Root Admin RubbeR DuckY Posted July 7, 2008 Root Admin ID:22105 Share Posted July 7, 2008 Version 1.20 (July 7th, 2008)1. (FIXED) Improved overall quality of code.2. (FIXED) Improved detection of certain malicious components.3. (FIXED) Minor GUI inconsistencies.4. (FIXED) Improved error handling.5. (FIXED) Problem fixing LSP entries.6. (FIXED) Potential for memory leaks in Protection Module.7. (ADDED) Support for Russian language.This should fix a few speed problems with the Protection Module.The zlib.dll problem will be fixed in the next version. Link to post Share on other sites More sharing options...
eXaByTe Posted July 7, 2008 ID:22111 Share Posted July 7, 2008 Goodie! Malware Bytes gets better all the time! -eXaByTe Link to post Share on other sites More sharing options...
leofelix Posted July 7, 2008 ID:22113 Share Posted July 7, 2008 Hello Marcin Hello All,Just updated via internal updater on two machines of mine.Only in PC running XP PRO SP 3 (32 bit) I got an error when installing:MBAM 1.20 couldn't register itself in "Run Once" Key (I'm sorry I do not have a snapshot).However everything got well. Nothing to report about my Laptop with XP Home SP 3Kind regards Link to post Share on other sites More sharing options...
Tarun Posted July 8, 2008 ID:22114 Share Posted July 8, 2008 Posted on Lunarsoft and soon to appear on Digg! Link to post Share on other sites More sharing options...
JeanInMontana Posted July 8, 2008 ID:22115 Share Posted July 8, 2008 Scan time increased significantly, and after it was complete I hit the exit button and MBAM froze for a while. Finally got Task Manager end program notice and I said yes.Malwarebytes' Anti-Malware 1.20Database version: 930Windows 5.1.2600 Service Pack 26:05:22 PM 7/7/2008mbam-log-7-7-2008 (18-05-21).txtScan type: Quick ScanObjects scanned: 38832Time elapsed: 6 minute(s), 12 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
Cordialis Posted July 8, 2008 ID:22119 Share Posted July 8, 2008 Thanks for the new MBAM! Link to post Share on other sites More sharing options...
John L. Galt Posted July 8, 2008 ID:22147 Share Posted July 8, 2008 Strange, Jean - my scan times went *down* instead of up....Malwarebytes' Anti-Malware 1.20Database version: 929Windows 6.0.6001 Service Pack 1 19:55:09 7/6/2008mbam-log-7-6-2008 (19-55-09).txt Scan type: Quick ScanObjects scanned: 32853Time elapsed: 1 minute(s), 23 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:(No malicious items detected) Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:(No malicious items detected)and Malwarebytes' Anti-Malware 1.20Database version: 929Windows 6.0.6001 Service Pack 1 20:24:49 7/6/2008mbam-log-7-6-2008 (20-24-38).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|)Objects scanned: 234500Time elapsed: 25 minute(s), 11 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:(No malicious items detected) Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:D:\Downloads\ComicRackSetup0980.exe (Rogue.Installer) -> No action taken.That last was an FP, and I think only because of the name - codeboxcRackSetup0980.exe - because when I copied to file to an empty drive and manaully scanned it, it found nothing:Malwarebytes' Anti-Malware 1.20Database version: 929Windows 6.0.6001 Service Pack 1 20:33:04 7/6/2008mbam-log-7-6-2008 (20-33-04).txt Scan type: Quick ScanObjects scanned: 9Time elapsed: 1 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:(No malicious items detected) Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:(No malicious items detected)Plus, a submission to VirusTotal showed 0 hits, and a previous submission, based on the file's hash.Note: Edited post to use codebox tags instead of quote tags for readability - JG Link to post Share on other sites More sharing options...
sho-dan Posted July 8, 2008 ID:22151 Share Posted July 8, 2008 Hello Marcin9pm schedule auto update/reboot, no problems or errors to report. Scans times are quicker.Malwarebytes' Anti-Malware 1.20Database version: 930Windows 6.0.6001 Service Pack 110:18:06 PM 7/7/2008mbam-log-7-7-2008 (22-18-06).txtScan type: Full Scan (C:\|)Objects scanned: 103558Time elapsed: 13 minute(s), 4 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0------------------------------------------Malwarebytes' Anti-Malware 1.20Database version: 931Windows 6.0.6001 Service Pack 110:20:45 PM 7/7/2008mbam-log-7-7-2008 (22-20-45).txtScan type: Quick ScanObjects scanned: 36774Time elapsed: 1 minute(s), 26 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Link to post Share on other sites More sharing options...
mona7865 Posted July 8, 2008 ID:22152 Share Posted July 8, 2008 No problems with updating and running a quick scan.Malwarebytes' Anti-Malware 1.20Database version: 930Windows 5.1.2600 Service Pack 35:08:59 8/07/2008mbam-log-7-8-2008 (05-08-59).txtScan type: Quick ScanObjects scanned: 43665Time elapsed: 5 minute(s), 57 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Full scan ran without any problems as well.Malwarebytes' Anti-Malware 1.20Database version: 930Windows 5.1.2600 Service Pack 36:34:15 8/07/2008mbam-log-7-8-2008 (06-34-15).txtScan type: Full Scan (C:\|)Objects scanned: 133476Time elapsed: 1 hour(s), 18 minute(s), 57 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Mona. Link to post Share on other sites More sharing options...
evilfantasy Posted July 8, 2008 ID:22155 Share Posted July 8, 2008 Smooooth. Internal update.Malwarebytes' Anti-Malware 1.20Database version: 931Windows 5.1.2600 Service Pack 311:28:03 PM 2008-07-07mbam-log-7-7-2008 (23-28-03).txtScan type: Quick ScanObjects scanned: 74849Time elapsed: 20 minute(s), 48 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Link to post Share on other sites More sharing options...
2Ton Posted July 8, 2008 ID:22160 Share Posted July 8, 2008 The update went smoothly. mbam says Revouninstaller is a rogue.alwarebytes' Anti-Malware 1.20Database version: 931Windows 5.1.2600 Service Pack 36:10:05 AM 7/8/2008mbam-log-7-8-2008 (06-10-05).txtScan type: Full Scan (C:\|)Objects scanned: 100820Time elapsed: 23 minute(s), 54 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Downloads\revosetup.exe (Rogue.Installer) -> Quarantined and deleted successfully.-------------------Thanks Link to post Share on other sites More sharing options...
Root Admin RubbeR DuckY Posted July 8, 2008 Author Root Admin ID:22161 Share Posted July 8, 2008 Can somebody please post this in the false positives forum with a developer log? Link to post Share on other sites More sharing options...
2Ton Posted July 8, 2008 ID:22166 Share Posted July 8, 2008 Can somebody please post this in the false positives forum with a developer log?Sorry Marcin, I do not know how to produce a developer log. How do you produce it? Link to post Share on other sites More sharing options...
lurkingatu2 Posted July 8, 2008 ID:22167 Share Posted July 8, 2008 here you go 2Tonclick the Start Menu, Run, and type the following:mbam.exe /developer there is a space between the e and / Link to post Share on other sites More sharing options...
honda12 Posted July 8, 2008 ID:22169 Share Posted July 8, 2008 Internal update went fine except after the install MBAM checked for definition updates then immediately closed My scan time was about 1 minute slower than usual, but I think that may be more of a case of me running programs and not clearing temporary filesApart from that, Good Job! Malwarebytes' Anti-Malware 1.20Database version: 931Windows 6.0.6001 Service Pack 1 09:04:24 08/07/2008mbam-log-7-8-2008 (09-04-24).txt Scan type: Quick ScanObjects scanned: 36422Time elapsed: 3 minute(s), 16 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:(No malicious items detected) Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
2Ton Posted July 8, 2008 ID:22246 Share Posted July 8, 2008 here you go 2Tonclick the Start Menu, Run, and type the following:mbam.exe /developer there is a space between the e and /Hi, MarcinI do not think these logs are any good. I followed your instructions: "Start, Run, "mbam.exe /developer". (no quote marks). That caused mbam to load, but it does not scan automatically. So when mbam loaded I chose the Quick scan and followed it with the Full scan. I do not see any difference with the previous scans.1.Malwarebytes' Anti-Malware 1.20Database version: 932Windows 5.1.2600 Service Pack 37:45:35 PM 7/8/2008mbam-log-7-8-2008 (19-45-35).txtScan type: Full Scan (C:\|)Objects scanned: 101332Time elapsed: 22 minute(s), 57 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)2.Malwarebytes' Anti-Malware 1.20Database version: 932Windows 5.1.2600 Service Pack 37:20:07 PM 7/8/2008mbam-log-7-8-2008 (19-20-07).txtScan type: Quick ScanObjects scanned: 45233Time elapsed: 6 minute(s), 55 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)This of course has been done after the most recent update. (932) Since I had deleted the Revo Uninstaller, I downloaded another copy and mbam has not flagged it as a rogue. I hope this helps.Thanks Link to post Share on other sites More sharing options...
thanatos Posted July 9, 2008 ID:22275 Share Posted July 9, 2008 Hello guys!! Thanx for 1.20!I noticed Dr.WEB AV no longer detect you as a backdoor trojan. Did you change the code that much, or was there any other solution found?I see that you also included russian language and now you product isn't detected by a russian AV j/k Link to post Share on other sites More sharing options...
EliteKiller Posted July 9, 2008 ID:22366 Share Posted July 9, 2008 I just loaded MBAM 1.20 on a customer's XP2000+ w/ 512MB DDR running XP Pro and SAV Corp 10.0. Unfortunately MBAM's real-time protection had a very noticeable impact on system performance so I disabled it. In addition if I right-clicked the MBAM tray icon > disable protection > it would pop up the "are you sure that you want to disable...." > yes. I then opened the MBAM gui and real-time still showed to be enabled, and the mbamservice is still running. You must exit MBAM via the tray icon for real-time to be unloaded. Is this by design? Link to post Share on other sites More sharing options...
Root Admin RubbeR DuckY Posted July 10, 2008 Author Root Admin ID:22368 Share Posted July 10, 2008 You must exit MBAM via the tray icon for real-time to be unloaded. Is this by design?Yes, for now it is. I am planning on making the same actions available within the scanner. As for the system performance, are there any entries in Event Viewer? Link to post Share on other sites More sharing options...
EliteKiller Posted July 10, 2008 ID:22375 Share Posted July 10, 2008 As for the system performance, are there any entries in Event Viewer?Only a single notification entry which is much better than 1.19 The description for Event ID ( 1 ) in Source ( MBAMService ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: MBAMService, Info: MBAM realtime monitor started successfully. Link to post Share on other sites More sharing options...
Root Admin RubbeR DuckY Posted July 10, 2008 Author Root Admin ID:22376 Share Posted July 10, 2008 Does performance improve when you run the program for a while and open a few programs? Link to post Share on other sites More sharing options...
camor Posted July 10, 2008 ID:22404 Share Posted July 10, 2008 I've instaled this version and Windows defender asks me to send the files "mbam.exe" and "mbamcatchme.sys" for analysis. Also SpyBot says that "mbam.exe" is Smitfraud-C and "mbamcatchme.sys" is Worldsecurityonline.Fakealert. Can anyone tell anything about this?Thanks in advance Link to post Share on other sites More sharing options...
thanatos Posted July 10, 2008 ID:22409 Share Posted July 10, 2008 I've instaled this version and Windows defender asks me to send the files "mbam.exe" and "mbamcatchme.sys" for analysis. Also SpyBot says that "mbam.exe" is Smitfraud-C and "mbamcatchme.sys" is Worldsecurityonline.Fakealert. Can anyone tell anything about this?Thanks in advanceYes Windows Defender doesn't really like MBAM, but I've set it to never notify me about software changes and bla bla (it is under "options"). If I run a scan of course I can see the entries in history:"mbamcatchme.sys: possibly unwanted behaviour" or sth like that. Link to post Share on other sites More sharing options...
3xist Posted July 10, 2008 ID:22411 Share Posted July 10, 2008 Thanks for this new version.Scanning improvements are noticeable here. Malwarebytes' Anti-Malware 1.20Database version: 935Windows 5.1.2600 Service Pack 3 10:03:55 PM 7/10/2008mbam-log-7-10-2008 (22-03-55).txt Scan type: Quick ScanObjects scanned: 38885Time elapsed: 2 minute(s), 48 second(s) Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0 Memory Processes Infected:(No malicious items detected) Memory Modules Infected:(No malicious items detected) Registry Keys Infected:(No malicious items detected) Registry Values Infected:(No malicious items detected) Registry Data Items Infected:(No malicious items detected) Folders Infected:(No malicious items detected) Files Infected:(No malicious items detected)-I also had Firefox 3.0 Open while Scanning.Josh Link to post Share on other sites More sharing options...
JeanInMontana Posted July 10, 2008 ID:22418 Share Posted July 10, 2008 I've instaled this version and Windows defender asks me to send the files "mbam.exe" and "mbamcatchme.sys" for analysis. Also SpyBot says that "mbam.exe" is Smitfraud-C and "mbamcatchme.sys" is Worldsecurityonline.Fakealert. Can anyone tell anything about this?Thanks in advanceBoth programs are identifying components of MBAM that could be malware in a malicious program. Thanks for letting us know. Link to post Share on other sites More sharing options...
Recommended Posts