Jump to content

Re: Recent Info/News on False Positives & Other Fixes for Malwarebytes FREE Version

fryerlawrence
 Share

Recommended Posts

fryerlawrence

fryerlawrence

Posted
Posted

I was in the midst of fixing another issue when I came upon the "False Positives" news and other information about Malwarebytes accidentally deleting files etc. I do not believe I have any "problems" per-say, however I as well as others may want to make sure that we have all the patches/fixes that we need or do not need.

Regarding any "Fix-it" tools that Malwarebytes has:

1. If learning of this for the first time,and if no problems have occurred to date on our computer, do we need to make sure that we have any "fix-it" tool necessary from Malwarebytes to make sure that the installed software is up to date or will not affect our computer? (e.g. The recent "False Positive" that was in effect for only 8 minutes. Right now I doubt if I got that update because I only run Malwarebytes Free maybe once a week [if I can remember...lol])

2. Or is this taken care of 100% through the normal updates processes from your server when you just simply open the program?

3. I have been noticing that Malwarebytes is taking about one hour and thirty minutes to scan everything. Is this normal?

Thank you,

-fryer

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Greetings :)

1. No, it wasn't a patch which was issued. The fix tool itself merely restores all objects from quarantine and is only needed if the false positive occurred on your system. You would know if it did as tons of your computer's files would have been quarantined and many programs (likely including Malwarebytes Anti-Malware itself) along with many components of your operating system would not be functional.

2. It is taken care of 100% through normal updates. A bad database was released. Within 8 minutes of the bad database being released, the update was pulled from our servers and a corrected database was released to replace it, so anyone who missed this bad database would not be affected by this issue (see point 1. above to determine whether or not you were impacted by the bad database).

3. Yes, the time required to perform a full scan varies greatly, particularly between different systems. We generally recommend the quick scan as it is specifically engineered by our research team to look for malware where it likes to hide. They determine this by testing live infections on their test systems and analyzing its behavior. Any time malware finds a new place to hide, they add that location to our quick scan through our database updates.

Link to post
Share on other sites
fryerlawrence

fryerlawrence

Posted
  • Author
Posted

Greetings :)

3. Yes, the time required to perform a full scan varies greatly, particularly between different systems. We generally recommend the quick scan as it is specifically engineered by our research team to look for malware where it likes to hide. They determine this by testing live infections on their test systems and analyzing its behavior. Any time malware finds a new place to hide, they add that location to our quick scan through our database updates.

Good morning...lol... I see you are still up. Wondering if you are hittin' da joe? ranger_zps453121f8.gif

Thanks for the quick reply again. Just curious. Perhaps I am too much of a "worry wart"... I do like making sure that all my files a scrubbed and shiny clean. I want to help in any way I can...

Does your gurus receive the same info if a full scan is done as well? Or is it more better-er (yes I made that word up...lol) just to run a "Quick Scan" daily and do a full scan... Every Other Day...Weekly... Monthly?

Tanks,

-fryer

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Good morning...lol... I see you are still up. Wondering if you are hittin' da joe? ranger_zps453121f8.gif

Thanks for the quick reply again. Just curious. Perhaps I am too much of a "worry wart"... I do like making sure that all my files a scrubbed and shiny clean. I want to help in any way I can...

Does your gurus receive the same info if a full scan is done as well? Or is it more better-er (yes I made that word up...lol) just to run a "Quick Scan" daily and do a full scan... Every Other Day...Weekly... Monthly?

Tanks,

-fryer

Hehe, no java here, just Coca Cola :P.

To put it in the words of our lead researcher, Bruce Harrison (and I'm paraphrasing here, so it's not exactly word for word): We've never seen the need for running a full scan. A quick scan should catch 100% of active malware on the system.

In fact (and these are my words), the only exceptions I can think of would be if you had downloaded a Trojan (the installer/dropper for malware) deliberately using your internet browser and saved it to a location on another hard drive.

In all honesty, the only reason we even include a full scan option in the product is because we know that that's what users expect in a scanner: the ability to perform a 'full scan' and check every single file and folder on their system.

I've never seen a need for it myself and never use that option. I only run quick scans on my systems, and that isn't very often since I have the Pro version so I know that in all likelihood if anything did try to install that was malicious, the realtime protection would have nailed it before it ever got the chance, thus preventing the need for a scan. That's not to say that it's a bad idea to scan every once in a while, and for users who do high risk things with their computers such as clicking unknown links in search results to sites they're not familiar with, filesharing through peer-to-peer applications and opening email attachments from untrusted sources, then it's a good idea to scan more regularly, such as once a week, or possibly even once a day if you're paranoid and want to make doubly sure.

I personally still see no use in the full scan, though I can certainly see how it would offer peace of mind, so I'm not going to tell you not to use it. I just don't expect it to ever find much, if anything, that the quick scan would not have.

Link to post
Share on other sites
fryerlawrence

fryerlawrence

Posted
  • Author
Posted

Thanks for the info. I feel smarter-er already. BigGrin_zps46b93ca0.gif

Especially when the bad guys waste so much of our precious and valuable time that could be better spent on things like...well... learning how to fly jets buzzdatower_zps343c7b45.gif... or even learning underwater basket weaving for left handers. LMAO_zpsf18d5ce0.gif

Just in the last day and a half of talking with not only you and a couple of cool volunteers I feel piece of mind and much safer-er; really enjoy sharing gold nuggets of info with each other. (I think the -er addition btw enhances a word very nicely...lol)

Thank you exile360 and all again for bravely fighting the good fight of faith that perhaps one day soon we will be seeing the bad guys waving da white flag. yield_zpsbe166b6e.gif

Thanks a whole bunch again,

-fryer

Link to post
Share on other sites
exile360

exile360

Posted
Posted

MBAM Pro claims that is compatible with any other AV because scans “on execution” and not “on access”. Shouldn’t an active malware be detected by the normal functionality of MBAM Pro rather than a quick scan?

In fact (and these are my words), the only exceptions I can think of would be if you had downloaded a Trojan (the installer/dropper for malware) deliberately using your internet browser and saved it to a location on another hard drive.”

Is a common practice to have your HDD partitioned in such a way to keep Windows and all other programs on one partition (easy to image or restore from an image) and all your other staff ( pictures, documents, songs, movies,) on the second partition.

When I download something I automatically save it on a second partition ; with this strategy in place (We've never seen the need for running a full scan) MBAM will never have a chance to catch whatever is on a second partition.

Thanks,

Proton

Yes, that's correct. The Pro version will detect and quarantine a threat regardless of its location, so even if you saved/executed a Trojan dropper from a secondary partition (or even a second hard drive) it's still going to catch it :).

If you're a user of the Free version and you use such a practice, an easy way to take care of that second partition or drive would be to either open My Computer or Computer (depending on whether it's XP or one of the newer Windows versions) and right-click that second drive and choose Scan with Malwarebytes Anti-Malware or simply use the full scan option and just check the box next to that secondary partition/hard drive (both methods have the same effect).

That being said, if you use the free version and you've already executed the dropper, its files are going to be installed on your main partition with your OS and programs, and in all likelihood the dropper will have removed itself (that's how most of them work these days, you run it, it does its dirty work then eradicates itself from your system) and again the quick scan will catch all the nastiness it left installed.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Thanks for the info. I feel smarter-er already. BigGrin_zps46b93ca0.gif

Especially when the bad guys waste so much of our precious and valuable time that could be better spent on things like...well... learning how to fly jets buzzdatower_zps343c7b45.gif... or even learning underwater basket weaving for left handers. LMAO_zpsf18d5ce0.gif

Just in the last day and a half of talking with not only you and a couple of cool volunteers I feel piece of mind and much safer-er; really enjoy sharing gold nuggets of info with each other. (I think the -er addition btw enhances a word very nicely...lol)

Thank you exile360 and all again for bravely fighting the good fight of faith that perhaps one day soon we will be seeing the bad guys waving da white flag. yield_zpsbe166b6e.gif

Thanks a whole bunch again,

-fryer

You're very welcome, I'm glad to be of service :)!

I don't see the bad guys giving up any time soon unfortunately. There's a lot of money to be made off of infecting machines sadly, and they have a lot more money behind them than we do. Malware is big business with everything from spam, harvesting personal info/accounts etc. to creating and selling botnets. We're massively out-financed by them (they have way more money than us), so we have to be clever and use the brilliance of our developers and researchers to try and stay a step ahead of them.

Link to post
Share on other sites
fryerlawrence

fryerlawrence

Posted
  • Author
Posted

You're very welcome, I'm glad to be of service :)!

I don't see the bad guys giving up any time soon unfortunately. There's a lot of money to be made off of infecting machines sadly, and they have a lot more money behind them than we do. Malware is big business with everything from spam, harvesting personal info/accounts etc. to creating and selling botnets. We're massively out-financed by them (they have way more money than us), so we have to be clever and use the brilliance of our developers and researchers to try and stay a step ahead of them.

and squeeze them like this --> squeezedem_zps8f0e2677.gif

and slap dem silly! slappindemsilly_zps72a8b5d1.gif

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.