Register    Login    Search    Articles & downloads     Who We Are    Donate    Jaylach Free Sites

Board index » Technical Forums » Security




Post new topic Reply to topic  [ 22 posts ] 
Author Message
 Post subject: MBAM 3.0
 Post Posted: Thu Dec 15, 2016 10:43 pm 
Offline
welcoming committee
User avatar

Joined: Sun Apr 15, 2012 9:16 am
Posts: 199
Location: Lambertville, NJ
Adding to bbarry's topic on Ransomware...
On blog.malwarebytes.com in their FAQ...

"I have a Malwarebytes Anti-Malware lifetime license. Will it work for Malwarebytes 3.0?
Yes! Simply install Malwarebytes 3.0 on top of your Malwarebytes Anti-Malware and your lifetime license will automatically apply to Malwarebytes 3.0."

I wonder if the lifetime license continues or dies here!


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Thu Dec 15, 2016 11:11 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
I believe if you have a lifetime license it will be honored. Marcin has been honorable about that. For beta testing I received a lifetime license and it says Never Expires.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Fri Dec 16, 2016 1:22 am 
Offline
Resident Geekazoid Administrator
User avatar

Joined: Wed Mar 21, 2012 5:09 am
Posts: 9435
Location: The state of confusion; I just use Wyoming for mail.
I really don't know but would think that the wording of the lifetime subscription is pretty straight forward as to it never expireing but there are always loopholes. Still I would be surprised if MBAM did not honor their promise.

_________________
Image
Free sites from jaylach.com
I NEVER forget... I just remember late.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Fri Dec 16, 2016 3:30 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Malwarebytes is one of the few software companies, VERY few, that has earned my respect.

Long story made short, please let us know if they do not honor their contract, thanks.
Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Fri Dec 16, 2016 6:20 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Guy's relax. It has been stated multiple time, they are honoring lifetime licenses and subscriptions.

The only real concern is they have released early, and MB3 is still more of beta at this point.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Fri Jan 27, 2017 4:39 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Patty asked me to start a thread on MB 3.0 but since we have this one going I thought I'd continue here.

Interestingly you had success with the last version but many aren't.

When I first started the tests I found a key sample that MB3 failed to detect. Not wanting to spread trouble, So I reported it directly to Marcin. I got back some fud about what I did wasn't real world testing and the real world could be difficult. WHen I pointed out what I had done was exactly how I was getting stuff in email, he turned it over ZLN. I got a lecture on "vectors". Then I realized that maybe the way I tested I discovered the sample was detected after all. I reported that and got no answer.

Then recently I tested some ransomware samples and got no detection on 22 samples. When I reported this the fud flew and it was all the same. Real world testing is really difficult. I ran this by two folks I consider experts and got the same reaction. That what I was hearing was nonense. I then asked for them to tell me specifically what was real world testing. I got an answer from one of their forum experts and it was utter nonsense. I responded and decided I was thru.

But the Tech support manager had put me in touch with one of the developers and he was helpful but had no solution. Then yesterday the Tech Support Manager reached out again saying that they wanted to do videos show what I was trying to demonstrate what I was testing. Obviously I am going to help, but I remain skeptical. Lets wait and see.

Pete


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Fri Jan 27, 2017 7:44 pm 
Offline
Resident Geekazoid Administrator
User avatar

Joined: Wed Mar 21, 2012 5:09 am
Posts: 9435
Location: The state of confusion; I just use Wyoming for mail.
Thanks for putting out the effort Pete. :)

As to myself I think I'll stick with 2.x for now. ;)

_________________
Image
Free sites from jaylach.com
I NEVER forget... I just remember late.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 11:44 am 
Offline
Fearless Leader
User avatar

Joined: Wed Mar 21, 2012 5:42 am
Posts: 2819
Thanks, Pete. Jay's comment about sticking to 2.x made me wonder if the same samples you tested that 3.x failed on are detected by 2.x?

_________________
Patty MacDuffie
Computer Haven Administrator

Live Long and Prosper
Mr. Spock


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 12:56 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Hi Patty

When I talked with the developer he was very guarded, but reading between the lines in that it sounded like he was saying don't treat it as 4 distinct layers, but as one homogeneous program with 4 parts working together, which is not what thay are advertising.

When they reached back out to me Thursday, I retested 11 samples and as they requested I did looking for samples for just the ransomware module. 5 of the 11 samples did stop the ransomware. Turning back on the malware module, MB3 stopped all 11 samples. That is good. I think the improvement is from the new version which they said had improved detection.

But now what they done is another lame headed move. They said they found a fix for the VSS problem with imaging, but instead of putting out a beta for MB3 they put it in the Anti Ransomware standa lone beta. So far on the 3 forums I've been following, no one is testing it. So they may end up putting the module in MB3 with out any user testing. Good way for them to end up with more egg on their face.

Patty at this point I would suggest leave MB3 on if you have the latest build. But remember you need to turn off the ransomware module before you image and then turn it back on.

Stay tuned. I'll update when I have new info.

Pete

PS I really want it to work both for me and them. It's just there are some painful management decisions that I think are tough both on users and their tech people


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 1:22 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Peter, thanks so much for doing all of this stuff for us. :bow7:
Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 1:51 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Hi Acadia

You are most welcome. It's not entirely selfless. As you know I have business data that I consider vital to protect, and the threat landscape is constantly changing, and I feel compelled to keep up. Just glad to share what I learn.

Pete


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 2:25 pm 
Offline
Resident Geekazoid Administrator
User avatar

Joined: Wed Mar 21, 2012 5:09 am
Posts: 9435
Location: The state of confusion; I just use Wyoming for mail.
Well so much for staying with 2.x as it auto upgraded to 3.0.6.1469 last night.

_________________
Image
Free sites from jaylach.com
I NEVER forget... I just remember late.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 3:59 pm 
Offline
Fearless Leader
User avatar

Joined: Wed Mar 21, 2012 5:42 am
Posts: 2819
Thanks, Pete. Appreciate all the info.

_________________
Patty MacDuffie
Computer Haven Administrator

Live Long and Prosper
Mr. Spock


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sat Jan 28, 2017 4:32 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
jaylach wrote:
Well so much for staying with 2.x as it auto upgraded to 3.0.6.1469 last night.


If everything works okay you should be fine. Just remember to turn of the Anti Ransomware if you image, and then turn it back on. Actually anything with VSS


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sun Jan 29, 2017 10:28 am 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Ok, GG got the message to update MBAM this morning, I chose "Later". I have not got the message yet, checked, and I am still on version 2, so it did not update automatically, yet.

So if I understand this correctly, I just need to turn off the Anti-Ransomeware mode before I image, and I assume that is easy to do?

Also a question for Peter, I believe this would also affect Instant Recovery, correct? Not a true imaging system but I believe Todd switched it to VSS many years ago.
Thanks all, Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Sun Jan 29, 2017 5:45 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Hi Acadia

I think it would effect IR, but haven't tested. I am about to prod them, because the way they are going testing is something just this side of stupid.

An update: I did some more testing. Picked about 11 Ransomware samples, all exe files. The ransomware module by itself caught 5. That's better then it had been. Then I turned all modules back on and it got all 11.

Then it dawned on me that they have been harping on real world testing and most of the malware coming the emails I've seen are all scripts. So I rounded up about a dozen scripts, and tested them. With all modules on, only 2 were detected. Compared to that Voodooshield detected all 11 of the exe's and all 12 of them.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Mon Jan 30, 2017 11:57 am 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Further update:

I contacted the support manager I've been in contact with, and expressed my feeling. I got a detailed reply back explaining why they are doing things the way they are. Although to long to copy it actually made sense. Based on that I am willing to give them the time and help them. Fingers crossed.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Mon Jan 30, 2017 12:57 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Thanks again, Peter. For the time being I will keep Malwarebytes Pro installed even though I believe VoodooShield would more than take up the slack of MB removal. You know me, the more safety nets the better, and today's modern powerful processors with gazillions of RAM can easily handle them all (if they are compatible). I just hope MB does not force the version 3 update down my throat.
Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Mon Jan 30, 2017 2:07 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
You turn off the check for updates (software) and it will leave you alone

Also I extended the offer to them to pretest the combined package once the Vss stuff is integrated. They seemed very receptive. This is all good.


Pete


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Wed Feb 01, 2017 12:33 pm 
Offline
welcoming committee
User avatar

Joined: Wed Apr 11, 2012 6:45 am
Posts: 1073
Ok, turned off the software updates for MB on my pc, still getting the signatures, good! But also turned off the software update on GG's pc and every morning she is still getting the SOFTWARE update nag. Any ideas?
Thanks all, Acadia

_________________
The blazing evidence of immortality is our dissatisfaction with any other solution. -- Emerson


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Wed Feb 01, 2017 2:00 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
Several options:

1. Complain on their forum. Won't have any immediate effect

2. Just ignore them

3. Let it update and turn off the ransomware module.

The obvious. Image first.


Top 
 Profile  
Reply with quote  
 Post subject: Re: MBAM 3.0
 Post Posted: Wed Feb 08, 2017 7:13 pm 
Offline
welcoming committee

Joined: Sun Apr 15, 2012 5:52 pm
Posts: 970
If you are using MBAM 3.0 BEWARE!!!

When it detects something it thinks is bad, it may call for a reboot to remove it. This has had a trashing effect. What has happened to some folks is the profile is corrupted and it goes back to the default profile, which makes it look everything is gone.

Treat this software as very beta.


Top 
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 22 posts ] 

Board index » Technical Forums » Security


Who is online

Registered users: No registered users

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:

Similar topics


Jump to:  

cron