dallas7
-
Posts
74 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by dallas7
-
-
I haven't updated yet.
-
I haven't done it yet.
-
(Running MBAM Pro on an E8400 tower WinXPproSP3x86 and on an i5 laptop Win7hpSP1x64.)
I have come to notice, ever since the latter became an option (and still with no reference in Help), that having "Download and install program update if available" unchecked and "Notify me when a program update is ready for installation" checked serves no purpose. The juxtapostion of these items imply exclusivity. The "notify me" should be indented as it is dependent on the former, that being "automatic" but not called out as so. This could benefit also from an third option to just notify there's an update available.
Cheers.
-
BTW: no Windows Firewall, no other anti-anything or any third-party apps running.
-
With respect to the Avast/ZoneAlarm charges, just for the record:
When I learned of the release of 1.60.0.1800, and before knowledge of issues posted up here, on my XP Pro SP3 system I disabled startup for Emsisoft A-M and Online Armor Premium and set their services to Disabled. I rebooted and allowed MBAM Pro 1.51.2 to update itself. With no changes to EAM and OAP, this was the result upon initial and subsequent restarts:
Event Type: Error
Event Source: Application Error
Event Category: None
Event ID: 1000
Date: 12/28/2011
Time: 1:28:17 PM
User: N/A
Computer: snip
Description: Faulting application mbam.exe, version 1.60.0.59, faulting module mbamcore.dll, version 1.60.0.52, fault address 0x00060ae0.
I proceeded with the usual MBAM fix-all and can report it's all OK with EAM and OAP fully functional as well.
On the other hand, the self-update worked on my Windows 7 Home Premium SP1 system.
Repeat: Just for the record. No reply expected. Thank you.
-
Well, that puts an end to my "fun with MBAM Pro updates" tracking.
Tho the dated format is a really good and welcome move.My initial install of v1.44 on January 30, 2010 started with database 3458. And the last one I noticed was yesterday's 8406. That calculates out to a most excellent average of seven updates a day - a rate unmatched by almost everyone else in the industry.
Looking forward to v1.6.
Good luck and best wishes to the Malwarebytes crew in 2012 and beyond!
-
So I am asking - is MBAM fooling us?
No. They just fooled... you.
And if you opened that "empty file" with a hex editor, guess what? It's not empty. You yourself call it fake and you're faulting MBAM for flagging it? If you don't like that it's categorized as a tojan-agent then suggest a better type.
I'd come up with something a bit more descriptive myself (and unfit for polite company) if I spotted a svchost.exe file in the root of C: as would screen317 I'm sure!
MBAM worked just fine in this instance. I think... I could stand to be corrected.
Cheers.
-
So feedback and update announcements for the 1.51 beta(s) are going to be uncategorically glommed into this one big long rolling topic instead of being another forum under the Beta Test Program (as were 1.45, 1.46 and 1.50) where stuff could be discussed separately?
-
I've never gotten the realtime updates to work since updating 1.46 from 1.45 and the problem persists in v1.50.
I tried everything support threw at me back then to no avail. They concluded the issue with:
One user out of millions is not suitable to do any type of conclusive troubleshooting and effect changes to the software.
To make any changes to software based on one user would be irresponsible to the other untold millions who don't have the issue.
If we have a batch of users to collect and harvest data, we can compare to try and find a commonality.
I can forward that email to anyone of importance at Malwarebytes. ROFL.
Fortunately, the hourly update runs OK. This is an adequate level of protection.
-
Realtime updates has never worked well for me beginning with 1.44. It seems to work OK for a while then just stops.
I opened a ticket for 1.45; this was the response: "We've been looking into some few systems which exhibit this and are attempting to recreate it." And that was it.
Seeing the same behavior in 1.46, I opened another ticket and: "So far you're the first, we'll see who else surfaces. One user out of millions is not suitable to do any type of conclusive troubleshooting and effect changes to the software. To make any changes to software based on one user would be irresponsible to the other untold millions who don't have the issue."
(I can back this up with ticket numbers and email forwards.)
Currently I consider it a broken feature and since the hourly update repeating every 1 hour with a 1 hour recover works A-OK, I'm satisfied I got my money's worth. You know, me being just the one of the untold millions.
-
With full deference
to both of your "Forum Deity" status' and high post counts, your reading comprehension skills and knowledge base beyond mere fundamentals are clearly deficient. Kudos on the copy/paste and screen cap expertise, tho. Not even the red text made it through. I mention "...selectable "Enable advanced heuristics engine" item in Scanner Settings" and a response is a screen shot of same. The April 10 quote has no relevance whatsoever to this thread. Permit me to update you under-informed gents on the status, or rather non-status, of Shuriken. From the boss, May 29:
http://www.wilderssecurity.com/showpost.ph...mp;postcount=30
Just wanted to clear a few things up. It is correct that the setting for Shuriken has been included since version 1.46, but it will not actually do anything until we activate it in the database updates. We want to limit false positives when we do release so that is why we have been taking our time and doing it right! Shuriken will be a multi-purpose heuristics module that, in the beginning, will only add a slight improvement to our detection rates. As time passes, we hope to make it very powerful.__________________
Marcin Kleczynski
Malwarebytes President and CEO
Interesting that one needs to get this info from another forum. But over here is the same info from a staffer:
http://forums.malwarebytes.org/index.php?s...st&p=257635
Shuriken has not yet been integrated as it is still in limited testing. I'm sure that once it comes out of testing and gets integrated there will be an official announcement from the developers.It sure would be nice to have some kind of response from Malwarebytes as to a target date for the implementation of Shuriken other than "it'll be ready when it's ready" rather than misinformation from the "Forum Deity" gallery.
Thank you and Cheers!
-
Malwarebytes 1.46
-
Well, isn't all that just peachy freaking dandy?
-
Okay... 4150 just rolled in.
Is there any indication, in the GUI or post-scan or otherwise, that Shuriken is doing its thing?
Thank you.
-
It's been several weeks since the Shuriken beta database testing back in April.
Have the data been integrated in the latest rules.ref files yet?
Is Shuriken active??
Thank you.
-
[quote name='Fran
-
This might sound like a dumb question, but I don't yet see any mention of it in this thread: Do you have "Start protection module with Windows" checked or unchecked??
-
Any mail from Malwarebytes should be via internal PM and not Emails - There are too many scam Emails
This "Forum Deity" (like that carries any weight) stands to be corrected. Will no one from Malwarebytes post up to say that the email I (we) received from your company was not a scam?
-
why are we discuss about crap software
we are not discuss about crap but we are discus spelling an grammer just like their doing hear an over they're at wilduhs secudiddy forim lol thak you very nice what are your talking about no i kid vary well done thanks lol
-
@exile360: I use Process Explorer and TCP View (both by Sysinternals) and Winterholler's NetMeter. But as stated in my OP, I haven't had much luck in timing my attempts to observe the behavior I'm interested in. Fortunately, I've been busy lately which is why I posted up here on this. Thanks for the tips, tho.
@AdvancedSetup: I don't see anywhere in the MBAM Pro/Full/Paid GUI that jumps out at me on restarting the Protection Module.
I see thread(s) here where the discussion centers on updating unconnected systems for the free version of MBAM. Of course, you copy the file over and then open MBAM.
I'm still in the dark on what's involved in getting Protection to recognize a new rules.ref file when it's dropped onto an unconnected system.
@AdvancedSetup: how do you restart the Protection Module?
Thank you.
-
Thanks for the reply. However, I can only guess at what you mean by "file not open for lock" nor am I asking or needing you to explain. In re-reading my original post, there is no mention of scanning either.
My questions still remain unanswered.
Let me rephrase: on an unconnected system running MBAM with Protection, a new rules.ref file is copied into its directory. Does Protection immediately begin to use the new data? If not, what further step(s) must be taken to do so?
Thank you!
-
I'm curious about how that works in respect to dropping the new file manually onto a system with no Internet (LAN only) connectivity.
Oops. That should read: I'm curious about how that works in respect to dropping the new file manually onto a system running MBAM Full with Protection with no Internet (LAN only) connectivity.
-
I haven't had much luck in timing my attempts to observe what happens when a new rules.ref file arrives while running MBAM Full with Protection on a system with Internet connectivity.
Does MBAM just "know" the old one got replaced?
Or does MBAMService stop and start after its arrival?
Or what?
I'm curious about how that works in respect to dropping the new file manually onto a system with no Internet (LAN only) connectivity.
OK. I lied. I really want to know because I'm a Geek and lie awake at night wondering about this.
Thank you!
-
Tho the dated format is a really good and welcome move.
Show in results list and check for removal is selected
in Malwarebytes for Windows Support Forum
Posted
Source:
-http://forums.malwarebytes.org/index.php?s=&showtopic=67525&view=findpost&p=344348-
"The default settings are as follows:
PUP: Show in results list and do not check for removal
PUM: Show in results list and check for removal
P2P: Do not show in results list
If running the PRO version, any item where Show in results list and check for removal is selected, it will also be detected by the protection module upon execution while items with either of the two remaining options will not." (Underline mine.)
Is this still valid in Pro 1.65?
Thank you.