Where's my post?

[joelj1964]

hahahaha.. I posted yesterday asking what the deal is with MBAM of late. I attached log file from SAS and MBAM showing the number of malware missed by MBAM that was detected by SAS which was run after MBAM... Where is the post now? It's gone... strange!!

[nosirrah]

I can see all 8 of your posts, if there was a deletion there would be a discrepancy between viewable posts and post count so maybe there was a forum glitch, there was a recent forum software update what was buggy and causing issues.

http://forums.malwarebytes.org/index.php?a...sult_type=posts

You can post those logs again right here and zip and attach the samples, I will tell you exactly what the deal with the samples is.

[joelj1964]

I too can see all 8 post. Should be 9 however. Log files attached.

MBAM_SAS_comparisson.txt

[noknojon]

Hi -

When was the last time you updated and scanned with Malwarebytes - Current update is Version 4529 -

Your update version is 4487 and the scan log is about a week old - It is now September 2nd - The log is dated August 26th -

Thank You -

Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4487 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 8/26/2010

[joelj1964]

Apparently editing of post isn't an option but, I wanted to add the example above is only one of many of late. It does not represent the worse case of missed threats by MBAM. Only the most convenient for me to locate. This has been a reoccurring thing for the past several months. No one has been a bigger proponent of MBAM over the past two years than I. I have recommended it literally thousands of times. I will continue to use it in my instructions for malware removal. However, it is now run after SAS and even Hitman Pro 3.5 sometimes. I can also tell you I am not, by any means, the only user to notice the decline in detected threats.

[noknojon]

Malwarebytes is not here to remove all those tracking cookies that are most of what is listed by the SAS logs -

Any decent cleaner can remove those items - Go to System Tools and use Disk Cleanup more often for a start -

ATF Cleaner is also good to help remove built up temp files from XP systems -

[Haider]

Hello joelj1964: First you need to understand MBAM & SAS are two different kind of products as such their capabilities are different, that is why a lot of forum members are running these products together. You can't compare Fruit with Vegetable

According to the log you've posted MBAM has removed following

1. Trojan.FakeAlert
   
2. Rogue.WiresharkAntivirus
   
3. Trojan.Dropper
   
4. Malware.Trace
   

Please google for above

[nosirrah]

In that SAS log there are only 3 things.

IE cookies

Flash cookies

1 trace key

We polled our users back when we started and the majority did not want yet another adaware/spybot like tool that went nuts over cookies and usage tracks when there are already so many good tools available.

SAS also lists registry key detections differently than we do. If SAS detects a key everything under the key is also listed in the log. The actual key detected here was:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Toolbar

The rest were sub detections.

I too can see all 8 post. Should be 9 however. Log files attached.

Post a test post and I will delete it. You will see that your post will vanish yet your post count will not change. This was the discrepancy I was talking about. If we had deleted one of your posts your visible posts and post count would not line up. I think it is likely that you made a post while the forum was still buggy and it never registered.

I am confused by one thing you said:

I posted yesterday asking what the deal is with MBAM of late.

If you combine that with what you posted log it would seem to imply that MBAM in the past detected all of these cookies but has now stopped. I want to make it clear that we never detected cookies so there is no "as of late" issue here.

[joelj1964]

I am aware of MBAM does not detect adware cookies and was not referring to such. As I stated in my post, the logs were only an example of missed items. You must take consideration the computers in question do not belong to me and therefore I do not have access to all the log files which were created when I cleaned them. I do not save log files to my computer which were generated by the scanning of a computer I simply cleaned for someone.

It seems that some of those who replied were offended. My goal is not to criticize MBAM but, rather bring to attention the scanner has fallen off tremendously OF LATE. If this bothers some then so be it. I use MBAM and SAS daily to remove malware from various computers and have for several years now. So, I am aware of what MBAM used to do and what it does now.

Note: These are explicitly my opinion, you or anyone reading this may disagree

Thanks for your permission.

SAS_MBAM_comp.txt

[nosirrah]

In the log you posted there is one detection only, the rest are cookies and sub-detections. Here is the one detection:

C:\Program Files\AntiMalware Pro

We are well aware of this folder and have decided that it poses a FP risk to remove so we opted to clear the core executables from inside instead.

It seems that some of those who replied were offended.

I actually enjoy a good debate and have enjoy the chance to explain the log discrepancies.

[Kernel Krumpet]

Thanks for your permission.

people with opinions just go around bothering one another....

Meditate. Live purely. Be quiet. It is not for us to search but to remain still, to achieve Immobility not Action. Do your work with mastery. Like the moon, come out from behind the clouds. Shine.

[joelj1964]

Here's another one missed by MBAM. This makes what? 3?

people with opinions just go around bothering one another....

Log files are not opinions. They are facts. Instead of being so defensive of MBAM, as well as verbally aggressive, look at the logs and ask yourself why MBAM has gone from the best to the second and possibly third best.

[joelj1964]

Here is the log

mbam_sas_comparisson.txt

[Firefox]

Malwarebytes does not detect cookies so that is the differance in your logs....

[nosirrah]

Here's another one missed by MBAM. This makes what? 3?

Log files are not opinions. They are facts. Instead of being so defensive of MBAM, as well as verbally aggressive, look at the logs and ask yourself why MBAM has gone from the best to the second and possibly third best.

C:\Documents and Settings\*l\Cookies\
C:\Documents and Settings\Guest\Application Data\Macromedia\Flash Player
C:\Documents and Settings\*\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookie

All three of these sections are cookies, why do you keep posting these? We have said a few times now that our users do not want this functionality as there are already many free ways to deal with these.

Trojan.Agent/Gen-Cryptor[Egun]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP918\A0118438.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP919\A0119105.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP920\A0119737.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{ECE42D92-315C-418E-8F32-95DC4FF2BBEF}\RP921\A0120362.EXE

Trojan.Agent/Gen-Cryptor[Egun] = generic detection/generic tech

This could be a detection, could be a FP. Get me the files and I will tell you for sure.

C:\SYSTEM VOLUME INFORMATION\_RESTORE = system restore

Note that these detections were not mirrored in the actual working file system. This indicates that no actual infection was killed.

[joelj1964]

I am well aware of the cookie scenario and MBAM's decision not to detect such. I post the entire log file however without any edits. It is the accumulation of all missed threats. Nevertheless, I will not report further logs. You may close this topic for me. Thanks and happy surfing!!