Jump to content
bdubrow

Announcing Malwarebytes 4.0 for Windows

Recommended Posts

Hello, Malwarebytes Community--

We're very excited to announce the release of Malwarebytes 4.0 for Windows!

This release provides a major evolution of our detection technology, as we announce our new Malwarebytes Katana Engine. The Katana engine combines innovative new detection technologies with our best existing detection engines to bring you even greater security. 

In addition to the malware detection improvements, we've redesigned the user interface with a cleaner and simpler design:

916200549_MB4Dashboard.PNG.549b7f8ad6a1f4e04843432795efc3c9.PNG

Key features:

  • Improved zero-hour detection – pinpoints new threats as they arise and before they can wreak havoc on your device
  • Expanded malware detection – blocks even more malware for improved protection
  • Signature-less behavioral detection – identifies the latest variants of dangerous malware families that attempt to evade traditional signatures through runtime packing, obfuscation and encryption, offering instant protection against new threats that traditional AV has a hard time detecting
  • Faster threat definition process – streamlines the publishing of new definitions, reducing the time it takes to protect you from new threats
  • Revamped user interface – Completely redesigned user interface that is intuitive, more informative and simple to use
  • Threat statistics – allows you to see what Malwarebytes is doing for you in real-time and get a first-hand view of what threats are coming at you (and being blocked)
  • Cybersecurity news – dynamic feed keeps you informed of the latest threats and other security topics
  • Easier updates – more automation means you receive the latest protection with less effort

You can download Malwarebytes 4 directly from our main website download link.

Thank you all for your continued support -- we appreciate and look forward to your feedback!

Edited by bdubrow

Share this post


Link to post
Share on other sites

Known Issues

  • A working internet connection is required for the installer (If you won't have a connection after downloading then use the offline Installer)
  • Under certain circumstances the installer requires a fully clean install to complete
  • The UI can show issues under certain circumstances with High DPI and certain screen resolutions or configurations
  • Copy can still be provisional in certain screens and or wrong or missing
  • Self-Protection Early Start will prevent Windows Firewall Control from opening (work-around is to disable Self-Protection Early Start)
  • Controlled Folder Access (CFA) will block certain advanced Installer options
Edited by bdubrow

Share this post


Link to post
Share on other sites

FAQs

What new features are in Malwarebytes 4.0?
Malwarebytes 4.0 leverages all of our years of experience removing malware and delivers all the protection your Windows computer needs, now registering as the primary cybersecurity program in Windows Defender Security Center. The new Malwarebytes Katana engine provides superior malware detection for zero hour threats in particular while improving performance for faster Scans. The user interface has been completely redesigned and presents a flowing simple and intuitive experience, threats detected now link to our knowledge base center so you can rest assured and learn more about them and how they are handled. Our new lightweight installer will setup the product in a single step and keep you always up to date.

What is the difference between Premium and Free?
Our company and community are based on the belief that everyone has a fundamental right to a malware-free existence, and that is not changing. Malwarebytes 4 Free will have the same capabilities as Malwarebytes 3.x. You can run scans on demand for free, however if you want us to keep your computer secured automatically with real-time protection and scheduled scans you can sign up for Premium and unlock the full power of the product’s features.

Which Operating Systems does Malwarebytes 4 support?
Malwarebytes 4 supports Windows 7 SP1 or newer.

We continue to support legacy XP and Vista with our Legacy version, you may download the latest available version for XP and Vista by clicking here.

Even though Malwarebytes does not recommend running operating systems that Microsoft no longer supports, we have no current plans of ending or phasing out in any form our support for Windows 7. This means that going forward, and until further notice, we will continue to support Windows 7 as we have up to this point.

Additional information

     Upgrading to Malwarebytes 4.0

     Pricing

     Anti-Virus Replacement

     Malwarebytes 4.0 files to be added to AV Exclusions List

     Malwarebytes support for legacy Windows XP and Vista Operating Systems

     EICAR

 

 

 

 

Edited by Erix

Share this post


Link to post
Share on other sites

Upgrading to Malwarebytes 4.0

I already have a subscription to Malwarebytes 3.x. How much do I have to pay for Malwarebytes 4.0?

Existing subscribers will not have to pay anything extra. All Premium subscribers with an active subscription can upgrade to Malwarebytes 4.0 for free. Your existing license key will work automatically with Malwarebytes 4.0 Premium.

Malwarebytes continues to honor legacy lifetime licenses for Windows (which, as a reminder, allowed for activation on one Windows device).

Edited by Erix

Share this post


Link to post
Share on other sites

Pricing

What will be the price for a Malwarebytes 4.0 Premium license, and how many PCs will it cover?
The price has not changed with the release of Malwarebytes 4.0. The price for new purchases of Malwarebytes 4.0 Premium is $39.99/year for 1 PC. 

Edited by Erix

Share this post


Link to post
Share on other sites

Anti-Virus Replacement

Is Malwarebytes 4.0 Premium an anti-virus replacement?

With Malwarebytes 4.0 we are releasing brand new detection technology as part of our Anti-Malware protection. Malwarebytes 4.0 goes beyond traditional AV solutions by applying multiple layers of protection and detection, including proactive ransomware technology, malicious website protection and anti-exploit capabilities. These features combine to deliver the holistic defense across multiple attack vectors necessary to protect users in today’s evolving threat landscape and are backed by Malwarebytes’ powerful linking technology, renowned for its ability to remove all traces of malware from an infected machine.

Since Malwarebytes 4.0 Premium is an anti-virus replacement, will it register itself in Windows Security Center in order for Windows to recognize it as security software?

With any new install Malwarebytes 4.0’s new default behavior is to register in Windows Defender Security Center (also known as Windows Security Center, Windows Action Center) as a primary line of defense. Due to Microsoft’s implementation of Windows Defender Security Center, this means that Windows Defender will disable itself as a result (depending on your operating system). Though we do not prevent you from running traditional anti-virus with Malwarebytes, we recommend that you keep Malwarebytes registered as your primary security to get the most comprehensive protection against threats. 

If you are upgrading from Malwarebytes 3.x, then the behavior is a little different. Your current Windows Security Center registration information for Malwarebytes 3.x will carry over. For example, if you have Malwarebytes 3.x registered in Windows Security Center, then that is what you will see with 4.0. If instead, Malwarebytes 3.x is not registered in Windows Security Center, then it will not register on upgrade to Malwarebytes 4.x and will instead remain in compatibility mode unless you change this in Malwarebytes 4.0’s Settings.

 

Edited by bdubrow

Share this post


Link to post
Share on other sites

Malwarebytes 4.0 files to be added to AV Exclusions List

Some antivirus applications require exclusions to be defined for Malwarebytes, so that they do not interfere with Malwarebytes operation and vice versa. These are typically referred to as exclusions or ignore list entries. The following is a list of Malwarebytes programs which should be placed on an Exclusion list if required. 

This list is specific to Malwarebytes Anti-Malware 4.x.

Exclude the following folders: (The complete folder)

  • C:\Program Files\Malwarebytes\Anti-Malware
  • C:\ProgramData\Malwarebytes\MBAMService

Exclude the following files:

  • C:\Windows\System32\drivers\mbae64.sys  (mbae.sys for x86 systems)
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\MBAMChameleon.sys
  • C:\Windows\System32\drivers\MBAMSwissArmy.sys
  • C:\Windows\System32\drivers\mwac.sys
  • C:\Windows\system32\Drivers\farflt.sys

For specific steps on how to add these files to your antivirus' exclusion list, you will need to contact your antivirus provider directly for best results.

If you have additional questions or need assistance with this particular scenario, please head to our Malwarebytes Support section and create a new topic or simply click here (note: you need to be signed in to create a new topic)

Edited by Erix

Share this post


Link to post
Share on other sites

Malwarebytes support for legacy Windows XP and Vista Operating Systems

Malwarebytes 3.5, will continue to support legacy Windows XP and Windows Vista at the same level as we had with earlier 3.x releases. In order for Malwarebytes to better support these legacy operating systems we’ve designed Malwarebytes 3.5 with special compatibility features to allow on-going protection updates and other maintenance upgrades via a separate development track.

Malwarebytes does not recommend running operating systems that Microsoft no longer supports. We strongly recommend that you consider upgrading your legacy operating systems due to the risk from exploits and other threats. However, we recognize that some customers have reasons to continue working with legacy systems so Malwarebytes wants to continue providing support for these legacy platforms for as long as possible. 

Users running Malwarebytes 3.5 on Windows XP and Vista will continue to receive on-going protection updates to keep safe from the latest infections. However, these operating systems will no longer receive program upgrades, such as component packages or newer program versions, for new features. Malwarebytes will continue to release bug fixes, stability improvements, and other upgrades for the XP and Vista platforms on an as needed basis.

You may download the latest available version for XP and Vista by clicking here.

Additionally, as Microsoft has announced its Support for Windows 7 will be ending Jan 2020, we are frequently asked about Malwarebytes supporting Windows 7.

Even though Malwarebytes does not recommend running operating systems that Microsoft no longer supports, we have no current plans of ending, or phasing out our support for Windows 7. This means that until further notice we will continue to support Windows 7 as we have up to this point.

For further details, please view the official Malwarebytes Lifecycle Policy:  

https://www.malwarebytes.com/support/lifecycle/

Edited by AdvancedSetup
Corrected font isuse

Share this post


Link to post
Share on other sites

EICAR

According to the European Expert Group for IT-Security (EICAR) organization, the EICAR test file is a plain string of ASCII characters which can be opened with a regular text editor. EICAR asserts that antivirus products should detect any file that starts with the EICAR strings, which are the following 68 characters:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Detecting the EICAR strings doesn’t mean anything in terms of proving a products’ real-world effectiveness against threats. This experiment merely proves that the antivirus product can use a pattern-matching signature and trigger against a DOS file (not a Windows PE file) whose content starts with the above EICAR string.

At Malwarebytes, we employ over 7 different prevention layers. Each layer has a specific objective in terms of disrupting threats at different stages of the attack chain. Most layers are signature-less and are designed to protect against the real-world threats our researchers observe in-the-wild, ensuring Malwarebytes customers are protected against prevalent and relevant threats.

The detection or lack thereof of the EICAR test file is not representative of how our different vector blocking and payload prevention techniques work, both in pre-execution and post-execution phases of the attack. The MBAM engine does not need to deal with scripts because our anti-exploit, web blocking and application behavior engines are much more effective at disrupting script-based malware and exploits without relying on signatures. Most anti-virus products have to rely on signatures to detect and block script malware, which is exactly what you DON'T WANT your antivirus to do. There are many more obfuscation and signature evasion techniques available for script droppers than there are for binary malware. Therefore relying on signatures to detect script droppers or files like the EICAR test file, is actually damaging to your security. The fact that your security product detects EICAR with a signature should be a reason for CONCERN instead of success. Most modern script-based droppers and attacks are obfuscated anyways, so using signatures on scripts (as those signature detections for .JS ransomware droppers regularly found in VT) is largely useless and easily bypassed as compared to other protection approaches like those found in Malwarebytes for Windows.

An EICAR detection proves that a product is able to use pattern-matching signatures and detect a type of threat that may have been prevalent and relevant over 2 decades ago. According to EICAR, a batch file that reads in another file and displays an “alert” message if it finds the EICAR string would qualify as a virus detection product.

In summary then, Malwarebytes for Windows already incorporates world-class, next-generation anti-malware technologies. Our combination of signature-less and rules-based layered approach is far more effective than using AV signatures. Malwarebytes is able to prevent 0-minute threats and attacks without updates, even script-based, file-less, and other advanced attacks. We will not detect EICAR because EICAR is not representative of either today’s threat environment or security needs.

Edited by AdvancedSetup
Corrected font isuse

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.