Jump to content

mbam4ever

Honorary Members
  • Posts

    22
  • Joined

  • Last visited

Everything posted by mbam4ever

  1. LoL that's pure gold. I killed the new installation file once, I'll see how many times it comes back. As far as toying with the registry... If there's a key that needs some manual tweaking. That's fine with me. I know what I'm doing.
  2. That makes sense, no rush. I guess if I find the downloaded package I can simply nuke it? I didn't have a positive experience with 3.0 and I want to give it more time to mature before I try it again.
  3. I stand corrected. It doesn't jump on the eyes but you are absolutely right. (...)I have tried Malwarebytes 3.0 but want to go back to MBAM 2.2.1 If for whatever reason you want to downgrade to MBAM 2.2.1 and wait for a new version of 3.0, you can do so easily. Simply uninstall Malwarebytes 3.0, reboot and then download and install MBAM 2.2.1 from here.
  4. Thanks - adding it to 2.X FAQ is a more than fair alternative. https://downloads.malwarebytes.com/file/mbam_2x
  5. ^The gain in bugs got me back to 2.x... Nevermind running faster, I'll give another try to 3.x once it learned how to walk without falling
  6. Hi there, Having known and already reported issues with 3.0 I decided to revert back to 2.X I couldn't find the previous version on Malwarebytes site. If it's there... It's not obvious to find. Reverting back to 2.X was not a simple install over. I'm not backed up running 2.x and happy again. Can you add to the 3.0 FAQ a download link to the last stable 2.x version and maybe a small description of the procedure to downgrade to 2.X? Thanks
  7. Add me to the list of affected users. :-( Web Protection in the GUI stays at STARTING and never starts. Then Real-Time Protection Layers turned off shows up in the notification tray.
  8. Thanks again for your reply. I just noticed the advanced settings for EP For now I tend to vote for EMET as the main exploit mitigation tool as it is more "time proven" (at least in term of stability) I will use 3.0EP only for my browsers and see how it goes over time.
  9. Thanks for your reply Durew, I know EMET and 3.0EP are not using signatures, that's why I used "Module" as even libraries could have been also confused with Signatures. I'm curious to know more about how to run them both without conflicts. As of now EMET prevented launching every processes enabled in both EMET and 3.0EP. I didn't research much about the levels of protection offered by 3.0EP. Its GUI only provide a single ON/OFF per process/programs. Compared to EMET that has a checkbox for every of the 14 types of attacks. EMET is more tweakable when it comes to misbehavior with a given process/program.
  10. News flash... EMET does not let me open WinWord when 3.0EP is enabled for WinWord. Disabling EP for winword solved the problem. Which partially answer my question. ie EP and EMET (option 3 above) is not a good idea at least when they are both monitoring the same processes. I guess I will opt for the one that is updated the most often and includes more current attacks. EMET is updated more or less once a year. What about the Malwarebytes EP module? (I know malware signatures are updated almost everyday)
  11. Hello guys, Sorry if it's a repost, I searched the forum "Malwarebytes 3.0" for EMET and the search engine returned most of pre 3.0 results. I'm a long time EMET user currently running 5.51, now that 3.0 comes with some sort of EP. I wonder. I had very little issues with EMET. Since I installed 3.0 (yesterday) I now have EMET who wants to sends a report to MS. WinWord is not even running. -<Exploit Code="7"> <App>C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE</App> <Module>C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE</Module> <Registers ESP="e2f3d0" EBP="e2f45c" EDI="e79a68" ESI="1" EDX="0" ECX="b0c78311" EBX="6df7f1c3" EAX="0"/> (...) </Exploit> So what's is the best bet for the better blend of performance, stability and security. 3.0EP without EMET EMET without 3.0EP or EMET + 3.0EP I'm not a fan of running real time protection from different companies in parallel... Always a good recipe for conflict and instability.
  12. Hello, I have been a very long time user of MBAM. I bought my lifetime license a while ago. I'm running VMWARE on my main PC on which I dared to also activate a second instance of my single MBAM license. I know, I know 1 license... Two PCs, that's an official no go. But up to 2.1.8 it never been a problem. Both instances were running "registered". After upgrading to 2.2 on the VM instance, the lincense police kicked in and reverted it to limited Free. Well - OK... fair enough On what based 2.2 is considering a license legit? Do I have to I have to de-activate it and re-activate it? When I bought my initial license, it was activated on a laptop that got stolen. I re-installed/re-Activated on the new/current PC using my printed records. So technically it is still activated on the stolen PC and on my current one. I don't want to also lose the legit one so I still run 2.1.8 on my main PC. Shame on me but what should I do?
  13. Sorry for the missing log and extra work you had to do. From now on I will include /developer log Many thanks for the blistering fast support.
  14. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Database version: v2013.01.21.09 Windows XP Service Pack 3 x86 NTFS Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P \Internet\Serv-U\ServUDaemon.exe (Backdoor.ServU) -> No action taken. \Internet\Serv-U\ServUTray.exe (Trojan.Ransom.ANC) -> No action taken. Serv-U.zip
  15. I've recently reported this FP providing a single exe sample. The following signature update GREATLY improved the FP rate. Now only few of the EXEs are still flagged with trojan.banker This time I've included all the exes (only 7 of them) Many thanks for your quick response. Trojan.Banker_In_Some_Delphi_6.0_exes.zip
  16. (oups no edit possible) To be more precise - theses FP are on EXEs I compiled myself few years ago. And here's the compiler options from the .cfg file -$A8 -$B- -$C+ -$D+ -$E- -$F- -$G+ -$H+ -$I+ -$J- -$K- -$L+ -$M- -$N+ -$O+ -$P+ -$Q- -$R- -$S- -$T- -$U- -$V+ -$W- -$X+ -$YD -$Z1 -cg -AWinTypes=Windows;WinProcs=Windows;DbiTypes=BDE;DbiProcs=BDE;DbiErrs=BDE; -H+ -W+ -M -$M16384,1048576 -K$00400000 -LE"\program files\borland\delphi6\Projects\Bpl" -LN"\program files\borland\delphi6\Projects\Bpl"
  17. Hello, Suject says it all... Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Database version: v2013.01.19.06 Windows XP Service Pack 3 x86 NTFS Trojan.Banker_In_All_Delphi_6.0_exes.zip
  18. MBAM is currently the only one in VirusTotal to report. (It was submitted for the first time few months ago, back then 5 other products reported something) None of the 41 engines in metascan reported something. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Database version: v2012.12.29.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Protection: Disabled 2012-12-29 17:05:49 Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File System | P2P Objects scanned: 231797 Time elapsed: 7 second(s) Files Detected: 1 C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateDrv.exe (Trojan.Agent.Gen) -> No action taken. [25faaa3aa0bda294ab0cea7d49bae719] UpdateDrv.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.