Jump to content

Version 0.63


Recommended Posts

Hi Marcin, Bruce, hi everyone,

Just a small update with minor improvements. Released it because of that memory leak. Also some settings were not working correctly. Comments and suggestions open in this thread as always.
LOL

I don't know why you say there just minor improvements as, the results are impressive!

My last tests were v0.62 / DBv109 /5236 fingerprints Quick scan gave a "rootkit"!

Thanks for the explanations regarding this "0-byte rootkit" which was a file added by MBAM and not deleted, for some reason!

By the way Bruce, I know how to run a Developer scan and I'll do this in case of another FP!

~~

Today,

- upgraded to v0.63 -> surprisingly, my v109/5236 database went back to v105/5218

Latest News still blocked at v0.61

- update -> MBAMv0.63 DBv110/5272 fingerprints

- Quick Scan -> 4 minutes 56 seconds for 10,092 objects -> fine!

- Full Scan -> 47 minutes 7 seconds for 70,584 objects -> 13 infected files ! ie big improvements for my personal case!

My previous infectious files were caught by MBAM except that in the meanwhile, I had added another one! :D

Here's my log:

Malwarebytes' Anti-Malware Version 0.63

This logfile was saved before the removal process.

Database version: 110

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 13

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\G

Link to post
Share on other sites

False positive detection of atl71.dll (ATL Module for Windows (Unicode)?

Malwarebytes' Anti-Malware Version 0.63

This logfile was saved before the removal process.

Database version: 112

Files Infected:

C:\WINDOWS\system32\atl71.dll (Adware.Accoona)

virusscanjotti is 100% clean:

atl71.dll

MD5: 8f2097e8b174f38178570c611464935f

Link to post
Share on other sites

mbam 0.63 database:112 fingerprints:5314 did a quick scan and mbam 0.63 found this Malwarebytes' Anti-Malware Version 0.63

This logfile was saved before the removal process.

Database version: 112

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\atl71.dll (Adware.Accoona) -> No action taken.

and also during the scan comodo firewall 2.4 went off and says this :D Date/Time :2007-08-02 17:49:53Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (sched.exe)Application: C:\Program Files\AntiVir PersonalEdition Classic\sched.exeParent: C:\WINDOWS\system32\services.exeProtocol: TCP OutDestination: 127.0.0.1::18350Details: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe modified the memory of C:\Program Files\AntiVir PersonalEdition Classic\sched.exe in memory. :D Date/Time :2007-08-02 17:49:07Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (MSNAccel.exe)Application: C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exeParent: C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exeProtocol: TCP OutDestination: 65.54.154.20::32769Details: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe modified the memory of C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exe in memory. :D Date/Time :2007-08-02 17:49:05Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (MSNAccel.exe)Application: C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exeParent: C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exeProtocol: UDP OutDestination: 65.54.154.20::33607Details: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe modified the memory of the Parent application C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe in memory. Date/Time :2007-08-02 17:48:45 :( then i opend iexplorer to come here and comodo goes off again and says :) Date/Time :2007-08-02 17:55:09Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (MSNAccel.exe)Application: C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exeParent: C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exeProtocol: TCP OutDestination: 127.0.0.1::2983Details: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe modified the memory of C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exe in memory. :) Date/Time :2007-08-02 17:55:01Severity :HighReporter :Application Behavior AnalysisDescription: Suspicious Behaviour (iexplore.exe)Application: C:\Program Files\Internet Explorer\iexplore.exeParent: C:\WINDOWS\explorer.exeProtocol: TCP OutDestination: 127.0.0.1::9022Details: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe modified the memory of the Parent application C:\WINDOWS\explorer.exe in memory. Date/Time :2007-08-02 17:53:45 after i used ccleaner comodo stoped the popups :)

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.