Announcing Beta of Malwarebytes 3.0, a Next-Generation Antivirus Replacement

Porthos

Porthos

Well-Known Member
Reaction score
13,304
Location
San Antonio Tx
PUBLIC BETA NOW


https://forums.malwarebytes.org/top...s-30-a-next-generation-antivirus-replacement/

Today we have released the beta of our next-generation product, Malwarebytes 3.0! This product is built to provide comprehensive protection against today’s threat landscape so that you can finally replace your traditional antivirus.

Our engineers have spent the last year building this product from the ground up and have combined our Anti-Malware, Anti-Exploit, Anti-Ransomware, Website Protection, and Remediation technologies all into a single product which we simply call “Malwarebytes.” And it scans your computer 3-4 times faster!

When we launch Malwarebytes 3.0, we are confident that you can finally replace your traditional antivirus, thanks to our innovative and layered approach to preventing malware infections using a healthy combination of proactive and signature-less technologies. While signatures are still effective against threats like potentially unwanted programs, the majority of our malware detection events already come from our signature-less technologies like our Anti-Exploit and Anti-Ransomware; that trend will only continue to grow. For many of you, this is something you already know, since over 50% of our customers already run Malwarebytes as their sole security software, without any third-party antivirus. But rest assured, we will continue to support compatibility if you choose to use a third-party antivirus or other security software alongside Malwarebytes 3.0.

With the combination of our Anti-Malware ($24.95), Anti-Exploit ($24.95) and Anti-Ransomware (free, beta) technologies, we will be selling Malwarebytes 3.0 at $39.99 per computer per year, 20% less than our previous products combined and 33% less than an average traditional antivirus. As we did with our change from perpetual to subscription, we will grandfather in existing customers at their current price. We are still working out the details, but I assure you we will take care of all existing customers. As always, we will be keeping malware remediation absolutely free.

If you have any questions, please read the short FAQ below first and then ask away in this forum! Remember, this is beta software and should be used with caution.

Malwarebytes 3.0 beta download: https://malwarebytes.box.com/s/50ejcgpvqpmccj2r27n82btrxeftjm8w
 
I'm happy to report that my lifetime license still works with 3.0 and all premium features are activated. The UI sucks, but with these new features it's a decent upgrade.
 
I currently have both Anti-Malware and Anti-Exploit. Both are worth every penny. Both currently cost me $50/year. $40/yr seems a good deal.

Since I currently have Premium subscriptions to both, it will be interesting to see what the final "grandfathered' price will be.

I'm a bit puzzled by their claim, on the one hand, to be a replacement for existing AV programs and, on the other hand, they say they can co-exist with existing AV programs. It's a basic rule of AV software that you don't run two AV programs at the same time.
 
They believe that the combo of anti-malware,anti-exploit, anti-ransomware and web protection in one package is enough.

BUT
Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files. That means MBAM will not target; JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.

Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 and later specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).

MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.

MZ-binary.jpg


I will continue to use Windows Defender as I always have since Win 8.
 
Last edited:
Porthos said:
The believe that the combo of anti-malware,anti-exploit, anti-ransomware and web protection in one package is enough.

BUT
Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files. That means MBAM will not target; JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.

Until MBAM, v1.75, MBAM could not access files in archives but with v1.75 came that ability so it can unarchive a Java Jar (which is a PKZip file) but it won't target the .CLASS files within. Same goes with CHM files (which is a PKZip file) but it doesn't target the HTML files within. MBAM v1.75 and later specifically will deal with; ZIP, RAR, 7z, CAB and MSI for archives. And self-Extracting; ZIP, 7z, RAR and NSIS executables (aka; SFX files).

MBAM specifically targets binaries that start with the first two characters being; MZ
They can be; EXE, CPL, SYS, DLL, SCR and OCX. Any of these files types can be renamed to be anything such as; TXT, JPG, CMD and BAT and they will still be targeted just as long as the binary starts with 'MZ'.

MZ-binary.jpg


I will continue to use Windows Defender as I always have since Win 8.
Click to expand...

Which aspect of MBAM are you talking about? the live protection? The actual full scanner would have to target files that don't have MZ otherwise it wouldn't have wiped some of my older chrome extensions.
 
Porthos said:
If a browser extension is deemed bad (most likely a PUP) and added to the definitions it will detect and remove.
If you encounter such a file that you believe is a FP you should report it here for evaluation.
https://forums.malwarebytes.org/forum/122-false-positives/
Click to expand...
What im saying is those don't start with MZ so what are you saying is only scanning files that start with MZ? Are you talking about the live detection and not the full scan?
 
The only thing I am saying is it does not scan...
Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files. That means MBAM will not target; JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.

I do not work for Malwarebytes, And Like I stated before if an extension is targeted it is in the definitions and is targeted MZ or not and if you feel it is a FP report it to get reevaluated.

The ONLY point of my post is that they are claiming the new version 3 is an AV replacement is not good enough for me, I will still keep Defender active for myself and my clients.
 
This new version is buggy as hell. At startup it says that real-time protection has been disabled. If you click to enable it, the Malwarebytes service uses up 100% of your CPU forever. I left my system on for 6 hours and it never stopped eating up 100% of my CPU. i7-3770K. I ended up just killing the process and restarting, but the same thing occurs. I have to kill the process in order to use my computer normally, so real-time protection doesn't work. I'm hesitant to load this on my other computers due to this issue.

Also it refuses to check for updates manually. The only time it checks for updates is when it's scheduled to check for updates.
 
sapphirescales said:
This new version is buggy as hell. At startup it says that real-time protection has been disabled. If you click to enable it, the Malwarebytes service uses up 100% of your CPU forever. I left my system on for 6 hours and it never stopped eating up 100% of my CPU. i7-3770K. I ended up just killing the process and restarting, but the same thing occurs. I have to kill the process in order to use my computer normally, so real-time protection doesn't work. I'm hesitant to load this on my other computers due to this issue.

Also it refuses to check for updates manually. The only time it checks for updates is when it's scheduled to check for updates.
Click to expand...
Following up with Marcin's announcement of the beta of the new Malwarebytes 3.0, here is the current Known Issues list. If you run into any problems during testing that is not mentioned in this Known Issues list please do post it in this forum with repro steps so that we can investigate asap.

  • If you are running an earlier Alpha or Beta, and your upgrade to the public beta (v. 3.0.2) fails for any reason, simply uninstall the earlier version and then reinstall new version
  • The version listed in the Change Log for v. 3.0.2 is incorrect
  • The user interface can take a long time to load for the first time
  • There are a few issues around updates that we are still working on that could cause you to see an "Updates not current' message in the dashboard
  • None of the current MBAM 2.x "Support" tools such as mbam-clean, mbam-check, etc. will work with 3.0
  • Any User Access Policy created in MBAM 2.x is not migrated when upgrading from MBAM 2.x to Malwarebytes 3.0; a new policy will have to be created
  • In XP/Vista Malwarebytes 3.0 does not support Ransomware Protection
  • There are a number of performance enhancements still in the works, specifically around memory and CPU usage
  • The installer does not yet fully support all languages listed and text may appear garbled during install wizard
  • There are some translations that have not yet been incorporated into the product so if you switch to a different language from English some strings will still appear in English (localization is still in progress…)
  • Clicking the help ?s throughout Malwarebytes currently does not do anything
  • Some Recent Windows Insider Preview builds blue-screen at MB3's Web Protection
  • Custom Scan options are not persisted for subsequent scans
  • The “Warn user” setting for Potentially Unwanted Programs and Potentially Unwanted Modifications is not currently being honored; PUPs/PUMs will automatically be blocked if this setting is enabled
  • If you have the ‘Recover if missed by’ setting enabled Malwarebytes may attempt to scan after every reboot; simply uncheck the setting to stop this behavior
  • Restoring a large file (> 750MB) from Quarantine can cause UI hang in certain circumstances
  • If the UI is closed, context menu scan does not open up to scan page
  • New scans don't reset "Threats Quarantined" counter on Scan Summary page
  • The correct date and time format is not enforced when adding or editing a scheduled scan
  • Web protection can take a very long time to start in Windows XP after upgrade from 2.x
  • Managed Applications (Anti-Exploit) settings are not carried over but instead all Advanced Settings will be reset to the current defaults
  • Custom anti-exploit shields are not migrated enabled by default
  • Custom anti-exploit shields are not enabled by default
  • Website block notification appears multiple times on Windows XP
  • Windows Vista: Post Expiration Notification for manual renewal appears after each reboot
  • Exclusions list does not immediately refresh when editing or removing web exclusions
  • On Windows XP selecting a folder in Exclusions does not actually allow selecting a folder
  • Currently allowed to add a Domain Exclusion on Windows XP but since this is not supported it will be ignored
  • There may be some quirky behavior when resizing the user interface
  • Some dialogs that are improperly formatted with high DPI settings
  • Several minor design inconsistencies (spacing, font sizes, colors, etc.)
 
I have been running this on my test pc that has an i5-4430 with 8gb of ram for 2 days straight and haven't run into any cpu problems yet. I am able to check manually for updates as well. The only thing I found is that it says it has found 12 real-time detections but I am unable to find out what it detected.
 
I can see that same screen that it blocked the same website 4 times. I just was wondering if it showed all 12 detections anywhere or if it just blocked that one website 12 times and only listed it 4 times
 
Porthos said:
The only thing I am saying is it does not scan...
Malwarebytes' Anti-Malware ( MBAM ) does not target scripted malware files. That means MBAM will not target; JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files; MP3, WMV, JPG, GIF, etc.

I do not work for Malwarebytes, And Like I stated before if an extension is targeted it is in the definitions and is targeted MZ or not and if you feel it is a FP report it to get reevaluated.

The ONLY point of my post is that they are claiming the new version 3 is an AV replacement is not good enough for me, I will still keep Defender active for myself and my clients.
Click to expand...

What im saying is, the information you are presenting is likely incorrect...at least a tiny bit or out of date.

If you don't know why it would pick up extensions that are primarily .js (as far as I know) then just say so. Why you keep focusing on FP report is beyond me.

This should not be difficult for me to test myself so I will try to remember to do so when I get home.
 
ComputerRepairTech said:
The actual full scanner would have to target files that don't have MZ otherwise it wouldn't have wiped some of my older chrome extensions.
Click to expand...


ComputerRepairTech said:
Why you keep focusing on FP report is beyond me.
Click to expand...

If you feel a Chrome extension you use is being wrongly detected or any file for that matter you should report it.

A browser extension has a known targetable hash that is put in the detection database to be detected and deleted by scans and real time protection.

A JS, JSE, PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc. that comes randomly as an e-mail attachment are not put in that database or targeted because all they do is download malicious payload to execute and they change constantly. Its the payload MBAM adds to the database not the .js script or any other script file that downloaded it.
 
Last edited:
You must log in or register to reply here.

Similar threads

Porthos
Announcing Malwarebytes 4.0 for Windows
Replies
15
Views
2K
MDD1963
M
Porthos
Microsoft 365 apps say farewell to Internet Explorer 11 and Windows 10 sunsets Microsoft Edge Legacy
Replies
5
Views
4K
HankArnold
HankArnold
Porthos
Malwarebytes Acquires Binisoft to Expand Security Offering and Global Footprint
Replies
8
Views
1K
Porthos
Porthos
Porthos
Malwarebytes Acquires Saferbytes
Replies
2
Views
739
HCHTech
HCHTech
GTP
Predictions for the future?
2
Replies
30
Views
13K
NviGate Systems
NviGate Systems
Back
Top