Jump to content

Recommended Posts

  • Root Admin

Lots of bugs reported on the forums fixed with this one.

Note: This version saves settings to a different location in the registry (a more appropriate one dedicated to MBAM itself). You will need to reset your settings the way you want them. Lots more settings as well including:

1. Saves scan type

2. Saves drive selected for full scan

Also includes fixes with the installer. For ease of use, if you are installing the program for the first time, Create Desktop Icon is checked. If your installing over an older version, it won't be checked (meaning you keep your settings). It is just little things like this that will make the installer easier.

Link to post
Share on other sites

Bruce, can you take a look in this emailreply from Marcin:

Not familiar with FileHand. Submit it on our forums and Bruce will take a look.

Thanks,

Marcin Kleczynski

Security Software Developer

http://www.malwarebytes.org

Please visit the new Malwarebytes blog:

http://www.malwarebytes.besttechie.net

Dik Heikoop wrote:

Hello,

V0.55 said Filehand search is malware.

V0.58 still says.

Is this FP or not ??

No other anti-malware program reports this !!

Dik Heikoop

Netherlands

Link to post
Share on other sites

Hi everyone,

I upgraded to MBAM 0.61 DBversion: 103, Fingerprints: 5192

- problem with Prevx despite my message to them

- starting both scans...

Link to post
Share on other sites

Hi everyone,

Tests with 0.61 /103

- Problems with Prevx as reported above.

- Quick Scan - 6 min. 17 sec. for 14,272 objects (a bit slower)

- Full Scan - pending

Still the same problem of False Positive (2 byte-file) ( http://www.malwarebytes.org/forums/index.p...post&p=6648 )

Link to post
Share on other sites

Hi Bruce,

Did you get the 2-byte file?

I guess I'm going to report my infectious files are not detected (scan still pending)... do you have my files (most of them are on MR but I could send them to you via email or upload them somewhere else).

~~ edit:

Full Scan is over: 51 min. 30 sec. 72,048 object scanned (a bit slower)

Still the same problem of malware undetected! ( http://www.malwarebytes.org/forums/index.p...post&p=6648 )

Link to post
Share on other sites

Thanks Bruce!

- updated to defs 104

- Quick Scan in progress

I don't know if I'll run the Full Scan as it is already 2:25a on Tuesday here in Paris.

~~ edit: Yes, I'll run the Full Scan as I guess you're looking forward to getting the result...

Link to post
Share on other sites

I think I got it , it turned up in another infection and the MD5 was in def so I removed it .

I don't know what you mean by "most of them are on MR" . I don't have them and would love more samples to play with .

We need a drop box for experts . Zip and attach what you can here . I there is not enough room PM me and I will PM you back a drop box .

Link to post
Share on other sites

Bruce,

I'm going to upload some files on my hard disk that are not detected by MBAM.

As far as I understand, I cannot upload several files in one post (as I do at MR), right?

Here is patch.zip that includes patch.exe 132 KB described by Avast as Win32:Tibs-BAC [Trj]

Link to post
Share on other sites

Bruce,

Here is funny.zip that includes funny.exe 21 KB described by Avast as Win32:Agent-JPK [Trj]

I forgot to tell you that I don't scan with VirusTotal as the service is presently overloaded.

~~ edit: I forgot to tell you that my Full Scan (pending) seems not to have detected the 2-byte FP as after 20 min., I don't have any infected object displayed!

Link to post
Share on other sites

Howdy,

On my hard disk, I have some rather old (January-March 2007) infectious files of the IRB family:

- dllhst.exe 260 KB -> Avast Win32:Vanbot-BK [Trj]

- read.exe 202 KB -> Avast Win32:Vanbot-BW [Trj]

- eventmgr.exe 206 KB -> Avast Win32:Vanbot-BR [Trj]

- WinSecUp.exe 138 KB -> Avast Win32:Rbot-DQL [Trj]

I'm going to check but I uploaded them to MR -> W32.Rinbot.Worm / Spybot / IRCbot / Spexta

~~ edit: I confirm that all of the 4 files were uploaded to the MR discussion linked above.

Link to post
Share on other sites

Howdy,

Prevx doesn't like MBAM and while scanning, my icon in Systray is orange with the comment:

Status Warning

Prevx 2.0 detected you were running a program that is unknown in the local and central Prevx 2.0 database.

This doesn't mean the program is a malware, only unkown. However, you should run this program with care.

For more details, double-click the program listed in the recent activity of program.

(my translation to English)

Malwarebytes'Anti-Malware / Authorized / 556 KB / Malwarebytes / C:\Program Files\Malwarebytes'Anti-Malware\MBAM.EXE

You should harass Prevx about this!

Link to post
Share on other sites

Bruce,

- Full Scan is over -> 50 min. 14 sec. for 72,076 objects

No False Positives any longer <- Congrats! :D

Infectous files not detected but you've them!

I let you go and play as it's 3:25a in Paris... I'm going to bed, enjoy your night!

Link to post
Share on other sites

Hi

MBAM may absorb that whole thread .
You should try to play with the 6 files

Maybe a precision: all of the files are in subdirectories of

C:\Documents and Settings\G

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.