Malwarebytes Anti-Ransomware Beta

Discussion in 'other anti-malware software' started by ZeroVulnLabs, Jan 25, 2016.

  1. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
  2. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    1. Opensourcing your code as commercial company doesn't make sense.
    2. For that vulnerability you need to perform an MITM.
    3. Feel free to audit any of their applications, they now have a bug bounty program.


    * Open Source makes sense, it would be easier to us to see the process and to audit the product in the security section that makes all sense I could imagine.
    * Nope it's incorrect, please re-read the distribution one part was/is MITM with unencrypted connection which directly compromises the malware signatures (of course it's possible to MITM this especially on LAN) and the second part is wrong ACL entry's which is more critical because you can expand privileges which then is very easy which makes entire product useless. Both of them are critical and to hide such information from us is not good (imho).
    * I would audit but ..., no source and no one would give me money, it's my time I did in the past and found several other problems in other products like Kaspersky, BitDefender, GData ..., and all this without money. Which bug report program you talking about, I only found the forum and support which is more a FAQ. And don't know about this, but's email based.

    All these technologies and products are big projects with a lot of moving parts and dependencies. There's no point in providing roadmap information for things we know are not 100% and will likely change. The impact of saying something today and then changing it every week thereafter is worse. You would then be complaining about how we said one thing and changed some detail the week after.

    We may have then different point of few's what a roadmap is because it's the way you want to go, what you want to integrate/implement like AE [which again was never mentioned that it will be implemented -> not in any changelog or blog post's for me it's maybe on the plan now because most people want this integrated] . The other changes no one care or changed very often should not listed in the roadmap (as you said) but that wasn't my intend because I not asked for something like a git history log on changes but more for a 'waypoint' (and this not changes often).

    Don't get me wrong I not want an answer on all forum/bug posts but more transparency especially on paid products is not so hard. :)
     
    Last edited: Feb 4, 2016
  3. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,910
    Location:
    North of the 38th parallel.
  4. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,982
    In the future once MBARW comes out of beta we will roll the technology into our consumer and corporate products so that you won't have to deal with multiple separate clients.
    https://forums.malwarebytes.org/ind...-mbam-and-mbae-why-do-i-need-anti-ransomware/
     
  5. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    Correct, if one would read the links it's clearly stated the products will be rolled together.
     
  6. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    594
    Location:
    Canada
    Why dont you incorporate all 3 products into 1?? :D
     
  7. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
    :thumb:
     
  8. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    Why don't you incorporate all 3 products into 1?? :D

    I for one have lifetime lic for malwarbytes antimalware, yearly sub for Antiexploit and yearly for Winantiransome Plus

    I would not like to lose my lifetime for antimalware. I am afraid if they are all tied into one it will be a yearly sub like they have gone to now on everything
     
  9. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    lifetime license holders are grandfathered for life. No need to worry.
     
  10. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    Sweet :thumb::thumb:
     
  11. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
    Awesome! :thumb:
     
  12. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
    lifetime license holders are grandfathered for life. No need to worry.

    Ok that sounds good but then if all three are rolled into one, would I have a lifetime lic for antimalware and a yearly for the antiexploit and antiransomeware?
    I am still confused.
     
  13. ance

    ance formerly: fmon

    Joined:
    May 5, 2013
    Posts:
    1,360
    Very nice :thumb:
     
  14. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,321
    Location:
    AmstelodamUM
    Afaik, when MBARW is finished (and added to MBAM), lifetime and yearly licenses of MBAM stay the same, but with the addition of MBARW.
    For MBAE, the current yearly license model stays the same.
     
  15. guest

    guest Guest

    So basically MBARW will be added to MBAM and MBAE will remain as a separate product and won't be added to MBAM?

    Taking into account how competitive is the AV/AM market I would empower MBAM as much as possible. I miss something like zemana AM in MBAM and of course MBAE
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    I personally still prefer a standalone product, but perhaps it's better to integrate it with MBAE or MBAM because people will not want to pay several yearly fees. But will it be a paid feature, that's the question.
     
    Last edited: Feb 8, 2016
  17. guest

    guest Guest

    I hope someone can clarify the future of MBARW I read in their forums that it will be added to MBAM but the said nothing about to make it disappear as a standalone (maybe free) product or keep both.

    @ZeroVulnLabs How does it compares with CryptoPrevent? It has much more options that MBARW at least in the interface.
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    CryptoPrevent places restrictions on folders, such as %appdata%, to prevent malware from executing. MBARW is an active, real-time monitor looking for crypto-ransomeware behavior. They should be complimentary.
     
  19. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    I wonder if this will still be the case with forthcoming version 8 which is a full re-write from the ground up with almost 15,000 lines of new code and a fully re-designed interface it’s almost ready. Including new protection features, updated old protection features ...
     
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Yes, I'm also curious about the scope of CryptoPrevent v8. Version 7 Premium already has a beta option to do "definitions based program filtering" in addition to SRP. Perhaps that has been more widely implemented? We should know soon :thumb:
     
  21. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    New beta5 (build 0.9.14.361) is out.
    DL: hxxps://malwarebytes.box.com/s/uluqe6ms2l36bsxkudurlr7yr8lp6d8g

    Known Issue:
    • If installing the upgrade on Windows 8.1 x64 over a previous Beta, the service may not start automatically. In this case, simply click Start Protection on the Malwarebytes Anti-Ransomware dashboard or run the Beta installer a second time.

    Improvements:
    • Improved internal log format to better distinguish between the various Anti-Ransomware beta versions
    • Adjusted embedded license so that earlier beta versions could be expired and users would be encouraged to move off older versions and onto the latest available beta

    Issues Fixed:
    • Fixed issue that caused high-CPU and memory usage and resulted in a process crash in certain cases
    • Fixed issue where the current state of the protection status was not remembered correctly after a reboot
     
  22. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I finally have the chance to beta test MARW. It's beta coincided with AppGuard's beta testing period, and I did not want to test them together right away. When you test two new beta's together it can be difficult to know which is causing a problem if one were to occur. I think I know what to expect out of this AG beta now so it's time to do some testing on MARW. I don't have a test machine to test Crypto-malware on at the moment so all I can do is make sure it runs well on my setup. I just installed MBARW build 0.9.14.361 on Windows 7X64 Ultimate. I also have Eset Smart Security 8, AppGuard beta, and MBAE installed. I will report back after I've had enough time to see how it's running on my setup.
     
  23. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Does MBARW use a KMD, hooking, or both to monitor potentially dangerous behavior?
     
  24. Although I can understand the business logic behind keeping protections separately, with the gaining strength of Windows Defender on Windows 10, I could not find a better companion as MBAM/MBAR/MBAE for average PC users. Still very happy with the announcement of a combined MBAM/MBAR
     
  25. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    I guess it uses KMD to monitor on dangerous behavior.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.