[MBAM aces MRG rougue infection test]

FYI: Rogue Software Infection Prevention Test - MBAM 1.44 is #1.

http://malwareresearchgroup.com/

Admins, feel free to remove this and post up in the News section. I can't start a new thread there. Which is probably a good thing...

I just wanted to get the word out right away.

[Update intervals]

I think the only real problem with that would be the fact that newer definitions are often incompatible with older versions of the software.

Well, that makes sense but it also means the product update is more than a maintenance release. It's a product revison. Which makes my case.

Judging by the posts throughout this forum, I am certain the folks at MBAM are aware of the need for finer granularity and user control in the database and product update/upgrade process. I look forward to those improvements. (In the meantime, keep doing what you're doing!!)

The line between product code and "database" code is blurring. In fact, scenarios in other product arenas (ThreatFire being the most egregious) have shown a "signature" update can break the product. So my current opinion that unattended database updates are OK and those for the product are not may be a bit outdated and naive. But until protection code evolves to the point where the the two are one and the same (i.e. Zemana AntiLogger as an early adopter), users need the choice. At least some do...

@greyowl

Since you are, as you say, an individual of remiss, I am pleased your world affords you the luxury of trusting your computer to an unattended product upgrade/update. Because no one has ever released a bad revision. Ever. I, too, have been remiss in that I suggested a product feature that would disturb that trust. Let me revise that - I would like the option to set for manual product revisions/upgrades.

Thank you.

Oh boy. Only another 20 or 30 posts or so and I can edit my grammer and smelling pistakes!!

[MBAM Pro??]

Super Duper Mega Ultra version

Currently in beta. RC1 soon...

[Suggestions]

I wish MBAM could have more features like Super antispyware. tht would be awesome!!!!!!!!!!!!!!

Noooooooooooooooo!

SAS and others like IObit360 try to do everything for everyone and end up doing nothing well.

Malwarebytes... K.I.S.S!

Just continue your core excellence in detection/removal and don't booger up your app with secondary utilities. But if you do choose to do that, maintain a "light" version for Luddites like me.

I've just been on board a couple of days and I think I can echo the needs of my fellow users for a some UI enhancements:

1) progress bar for scans

2) additional granularity in update intervals

3) more date in the task icon hover box

And one of my own that I haven't yet seen here: separate the product and database functions; a separate button for each.

Thank you!

[Malwarebytes Poll]

I've been using Threatfire since its Cyberhawk days along side whatever AV solution I was running over the years. Last year I grew tired of dealing with its issues, especially with their Smart Update technology which started to get stupid.

I looked around for additional layer(s) to apply to G Data IS2010 which in my very humble opinion is the best suite ever. I found Zemana Antilogger in September and it passes muster and plays well with it.

Further research lead me to MBAM which I purchased a few days ago. So far so good except I don't think I like the database and product updates occurring within the same event. Unattended database updates, good. User evokes product update, good. Time will tell.

[Update intervals]

The optimal update frequency would likely be once every 2-6 hours though, not once every hour because although MBAM updates more than once a day, it does not do so hourly and I feel this would create much unnecessary traffic on the Malwarebytes' network and slow updates for all users.

Good point. I'll bump mine up from one hour to three.

While we're at it, today's 1.44 kinda threw a small wrench into the task manager works.

Database updates and program updates need to be separate events. I'd like to be the one to make the decision to upgrade the product, especially if it requires a reboot.

Thank you.

[MBAM Pro??]

I keep seeing references to MBAM PRO (signatures, postings, here and other sites/forums). Is/was there a Pro version? All I see on the site is Free and Full. There's only one paid version and that's Full. Correct?

Thank you.

[Sysetm Tray Tooltip Request]

After less than two days with MBAM Full I was thinking how nice it would be to see the Database version number and last update date/time in the systray icon tooltip hover box and wow here I find volvic's post! I'll get in line especially since I'm running an hourly /runupdate.

The updateshowdialog switch is OK but it would be nice if it closed by itself by way of a user set time period. i.e. /updateshowdialog t=30

Cheers!

[Fingerprints and realtime.]

@swagger & nosirah Thanks for your input.

Fully understood on updates being optimized, newer codes etc. etc. and not just "slapped on" top of the old stuff I was trying to keep it simple. The main goal of my inquiry was how the updates incremented and now I know. Since, as you know, some developers release even numbers to the public and odd numbers are for internal testing or vice versa. Some increment internals and release them when they're ready so the last one was 2.7.0.12 and the latest is 2.7.0.22 where the public never saw .13 thru .21. I like Malwarebytes' one-two-three schema.

Shortly after my post #6 I did build a task to check for updates every two hours using /updateshowdialog and it's working quite well. We've gone from 3499 since then to 3504 - in less than 24 hours. Excellent work by the folks back at the factory!

No doubt I'll be going to just /update real. Might even bump it up to one hour...

Anyhow, I think this thread can be closed. Cheers!

[Zemana Antilogger - can't create MBAM rules.]

As a sidebar, when I registered and boosted MBAM Free to Full, ZAL alerted for allow/block for mbamservices.exe and mbamgui.exe. I allowed and selected Create rule. Still no rules or log entries; same as the Free issue related in my previous post.

However, a third alert was evoked for IP FILTER DRIVER, services.exe (ipfltdrv.sys) which I allowed & create rule. Result? Rule created, event logged. But that's straight out of \system32\drivers\ via Microsoft.

So still no cigar for ZAL and MBAM, Free or Full.

Strange.

[Fingerprints and realtime.]

Let's look at some hard numbers. I know that on Dec 30 the fp file was 3458 and today it's 3499. That averages out to 7 a day if the releases do indeed increment up plus one each time. As such, considering the perceived critical value of updating, the default 24 hour cycle is inadequate. But, of course, it's better than not at all. I'm sure the developers realize this and that will be fixed in the next major release. In the meantime in light of that seven a day average and that I just bought MBAM Full, I think I might need something more than just a sticky note on my forehead as a reminder...

[G Data IS2010 and MBAM Full]

Thanks!

G Data Internet Security wraps the Bitdefender and Avast! engines in its own proprietary release which includes their in-house firewall. And a very nice firewall, at that. Unfortunately, just because Bitdefender and Avast! each might play well with MBAM Full doesn't mean it will with GDIS2010.

And I just might get to answering my own question as I just bought MBAM Full. After about 20 minutes... seems OK.

Cheers!

[G Data IS2010 and MBAM Full]

@AdvancedSetup

Thanks for the reply. I'm not experiencing any issues. Perhaps you thought the failure to garner results from the forum's search function to be a result of MBAM Full and Vista.

I did fail to mention I'm not running MBAM Full... yet. Sorry. MBAM Free - no problemos.

I'm just hoping some one here can hop on and "Yah. I been running them for six months smooth as silk, dude." before I buy Full.

And I'm not running Vista as my Sig indicates. Appreciate the info, tho. Cheers!

[Fingerprints and realtime.]

OK then... updates for realtime, critical.

@Firefox: some vendors and developers don't release incremental updates so nicely in numerical order which is why I asked about that. That the latest release would include and wrap up previous updates should be expected. I have been keeping an eye on the MBAM updates over the last eighteen hours or so and they've gone from 3495 to 3499.

There is a madness to my questioning. I have noticed from a screen shot and info I've gathered at other sites that once Free is registered and boosted to Full, under the Protection tab there is an option to select a 24-hour only update check at a top-of-the-hour time of the user choosing.

Once every 24 hours. Doesn't quite jive with the urgency at which Fingerprints updates efficacy is indicated, does it?

Hopefully there will be a version cut soon which will allow greater update frequency (I would prefer every hour, like G Data permits).

It would, in the meantime, behoove Full users to update Fingerprints manually whenever it comes to mind. If I buy it, I'll probably put a sticky note on my forehead.

Cheers!

[Fingerprints and realtime.]

Without considering IP Protection, with respect to realtime in MBAM Full, how critical to the effectiveness of protection is the role of fingerprints updating? Put another way, does realtime protection depend 100% on fingerprints?

Fingerprints increments... if one has database 3495 and the next day updates to 3498, were there a 3496 and a 3497 that were "missed"?

Thank you.

[G Data IS2010 and MBAM Full]

The forum's search function won't allow a search for G Data or "G Data" because one or all of your search keywords were below 4 characters. Searches on gdata and g-data don't return much outside posts of endless listings of every OS path, registry entry and GUID ever known to man.

So, can anyone vouch for running MBAM Full realtime under G Data Internet Security 2010 without issue?

Thank you!

[Zemana Antilogger - can't create MBAM rules.]

I am running Zemana AntiLogger 1.9.2.162 under license along with MBAM Free in Windows XP Pro SP3.

I have been using MBAM Free for quite some time and ZAL since August. Since the former was run only occasionally, I never evoked the creation of a permanent rule for mbamswissarmy.sys and mbam.exe. However, in my recent decision to consider the purchase of MBAM Full, the last time I ran a Free scan I decided to check the ZAL Create rule option...

I have observed that rules for MalwareBytes Free are not created (the events don't even show up in the log). I made several attempts to do so on my production system. I have a laptop that is also running WinXP Pro SP3 where I installed a trial AntiLogger, created several rules and then cleared the logs. I then ran MBAM where I duplicated the issue observed on my production system. Please see the composite of screen shots; clearly I allowed two create rules and neither showed up in the Rules List or Logs record. As you can also see, I have no problems with rule creation for other apps.

I was able to try a friend's computer which has no similarity to mine but that it's running WinXP Pro SP3. (A few weeks ago I installed MBAM Free 1.42 for her.). I downloaded and installed the trial ZAL and observed the same exact issue I experience on my own two computers - no rules or logs for the two alerts. I upgraded her MBAM to 1.43; no difference.

Zemana's Web site vouches for AntiLogger compatibility with Malwarebytes and I detailed my issue for their support. The response was they could not duplicate it.

My concern is particularly with respect to MBAM's realtime protection. While interacting with ZAL every time an on-demand scan is evoked every so often is merely an inconvenience, such behavior for realtime is not acceptable.

Unless a realtime event would not evoke the Type 12 and 7 alerts as does the on-demand function.

Any thoughts? Insights? Thank you.

[Manual Updates, need clarification.]

Quotes from Common Issues, Questions, and their Solutions, Section A:

ISSUE: I need to get the latest database onto a computer that cannot access the Internet. SOLUTION: You can manually copy the database from a working computer using a flash drive or CD onto the infected PC. Our database file is stored in the following locations...

One would assume this needs to be done when MBAM is not running??

You can also download a manual update from... NOTE: This manual update will always be way behind in version level compared to updates from within the program.

Way behind? Why? How much is "way"?

Thank you.

[Full Version trial DownLoad]

Thanks, TecMerc. I'm assuming that's within a reasonable time period like 30 days and the refund is immediate with the customer's say-so as just cause.

As of this point in time, Zemana AntiLogger will not write persistent allow rules for MBAM's driver loader and memory access when evoking a scan. I am considering the purchase of MBAM Full especially since the Zemana Web site vouches for compatibility. My concern is particularly with respect to the realtime protection module. While interacting with ZAL every time an on-demand scan is evoked every so often is merely an inconvenience, such behavior for realtime is not acceptable. Outside of the rule generation issue, once Allow is selected for ZAL's two alerts, MBAM free works fine.

I've entered a bug report with Zemana and I'm awaiting their response.

Happy New Year

[Full Version trial DownLoad]

No, I'm sorry there is no full version trial for consumers.

Even though the lifetime license is quite an attractive deal, what is your refund policy?

I can't find anything on the Web site explaining that.

Cheers!