledging the salesperson who emailed was in error, spenhding five minutes to update what a full vs quick scan is, or implementing a *black*list is a much better rebuttal.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.