Jump to content

BartPE plugin for MBAM

Oddworld
 Share

Recommended Posts

ATechGuy

ATechGuy

Posted
Posted
Ken,

Once we have a fix for the problem, we will release a PE build with our technician's license.

Thanks Marcin,

Your product rocks. FWIW, I entered a posting on your web site for a registry key that needs to be looked at, as it can render a PC useless if the key exists but the file it references is removed. Having MBAM in the UBCD4WIN toolkit would be the best.

Link to post
Share on other sites
  • 3 weeks later...
  • Replies 69
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Oddworld

Oddworld

Posted
  • Author
Posted

it sounded to be such an easy task, but still no go? :) what is cooking?

waiting with anticipation for a positive feedback on the development of this plugin

when complete I will buy technicians license :) hope some fund will fall on "the highlander"

Link to post
Share on other sites
ATechGuy

ATechGuy

Posted
Posted
it sounded to be such an easy task, but still no go? :) what is cooking?

waiting with anticipation for a positive feedback on the development of this plugin

when complete I will buy technicians license :) hope some fund will fall on "the highlander"

1.39 is now out, and UBCD4Win has a "Patch". I'm curious of the patched MBAM.exe is really 1.39, or a special build. Perhaps this is more of a question for the UBCD4Win forum, but I figured it would make more sense to get clarification here.

Thanks.

Link to post
Share on other sites
hilander999

hilander999

Posted
Posted
1.39 is now out, and UBCD4Win has a "Patch". I'm curious of the patched MBAM.exe is really 1.39, or a special build. Perhaps this is more of a question for the UBCD4Win forum, but I figured it would make more sense to get clarification here.

Thanks.

I do not know where you get your information from, but there is no patch or unofficial version at UBCD4WIN.

The wheels are turning, but it's going to take some patience from everyone.

EDIT: He is referring to the 1.39 hotfix version.

Link to post
Share on other sites
  • 1 month later...
  • 1 month later...
  • 2 months later...
FalconFour

FalconFour

Posted
Posted

Bumping this for, hopefully, a welcome update :)

It's quite refreshing to see an administrator's stance change from "I hate you all for improving our product on your own terms" to "Okay, we'll make this functionality work" within the course of one topic. Even though it started off looking pretty dismal (... and if you keep fixing it, we'll keep breaking it!), looks like it may have ended up working out well anyway. Our small computer shop has been using MBAM for quite some time now but the "powers that be" have found zero reason to buy a license for MBAM. Malwarebytes does its job well (except for the months of leaving autorun values behind after running), and really helps us out on the job.

However, there's been a big push for me, as the "diagnostic tools developer", to come up with a way to run MBAM on our diagnostic CD, which is primarily based on a certain popular prepackaged BootCD (hint: 5 letters & starts with H), but with many modifications. It's not based on BartPE in any respect and it's very, very, very fast. As a result it's a little trick to adapt BartPE plugins to work with its "hybrid" system/storage architecture. Under this environment, I've gotten MBAM to start up to the point where I get an error message stating "An error occurred. Please report this... Error code: 718 (-2146893799, 0), The keyset is not defined". I gather that's related to some cryptographic system that's not installed in this OS. But I've got no way to know what components are needed to make it work.

This is one of those points where I can go to my boss and say "Hey, I can make it work, but we need a license for it so they can help me integrate it with the disc". There's already been expressed interest in "tell me what programs you need licenses for and I'll get them", so there's a good possibility that as long as the price is sane, this BartPE plugin (and related endeavors) would result in MORE sales of legitimate licenses, instead of less! I mean, as long as it's not like, a thousand bucks for a license, or something. It would be a dream for me to make that much in a month :)

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Um, I just wanted to say, I just got an IP block whilst visiting this thread, I have no idea why.

And I am only in this forum currently in my browser, and signed into Pidgin.

81.169.145.75
Link to post
Share on other sites
exile360

exile360

Posted
Posted

Greetings FalconFour :)

I can tell you one thing right off, a license will be required for it (Technicians License), which I'm sure you understand is technically required for the way your company is already using MBAM, reaping profits from the work of MBAM's developers. I don't work for them though so I can't say much, I understand that tech shops do this sort of thing all the time, you're just being up front about it :) .

Anyway, I haven't heard any progress yet as I know they've been dealing with a lot of issues and fixes lately, one of which was the leftover autorun value you mentioned. Hopefully once things settle down a bit with 1.43 we'll hear some more news on the plugin.

Link to post
Share on other sites
FalconFour

FalconFour

Posted
Posted
Greetings FalconFour :)

I can tell you one thing right off, a license will be required for it (Technicians License), which I'm sure you understand is technically required for the way your company is already using MBAM, reaping profits from the work of MBAM's developers. I don't work for them though so I can't say much, I understand that tech shops do this sort of thing all the time, you're just being up front about it :) .

Yeah, I'm kinda upfront about it because I get the same treatment myself - I honestly think I may unintentionally hold the world record for most painfully underpaid computer tech on the planet. :) But who knows, once I get this new DiagCD done, maybe times will change! I just hope we can actually make all our tools "legit"...

Link to post
Share on other sites
GT500

GT500

Posted
Posted
Um, I just wanted to say, I just got an IP block whilst visiting this thread, I have no idea why.

And I am only in this forum currently in my browser, and signed into Pidgin.

I don't see anything on this page that could have caused it, but I am running without the protection module on this install of Windows 7, so if there's something not visible then I won't see it.

Anyway, I haven't heard any progress yet as I know they've been dealing with a lot of issues and fixes lately, one of which was the leftover autorun value you mentioned. Hopefully once things settle down a bit with 1.43 we'll hear some more news on the plugin.

I hate to be the bearer of bad news, as I know this hasn't been posted publicly, but they never could make the plugin work in the way it would need to in order to ensure a proper detection rate without increased false positives. No further progress has been made in the attempt, and I am not aware of anyone continuing to try (the developers are quite busy with some very bold and interesting stuff, and unexpected bugfix issues ate up a lot of free time that they didn't have).

... I honestly think I may unintentionally hold the world record for most painfully underpaid computer tech on the planet. :) But who knows, once I get this new DiagCD done, maybe times will change! I just hope we can actually make all our tools "legit"...

Been there, done that, got the tee shirt. :)

Well, hopefully once you complete their Diagnostics Disc they'll give you a promotion with a nice raise in pay :) .

If it worked that way, I would have been a millionaire. :)

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

@ GT500

It was only happening when I went to the first page of this thread, as far as I could tell.

Edit: Just cleared my FX history, then ran ATF & CCleaner... came back on, and it's only happening on the first page. Probably is an image like Exile said.

Second Edit: I think its from Joshua's site, unfortunately:

http://74.125.93.132/search?q=cache:pZ7vQYnV27UJ:www.drowaelder.de/winpe/PEIndex.htm+http://www.drowaelder.de/winpe/PEIndex.htm&cd=1&hl=en&ct=clnk&gl=us

As I got an IP block simply visiting the Google Cache after Googling his website as I could find no other cause for the IP block on the first page.

And when going to the site directly, I get a Problem Loading Page. And now a complete IP block along with that.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

Ouch :) . Thanks for the status updates GT. I know those guys work real hard and all the bugs fixed in 1.43 testify to what they've had their hands full with.

As for IP blocks, 0 on this thread with protection active.

edit: I get the following on the first page of the thread, I think it's just from an image in a user's signature:

81.169.145.75

Link to post
Share on other sites
GT500

GT500

Posted
Posted
edit: I get the following on the first page of the thread, I think it's just from an image in a user's signature:
81.169.145.75

It's the screenshot in this post. User uploaded it to a site that was on a blocked IP. Not a malicious picture, but also not a safe server to be leaving your files on.

Link to post
Share on other sites
  • 4 weeks later...
nick

nick

Posted
Posted

so has any progress been made here?

I'm testing the UBCD4win plugin, but the quick scan seems to be redirected to the bootcd environment, rather then the actual boot drive specified by runscanner.

Is this something that is going to be released with a tech license? I'd like to buy it if the plugin works..

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.