Jump to content

Falkra

Honorary Members
  • Posts

    543
  • Joined

  • Last visited

Posts posted by Falkra

  1. Hi,

    I use MBAM on a limted vista account, and usually run it limited. When there is an update available it seems to download the update but it downloads the one I currently have, and says I am updated.

    However, if I 'Run as Admistrator' and try to update, it actually updates itself to the most recent database version.

    This is like generating HijackThis reports with Vista : the first report file is generated with no special rights (run HijackThis by double clickling the executable), and it creates a hijackthis.log file. But then, if you don't use right click => run as... => administrator, it will not overwrite the file and update to a new report, because Vista won't let it write on the existing file, unless you run HJT with admin rights.

    Being here the same filename (I don't know exactly how the downloaded file overwrites the old one), it keeps your old database.

  2. How did you hear about Malwarebytes' Anti-Malware?
    Like some others, I watched the early stages of development, when everything started. At the beginning I was surprised, then, when I saw results, I got addicted. :lol:
    Why were you looking for a product like ours?
    Other software (antispyware/malware) have obsolete conception and give up when there are big infections, or cannot cover the whole process so the malware regenerates after rebooting. Malwarebytes cleans everything, for rogues, and "big" infections. That's just the needed efficiency, against current most sophisticated malware.

    In addition, a product that doesn't frighten users about cookies or MRU, and takes care of what is really important and harms directly the OS shows what has priority.

    MalwareBytes' heuristic, and the responsiveness of the team are just outstanding, and the way this forum works deserves compliments. Thanks to the admin/moderator team.

  3. Hi,

    this is a Windows setting, that some malware modify. Therefore, this modification, that is not directly harmful for the OS, is flagged by Malwarebytes.

    This also has been discussed here, refer to Nosirrah's post :

    http://www.malwarebytes.org/forums/index.php?showtopic=12349

    If you tweaked this setting and want to keep it, you can ignore detection. If you don't know what this setting does, you can safely remove it. It will be quarantined, and can be restored, if necessary (although it shouldn't).

  4. Avira has better responsiveness than AVG, on top recent malware files, that are detected before AVG does.

    However, the teams react fast, when you upload files to them. AVG is good. People use to prefer Antivir to AVG because of memory usage (AVG needs more).

  5. In addition, I would recommend to stop all internet activity, including network widgets, background tasks, and avast's web shield, before any tests. Emptying caches or running a first test to put everything in cache may be an option, since your first test was not so good, and the second was much better. There are lot of things to compare before being certain.

  6. Hi,

    well you can look at these :

    668121.jpg

    9804662.jpg

    The same test gave me 333 mbps on the same server, but I have 16, in fact, so the bandwidth test may be questionnable :

    7411853.jpg

    Maybe your bandwidth problem is simply not everyone's problem.

    You have experience, that's good. Please be polite, and note that IP filtering is a new feature, and MBAM is not officially compatible with Windows 7.

  7. Hi, B)

    MalwareBytes is defined as an anti-malware program : it detects and removes malwares, that it to say malicious programs and files that some antivirus don't detect or can't fully remove.

    You can (and should) have an antimalware program as well as a resident antivirus protection. Both are complementary, even if some malwares are detected by antivirus, and some virus can be detecteed by antimalware programs. Both database types are different and don't look for the same things, there are common detections, but the common part is not really substantial.

    Where an antivirus stops detecting things, an antimalware program will take over. You need an antivirus, and an antimalware, to have a second line of defense.

  8. Hi,

    a user on disinfection forum came with msvcrt2.dll as Trojan.Donbot.

    I asked him for a virustotal check, negative 0/41

    File size: 102582 bytes

    MD5...: 1a7f3ee99520dbece26a1fdeef958ecd

    VT report link.

    Here is the developer log, with up to date definitions.

    I can probably get the file, if you need it.

    Malwarebytes' Anti-Malware 1.41

    Version de la base de donn

  9. Bingo, which I why I love Kaspersky and MBAM :) .

    This is the human factor, so do I. :P

    However, did you say somewhere that Kaspersky requires more user knowledge than most other AV's?

    For Kaspersky, well yes it may require some knowledge, or be considered as an advanced tool, but it is still a product for home users, with the needed features like reversibility (quarantine, backups) and support/help. :)

  10. Hi, I have to quote because the questions are far away now. :)

    What do you suggest for settings for a user who knows little to nothing about an AV program? I am not there that often to keep an eye on the AV, so I would like to set it up to run as smoothly as possible with little user interaction needed, whilst providing maximum protection and user benefit to the system.
    The default settings are ok, and it allows some user interaction. If the user is not sure, when a file is detected, the best thing to do is to quarantine it. This way it can be restored, in case you need it.
    Thank you for the heads up on the update servers. I found this out partially last week when I was trying to download the setup for this computer; I had to delay my working on the system until tomorrow because of this. Do you know, when there is a delay in the updating of the AV on the free version, if it will come through eventually?
    The delays look like poor bandwidth, or too much connected users at the same time. Most times, the delays appear when a big update is pushed on the servers, like a program update, of some Mb, instead of the database updates (some Kb). Things get back to normal after 2 days, usually.
    The test reports I have been reading have listed Avira as being top in detection , But they always drop its position due to the amount of FP's
    True, because Antivir uses a heuristics a lot, and the protocol used to test (it is readable) doesn't really use the positive aspects of heuristics.

    Like every comparative, we have numbers, percentages, but this doesn't reflect the way we use antivirus software, in my opinion. It is good to compare, but what will make an antivirus better than another, at a precise moment ? Reactivity. Response.

    In my opinion, one of the most important points cannot be compared easily, or computed to a percentage : the speed of the updating teams, the programers who add new signatures to the databases, and this makes difference. If you have a great antivirus engine, but you don't feed it, it's useless. When a new infection spreads, teams must react fast, get samples, classify them and push updates.

    What malware infects computers ? The top-latest one, not the early variant that is 7 days old.

    This is difficult, quite impossible to compare, but very important.

    I sent infectged samples to editors, and I can see how fast they add them, or if they detect them already. Avira is good. Alwil (Avast) is not. they even don't answer my e-mails, and don't update detections, even on big infections. Avast is good, but the definitions are updated too late, as far as I see.

    When you get FPs, send samples to the editors, they fix it quickly. I can post the link for Avira, if someone want's it, there is an online form.

  11. Hi mountaintree16,

    I have been using avira on a computer for more than three years or more, mostly the free version, and sometimes the full version, when there are special offers to get a free 6 month full licence.

    And it seems like Avira is having a lot of FP's?
    There are FPs, indeed, but as far as I see, in an acceptable range. I mean with heuristics set to medium level (it's default setting).

    I send files to editors, and Avira reacts quite fast, and in a accurate way, including false-positive delisting requests, as long as you provide information, urls, and the file with some explanations.

    I don't use Vista on that computer, so I can't tell you about how Vista and Antivir react together, it should be ok.

    Does Avira need much user interaction?

    Anything else I should know about Avira?

    The interaction can be reduced : there is a built-in scheduler (included in the free version) to set up automatic updates, and the interactions when detection something can be configured, so you can choose to set it to a fully automatic mode (not recommended for antivirus, usually), or an interactive mode, then it asks you what to do.

    Antivir v9, when doing a full scan, now reports a summary at the end of scan, so you can scan and forget, then see everything. Before, you had to answer after each detection, and the automatic feature was only available after the first detection (checking "use this decision for further detections"). This is much better now.

    One problem is that the update servers of the free versions are slow, and sometimes you just don't get the files. This doesn't happen with the paid version.

    Things are a bit better now, but it is a known problem.

    I'd like to suggest you a real test. Since there is a free version, you can test it on your machine for free, and see how it works and interacts with your os, your specific hardware and software. This way you will be able to decide if it is ok, and perhaps get a paid version, or go back to another product.

    The detection engine is good, and very well updated.

  12. Thank for your posts, you're welcome. :)

    You're right, a lot of people do seem to be obsessed with memory usage.
    This is a logical evolution. Before windows 2000 and XP, the memory managers were not really good, or to be precise, not adapted any more to what people started to need, and how programs were changing. To compensate or fix the issues, a lot of programs appeared, like memory optimizers, registry fixers (norton utilities was one of the first home products to have one), and people started to fix things and optimize.

    At the moment, cleaning temp folders, "defragmenting" ram and some other operations made sense, but the OSes got updated and fixed a lot of things. OSes change faster than habits, and a lot of us remember times when we had to check memory usage, or when friends did and told them. Now, depending on hardware capabilities and memory amounts, this is not really necessary, but it can be fascinating, and watching memory usage isn't bad at all, but Windows itself handles it quite well, and when the programs are well written, they free memory when they don't need it.

    In the last changelog, i can read :

    # (FIXED) Drastically improved product load speed on slower machines.

    # (FIXED) Improved memory usage in scanner and protection module.

    That's enough for me : the developer team didn't forget slow machines users, and gave to all of us more performance (the database optimization also was great). :)

  13. Well, screen317 said it better using the words I should have used in my previous post. :)

    I think a lot of people are obsessed by memory usage, because they have enough knowledge to test programs and see how they work. This is good.

    The bad part is that knowledge can create problems, let's thiink about optimization, for example. Some people use memory/ram optimizers, to "defragment" ram, but the NT6 kernel handles (quite) correctly memory segments, and this is not really useful, it can even cause trouble. Some try to get the shortest HijackThis report, but this is only good-looking when you make a report : if you don't notice any significant difference while using the computer, it is (in my opinion) useless.

    When you take half an hour to fully optimize your computer, and it boots faster, let's say 2 seconds faster (which is good), you have to boot 1800 times to get back the time it took to optimize. Performance is not the point here : if you get something, it might be knowledge. I may be wrong and this is my conception - there are others, as legitimate as this one - of what is worth trying or not, and how I use time on a computer, but if there's no trouble or excessive memory usage (for example memory leaks that have to be fixed), I think there's nothing special to do, except upgrading hardware from time to time or look at the OS version itself.

    30, 40 Mb, I think this is okay, if I compare to other software and I think about the features I get.

  14. Hi,

    NOW I WANT YOU ALL OTHER (...)
    I don't think this is necessary.

    mbamservice : 30 Mb here (XP), loading fast and fine. Agreed, Swagger, this is not bad, and if we compare to some browsers, antivirus, firewalls and some security suites, it's even good.

    Now everything depends on how much memory you have. I have 4 Gb, and I really don't care. If you have more than 1Gb (for XP), usually you even don't need to look at memory, especially when it loads fast. If you experience slow downs, this may be related to the OS itself or other programs.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.