Malwarebytes Anti-Malware Updates

Yep, just tried it for the first time. Looks great and I see no problems.

Thanks MBAM.

 

This sounds very interesting but if the new Malwarebytes can now replace the traditional antivirus does this mean it will retain signatures more than three months old. If not then surely the traditional virus is still needed to run along Malwarebytes.

 

Wow, very exciting news, and congrats with the release. The GUI is looking nice, will wait for the final version.

 

Now and then after restart i get a pop up message saying that some protection is off, i can then press activate or press another button to go to thoose settings. When i go to these settings there is no problems at all. False alarm obviously.

Otherwise all seems good.

I can not see any option to regulate def. updates. How often do they update? An option to get a message that they have would be nice.

 

Yeah, I thought about this too.

 

Yes, those would be some of the programs. In addition to those, some people are concern about conflicts between this program and antiviruses that already have their own anti-exploit. And also standalone anti-ransomware programs like WinAntiransomware and Kaspersky Anti-ransomware
https://malwaretips.com/threads/ann...tion-antivirus-replacement.65468/#post-564945

 

@ZeroVulnLabs
Can correct me if I'm wrong.

Malwarebytes isn't completely signature-less. Remember it states "the majority of our malware detection events already come from our signature-less technologies like our Anti-Exploit and Anti-Ransomware.."

Malwarebytes antimalware uses signature, but its other components(anti-exploit and anti-ransomware) are signatureless.

 

Very nice, congrats Marcin and MB staff. Installed smoothly over version 2. No problems thus far.

 

None that we know of.

Good point! I'll put it on the list.

Try without Sandboxie first to see if that's the problem. If it is, there's an FAQ in the MBAE support forum about how to make them work together.

The Anti-Malware component is the same as 2.x (although much more optimized with 4.3x scan speed improvements. As for signature-less malware detection (in addition to anti-exploit and anti-ransomware), more details to follow.

 

AFAIK there's no conflict with any of those two products.

 

It seems this build also has trouble injecting the dll into the program =( when sandboxed.
Here's a quick template update for this program/beta
Only gave it a quick test but with a 13 day trial activated I won't be able to test much after that so better report issues fast!

Code:

[Template_MB3]

Tmpl.Title=Malwarebytes 3 Anti Exploit Component (Vista,7,8,10)
Tmpl.Class=Security
Tmpl.Scan=s
Tmpl.ScanService=MBAMService
InjectDll64=C:\Program Files\Malwarebytes\Anti-Malware\mbae64.dll
InjectDll=C:\Program Files\Malwarebytes\Anti-Malware\mbae.dll
OpenIpcPath=*\BaseNamedObjects*\NamedBuffer*Process*API*
OpenIpcPath=*\BaseNamedObjects*\MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\Mutex*Process*API*
OpenIpcPath=*\RPC Control*\*MBAE_IPC_PROTECTION*
OpenIpcPath=*\BaseNamedObjects*\AutoUnhookMap*
OpenIpcPath=*\BaseNamedObjects*\mchMixCache*
OpenIpcPath=*\BaseNamedObjects*\Ipc2Cnt*
OpenIpcPath=*\BaseNamedObjects*\mchLLEW*

EDIT:
Renamed Template title to MB3 in order to avoid a conflict if a user previously had MBAE installed with sandboxie and used the original "Template_MBAE"
Added a capital C to component just because...I liked it...muahahah

 

Is it stable enough to use in my main computer? Or should I try in a virtual machine?

 

Did I ever send you an MBAE Premium license key for all your testing help? If you have one you can use it in MB3. Otherwise shoot me a PM.

 

MB3 3.0.2 Known Issues published here:
https://forums.malwarebytes.org/topic/190495-malwarebytes-30-beta-known-issues/

 

wow that is a lot of issues I think I will wait. any reason I should install 3.0 with my other antiexe, antiransomeware?

 

@ZeroVulnLabs The premium licence I got from you gives me 365 days instead of never expires. Is that correct?
Any reason that the scan for rootkits is off by default in the scan settings?

 

setup has bugs when displaying german umlaute. seems an ansi <> utf-8 issue.

 

Unable to install MBAM 3 over MBAM 2:

Runtime Error (at 14:64): Could not call proc.

 

Without an internet connection at startup:



With an internet connection at startup or after closing MB3 then starting it again after enabling the NIC.


Seems to be tied to if there is an active internet connection when the service starts, not the GUI. It can download updates via the GUI and yet keep popping up with that "your trial ends today" screen. I assume a licensed one would see something similar but perhaps it's just for the trial?

Maybe it is by design but I smell something bad brewing for anyone with physical internet stability issues or anything that gets past MB and wreaks havoc on the net connection of an infected PC. IMO it should at least attempt to refresh its status once an active internet connection is found. (I only gave it 10 minutes with the gui open so maybe it already does...with a longer timeout)

I just noticed it when I fired up the machine to re-check the template, not a big deal though.

A bit more of a worry is how long it takes to stop and start the service but hopefully that's something that will be sorted out along the way to the stable release!

 

After a systemimage restore MBAM v.3 did not start up as it should. Had to start it manually. That was not easily done it took several times before it responded.

 

Yes, I completely agree.

 

Is there any plan to include MBAM in av comparatives or similar test?
Do you plan to add a cloud AV (with AI, heuristics, sandbox emulation and all that stuff?)

 

Installation succeeded in safe mode.

I must admit that I prefer the v2 GUI, a lot...(v2 looks more like a Windows 10 App than v3 does to me; furthermore I don't like the new color scheme - the old one was great).

Like has been posted, as a HMP.A user I hope the warning about real-time protection being disabled (even on the icon in the tray) can be turned off.

 

Wow I agree im staying with 2.x for now till more bugs get squashed!

 

Same here...