Root Admin RubbeR DuckY Posted July 30, 2007 Root Admin ID:6818 Share Posted July 30, 2007 Lots of bugs reported on the forums fixed with this one.Note: This version saves settings to a different location in the registry (a more appropriate one dedicated to MBAM itself). You will need to reset your settings the way you want them. Lots more settings as well including:1. Saves scan type2. Saves drive selected for full scanAlso includes fixes with the installer. For ease of use, if you are installing the program for the first time, Create Desktop Icon is checked. If your installing over an older version, it won't be checked (meaning you keep your settings). It is just little things like this that will make the installer easier. Link to post Share on other sites More sharing options...
heikwith Posted July 30, 2007 ID:6821 Share Posted July 30, 2007 Bruce, can you take a look in this emailreply from Marcin:Not familiar with FileHand. Submit it on our forums and Bruce will take a look.Thanks,Marcin KleczynskiSecurity Software Developerhttp://www.malwarebytes.orgPlease visit the new Malwarebytes blog:http://www.malwarebytes.besttechie.netDik Heikoop wrote: Hello,V0.55 said Filehand search is malware.V0.58 still says.Is this FP or not ??No other anti-malware program reports this !!Dik HeikoopNetherlands Link to post Share on other sites More sharing options...
nosirrah Posted July 30, 2007 ID:6825 Share Posted July 30, 2007 I will need a developer version scan log before I can answer this . Link to post Share on other sites More sharing options...
JeanInMontana Posted July 30, 2007 ID:6826 Share Posted July 30, 2007 Smooth install, full scan ran in 30 min 26 sec. I'm sure it would be faster with the browser closed and WLM. Settings remained after close and open of program. Quick scan 4 min 19 sec. Link to post Share on other sites More sharing options...
lurkingatu2 Posted July 30, 2007 ID:6828 Share Posted July 30, 2007 update to 0.61 went good here i did a quick and full scan with database 103 fingerprints 5192 and found nothing and i see 3 steps under monitor Link to post Share on other sites More sharing options...
ipl_001 Posted July 30, 2007 ID:6830 Share Posted July 30, 2007 Hi everyone,I upgraded to MBAM 0.61 DBversion: 103, Fingerprints: 5192- problem with Prevx despite my message to them- starting both scans... Link to post Share on other sites More sharing options...
mrgigabyte Posted July 30, 2007 ID:6831 Share Posted July 30, 2007 hi everyone i just put 61 in both my computers and did a scan on both everything find on my end Link to post Share on other sites More sharing options...
sho-dan Posted July 30, 2007 ID:6832 Share Posted July 30, 2007 Hello ver. 061 DB103 and all is well in both Quick/Full scans. No problems with installer for newest version. Good job,guys. Link to post Share on other sites More sharing options...
ipl_001 Posted July 30, 2007 ID:6833 Share Posted July 30, 2007 Hi everyone,Tests with 0.61 /103- Problems with Prevx as reported above.- Quick Scan - 6 min. 17 sec. for 14,272 objects (a bit slower)- Full Scan - pendingStill the same problem of False Positive (2 byte-file) ( http://www.malwarebytes.org/forums/index.p...post&p=6648 ) Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6834 Share Posted July 31, 2007 I will need a developer version scan log before I can answer this . Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6835 Share Posted July 31, 2007 Never mind , I think I found it . Check defs in about 10 minutes . Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6836 Share Posted July 31, 2007 Hi Bruce,Did you get the 2-byte file?I guess I'm going to report my infectious files are not detected (scan still pending)... do you have my files (most of them are on MR but I could send them to you via email or upload them somewhere else).~~ edit:Full Scan is over: 51 min. 30 sec. 72,048 object scanned (a bit slower)Still the same problem of malware undetected! ( http://www.malwarebytes.org/forums/index.p...post&p=6648 ) Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6837 Share Posted July 31, 2007 Thanks Bruce!- updated to defs 104- Quick Scan in progressI don't know if I'll run the Full Scan as it is already 2:25a on Tuesday here in Paris.~~ edit: Yes, I'll run the Full Scan as I guess you're looking forward to getting the result... Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6838 Share Posted July 31, 2007 I think I got it , it turned up in another infection and the MD5 was in def so I removed it .I don't know what you mean by "most of them are on MR" . I don't have them and would love more samples to play with . We need a drop box for experts . Zip and attach what you can here . I there is not enough room PM me and I will PM you back a drop box . Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6839 Share Posted July 31, 2007 Howdy,- Quick Scan over: 5 min. 31 sec. for 14,312 objects- Full Scan started...Do you have access to Malware Research? Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6840 Share Posted July 31, 2007 Yes I do , nosirrah there as well . Link to post Share on other sites More sharing options...
Root Admin RubbeR DuckY Posted July 31, 2007 Author Root Admin ID:6841 Share Posted July 31, 2007 1. Working on improving scan speed.2. Working on implementing a drop box for malware. Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6842 Share Posted July 31, 2007 Bruce,I'm going to upload some files on my hard disk that are not detected by MBAM.As far as I understand, I cannot upload several files in one post (as I do at MR), right?Here is patch.zip that includes patch.exe 132 KB described by Avast as Win32:Tibs-BAC [Trj] Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6843 Share Posted July 31, 2007 Bruce,Here is funny.zip that includes funny.exe 21 KB described by Avast as Win32:Agent-JPK [Trj] I forgot to tell you that I don't scan with VirusTotal as the service is presently overloaded.~~ edit: I forgot to tell you that my Full Scan (pending) seems not to have detected the 2-byte FP as after 20 min., I don't have any infected object displayed! Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6844 Share Posted July 31, 2007 I will fire these up and see what they do . Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6845 Share Posted July 31, 2007 Howdy,On my hard disk, I have some rather old (January-March 2007) infectious files of the IRB family:- dllhst.exe 260 KB -> Avast Win32:Vanbot-BK [Trj]- read.exe 202 KB -> Avast Win32:Vanbot-BW [Trj]- eventmgr.exe 206 KB -> Avast Win32:Vanbot-BR [Trj]- WinSecUp.exe 138 KB -> Avast Win32:Rbot-DQL [Trj]I'm going to check but I uploaded them to MR -> W32.Rinbot.Worm / Spybot / IRCbot / Spexta~~ edit: I confirm that all of the 4 files were uploaded to the MR discussion linked above. Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6846 Share Posted July 31, 2007 Howdy,Prevx doesn't like MBAM and while scanning, my icon in Systray is orange with the comment:Status WarningPrevx 2.0 detected you were running a program that is unknown in the local and central Prevx 2.0 database.This doesn't mean the program is a malware, only unkown. However, you should run this program with care.For more details, double-click the program listed in the recent activity of program.(my translation to English)Malwarebytes'Anti-Malware / Authorized / 556 KB / Malwarebytes / C:\Program Files\Malwarebytes'Anti-Malware\MBAM.EXEYou should harass Prevx about this! Link to post Share on other sites More sharing options...
nosirrah Posted July 31, 2007 ID:6847 Share Posted July 31, 2007 MBAM may absorb that whole thread . Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6848 Share Posted July 31, 2007 Bruce,- Full Scan is over -> 50 min. 14 sec. for 72,076 objectsNo False Positives any longer <- Congrats! Infectous files not detected but you've them!I let you go and play as it's 3:25a in Paris... I'm going to bed, enjoy your night! Link to post Share on other sites More sharing options...
ipl_001 Posted July 31, 2007 ID:6849 Share Posted July 31, 2007 HiMBAM may absorb that whole thread .You should try to play with the 6 filesMaybe a precision: all of the files are in subdirectories of C:\Documents and Settings\G Link to post Share on other sites More sharing options...
Recommended Posts