Good to see they're continuing to develop this. I wonder how close they are to going "final" and does anyone know if they plan any integration with MBAM?
It may matter with regard to the license and support - typically beta products are "use at your own risk". Coming out of beta and declaring a product "gold" or "final" usually implies greater confidence in the software's safety and effectiveness. They could start charging for it too.
It matters cause many people will not use a beta product. More bugs/incompatibities/improvements are less likely to be found and eliminated. And the product does not gain better reputation cause it appears to be unfinished for a long time. Just my 2 cents...
I just tried it a few hours ago, and it managed to detect the fact that I have my logoff menu displayed as a "potentially unwanted modification". The same warning was given because I disabled Windows automatic updates. IMO, this is bad behaviour from an anti-rootkit software.
No problem Why? Rootkits can disable Windows updates etc if they like. IMO, an anti-rootkit tool should not only delete the rootkit, but also it's traces, restore modifications etc. It's also labeled as potentially unwanted modification. So they don't label it as malicious, not even unwanted, but potentially unwanted, what's the problem?
As long as no actual rootkit infection was found, I see no reason for such "leftover" detection. Because both of the modifications were selected at the end, and a click on the "Next" would have reset them, even though they are not malicious. I am experienced enough to know what "potentially unwanted" means and to investigate further, but I'm not sure everyone knows how to do that.
That's precisely why these things need to be detected and restored, since most users are not experienced enough to know if their Windows Update is disabled or not. You as an experienced user might not want Windows Update, but for sure non-experienced users should be alerted about that as a potential problem.
It seems that you have a certain view about what is and what isn't a threat, and I don't agree with that view. You will continue along this path, and I will continue not to use your software, and so everybody will be happy!
Actually it's not referred to as a "threat" but as a "potentially unwanted modification". It's actually quite clear and easy to recognize the difference. I fail to see how this is even an issue. It's not even specific to Malwarebytes Anti-Rootkit as the entire AV/AM/Security industry uses the term "potentially unwanted" and more and more security products and malware cleaners nowadays restore OS modifications typically made by malware.
I'll try to explain it in more detail, maybe it helps... What is wrong with this picture? (red underline is mine) 1. Two malware items detected! Configuring my Windows XP in a different way than the default one qualifies as malware? I guess not. 2. PUM.Hijack.StartMenu is misleading. First, there is no mention inside this window about the fact that PUM means "potentially unwanted modification"; I had to look that up on the internet. Second, Hijack implies that something took control of my Start Menu, which is again not true; it is just a setting I made. 3. PUM.Disabled.SecurityCenter refers to a registry key that disables update notifications, which also can hardly be qualified as malware. In conclusion, an anti-rootkit tool should detect and clean rootkits and not some user made configuration changes. While I agree that some malware/rootkits can modify those setting, if there is no other information about a potential infection on the system, it is stupid to report them to me as malware.