Jump to content

MBAM questions.

Guest ROCKNROLLKID

By Guest ROCKNROLLKID
in Malwarebytes for Windows Support Forum

 Share

Recommended Posts

Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

I don't know if this is the right place to ask and I am sorry if these questions have been asked a million times over again, but I found no answers to these questions.

1. Will MBAM release a native 64-bit edition so it is capable of removing 64-bit infections?

2. Will MBAM add a anti-virus engine in it as I think MBAM will be topline if they do?

3. Will MBAM ever use cloud database? I, personally, will be against this as I think cloud based are very inefficent.

Link to post
Share on other sites
Wide_Glide

Wide_Glide

Posted
Posted

Hello ROCKNROLLKID,

Will MBAM release a native 64-bit edition so it is capable of removing 64-bit infections?

I have had Mbam running on a 64 bit system for several years now with no issues

From their Website

  • Software Requirements:
    • Windows Vista/Windows 7/Windows 8 (32 bit and 64 bit)
    • Windows XP Service Pack 2 or Later
    • Internet Explorer 6 or newer

    [*]Hardware Requirements:

    • 256MB of RAM (512MB or more recommended)
    • 800MHz CPU or faster
    • 20MB of free hard disk space
    • 800x600 or greater screen resolution
    • Active internet connection for database and product updates

Will MBAM add a anti-virus engine in it as I think MBAM will be topline if they do?

Many of the Staff have responded to this and as of now, they have no plans to do that.

Will MBAM ever use cloud database? I, personally, will be against this as I think cloud based are very inefficent.

If Mbam uses it's own server for this(IF it would even happen), I see no problem. Mbam has my trust 100%

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

1. That is not what I mean. I mean since MBAM is not native 64-bit and it only has certain drivers to detect it as 64-bit, it will not stop 64-bit infections. If you happen to make a native 64-bit program me aswell as many of my friends will be willing to buy licenses from you guys, but untill then I see no purpose as it won't stop 64-bit infections anyways. Just something to keep in mind.

 

2. Okay thanks for clearing that up.

 

3. It's not the fact that I don't trust MBAM, it's the fact that, call me extreme paranoid but what if a hacker got into the main cloud database and sent some infections throughout the server, then a million users are now infected, or what if the cloud crashes or shuts down unexpectly and someone is surfing the web and ends up getting infected because the cloud we not online to stop it. Unless it can download an offline database, which then I see no point, I am totally against it.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Actually, a 32 bit application is capable of detecting native x64 malware. It's simply a matter of using the appropriate APIs and methods to do so. In fact, Malwarebytes Anti-Rootkit BETA already has this capability. It removes native x64 rootkits, including their drivers. Aside from such rootkits, I know of no other native x64 infections in existence. Malware authors tend to stick to x86 when possible since it's easier and compatible with both x86 and x64 platforms, thus reducing the amount of work required on their part to spread their infections. The only exception is drivers obviously, since x64 systems require native x64 drivers, hence the reason that rootkits use x64 drivers.

Additionally, Malwarebytes Anti-Malware's protection module uses a native x64 driver as well for the same reason; because it must in order to function.

As for concerns with the cloud. If we ever did such a thing, it would have to be just as secure as our database updates, so there would be no difference there with regards to security. It's simply a matter of creating a system of verified, encrypted and trusted connectivity between the Malwarebytes Anti-Malware client and the Malwarebytes servers.

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

What you are saying and what I have said are 2 different stories. You are saying that it is capable of removing such infections, which yes if you find 64-bit signatures. What I was saying was the protection module, it can't block 64-bit infections without being native 64-bit. It works the opposite way, you can't infect 64-bit systems with a 32-bit malware. Since you claim that parts of MBAM are already native 64-bit, I don't see why making the rest of it native 64-bit is a big deal. Since windows 7 and windows 8 were meant for 64-bit use and almost 90% of users who bought 7 or 8 got 64-bit, it should be something that is done and you will be ahead of the game.

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

IP blocking is very inefficient to use, even if it is just part of the protection. I understand your ip blocker is capable of blocking ip and ip ranges, any smart malicious writer would use a wide range of ips, ones that aren't linked to each other and just alter it a bit and bypass the ip blocker. In that case, it is up to the offline protection modules to stop it. In that case, what if it was a 64-bit infection. Just because you never ran into one, doesn't mean the chances won't happen. As said, it can't block 64-bit infections but it might be able to remove, but by that time, the virus already accomplished what it wanted to achieve. I am sorry if this degrads your software, really, but you must see this in different terms.

Link to post
Share on other sites
Wide_Glide

Wide_Glide

Posted
Posted

The people at Malwarebytes' are very much Professional,  They did not start chasing malware yesterday.   They have been doing this for many years now.  Some before Mbam was ever created.

 

They are VERY aware of 64 bit malware(Written to escape detection)    Read >> HERE <<    (A bit off topic, but relevant)

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

I know the people are smart and they are doing a good job. I have used mbam since it came out and since then i have been satisfied, maybe alittle off on the ram usage but that is a different topic, but since I am using windows 7 64-bit, I perfer true 64-bit software, security being one. This topic was just to give you advise on what I think you guys should do, not degrade your software at all. I don't need to be told what infection software can or will do. I having been studying advanced hacking and anti-hacking well over 7 years now, to know what infections can do.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

IP blocking is very inefficient to use, even if it is just part of the protection. I understand your ip blocker is capable of blocking ip and ip ranges, any smart malicious writer would use a wide range of ips, ones that aren't linked to each other and just alter it a bit and bypass the ip blocker.

Actually, that's not true. They cannot simply 'alter their IPs' on a whim. IPs for servers are locked and cannot be changed and must be paid for from hosting providers. Switching IPs costs both time and money, so they're seldom very dynamic at all. Domain names can change at the drop of a hat and be incredibly variable, but not IPs.

In that case, it is up to the offline protection modules to stop it. In that case, what if it was a 64-bit infection. Just because you never ran into one, doesn't mean the chances won't happen. As said, it can't block 64-bit infections but it might be able to remove, but by that time, the virus already accomplished what it wanted to achieve. I am sorry if this degrads your software, really, but you must see this in different terms.

It may happen someday, but x64 has been the primary version of each new Windows version in use since Vista, and it still hasn't happened yet. I have never seen or heard of a single native x64 infection. It's just not efficient to create it because such an infection would be incapable of infecting a 32 bit OS, and considering how many 32 bit Windows XP users there still are out there, as well as the numbers of users running Vista, 7 and 8 32 bit editions (not as many as x64, but there are still quite a few); it would be a massive missed opportunity for them to develop anything restricted to the 64 bit platform.

This does not mean that we will never create a native x64 version of the software. In reality, unless the infection is already actively installed in the native System32 folder on a 64 bit OS, we can still detect it. The location has more to do with native x64 support than whether the executable itself is 64 bit. In either case, a 32 bit application can be made to detect native x64 malware, even in native x64 locations like the System32 folder on a 64 bit OS, so if we did that, we'd have absolutely no reason to make a specific x64 version of our software even if native x64 malware did exist.

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

So what you are saying is that MBAM's current state, it is capable of blocking AND removing both 32-bit and 64-bit infections, excluding the ip blocker? Does that mean the remaining parts of what needs to be native 64-bit would only impact performance, if at all?

Link to post
Share on other sites
exile360

exile360

Posted
Posted

So what you are saying is that MBAM's current state, it is capable of blocking AND removing both 32-bit and 64-bit infections, excluding the ip blocker? Does that mean the remaining parts of what needs to be native 64-bit would only impact performance, if at all?

Not completely, no. As I said, changes to the APIs used by Malwarebytes Anti-Malware would need to be made in order to detect already installed native x64 malware on the system with the protection module.

But yes, as for making Malwarebytes Anti-Malware itself a native x64 application, the only benefit (which would be negligible) would be performance.

Also, I just spoke with our development team, and full x64 support is in the works, so keep an eye out on future releases.

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

Alright, thanks for clearing all that up. When I see full 64-bit, sometime soon I hope, I will alert all of my friends and they will be willing to buy pro licenses as we are looking for software with good detection that is full 64-bit. I don't like MSE and SAS is behind in detection so I hope MBAM can do better. You may close this topic now as we are done here.

Link to post
Share on other sites
Guest ROCKNROLLKID

Guest ROCKNROLLKID

Posted
Posted

Alright, thanks for clearing all that up. When I see full 64-bit, sometime soon I hope, I will alert all of my friends and they will be willing to buy pro licenses as we are looking for software with good detection that is full 64-bit. I don't like MSE and SAS is behind in detection so I hope MBAM can do better. You may close this topic now as we are done here.

I might consider joining malware hunters, too but I am still debating on that.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.