Malwarebytes Anti-Malware 2 released

We've ran into a bug with the engine and went back to another beta. Unfortunately that sets us back 1-2 weeks. I said May 12th was an estimate, and so is the 1-2 weeks statement I just made .

 

It will be soon!

 

Do you mean always checked as a new install default consumer-premium setting from the developers?

Unlike other malware in the wild, rootkits as a rule show up statistically with much less frequency in real life malware removal forums. The MBAM2 rootkit database has not required an update since the end of March 2014.

In practice you would do well scanning for rootkits only when actually intrusion is suspected, otherwise scan once as a post install wellness baseline check, otherwise your routine scans will unnecessarily and hence understandably be slowed.

HTH

 

Due to how infrequent I scan my system, a routine checkup just surprised me with BSODs: https://forums.malwarebytes.org/index.php?showtopic=148705

It's not actually the first time this happened, now that I think about it. Last time with I believe the previous version of 2.0, a BSOD also occurred, but I didn't make the correlation then.

Back to the trusty old version 1.75 for now.

 

Playing with 2.0.1

Overhead
Five IE11 program launches on Win7 32 bits: first one without MBAM, second one with MBAM. In the early 80-ties, a response within 3 secs was the maximum for on-line, real time systems. Today everything over a second feels as a delay. Must be the fact that PC's become faster and faster. Looking at the plain facts (at my PC) heaviness of MBAM is half of the average Antivirus. Most AV's add 0.2 seconds to startup delay, while MBAM adds less than 0.1 seconds. I do not have a 1.7x version anymore, so can't show results of older MBAM, but I doubt those would be lower. Some AV's use delayed checking which decreases startup delay to below 0.05 secs on my rig. But less than 0.1 delay with 'straight' blocking is quite impressive on my old Pentium E5200 dual core.

C:\Program Files\Internet Explorer\iexplore.exe - 5 executions
0.4216
0.3902
0.3126
0.3123
0.3123

C:\Program Files\Internet Explorer\iexplore.exe - 5 executions
0.4217
0.4060
0.4060
0.4060
0.4060

Scans
Hyper scan takes 3.2 minutes while HitmanPro takes less than 30 seconds (first generation SSD - Sata300 Mobo).

Problems
First step of scans, makes system unresponsive. Cancelling scan, freezes system completely. Only workaround seems to "just" scan, with no other input from user or activity by other programs = old fashioned (pre-multi core CPU age) workaround: scan and take a break.

CPU usage in first step is >50%, it fully locks one of the two cores completely (so one core with near 100% usage).

 

Is it possible than MBAM relies on some stupid uninstall string in registry?

HKLM "SOFTWARE\microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1"

i noticed significant issues on services - full path to eg. mbmab scheduler.exe wont set right
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MBAMScheduler
which results in missing protection (premium)

if so you guys cant be serious?

 

Re RAM:
Heaviness of MBAM is double of the average Antivirus
Heaviness of MBAM is quadruple of the average Antivirus

 

Sometimes the fact is overlooked that Malwarebytes Anti-Malware never has been, is not now, nor will it be, an anti-virus application. Even though significant overlap can and will exist, anti-virus programs, and MBAM, are meant to compliment each other. That is why it is difficult, if not downright impossible, to successfully compare MBAM with quality anti-virus applications.

HTH

 

Above are known to the users.
I suppose that post #530 & #532 refers (and compares) to heaviness, not the capabilities.

 

Well, it's not an AV, not a HIPS, not an antiexecutable, not an "appguard" -- so, what exactly is MBAM?

 

Marcin, and the other original developers, chose to call it Malwarebytes Anti-Malware.

I mean no disrespect for any who come our way, but perhaps that is the best description we will ever need.

 

Most PC's sold afer 2010 have 1024 MB of memory or more. So when you run a 32 bits OS on a PC with less than 4GB memory, you should be fine. Today my phone has more memory as a mainframe in 1980. In the past memory usage was a standard for heaviness. Today program startup delay, internet traffic delay, data copy delay, memory spikes, bulk data access (spikes to HD) and to a lesser degree boot delay are indicators of what makes a program feel heavy

In 1980 our developteam was very happy with the fact that the main memory restriction was increased from 16kb to 256kb (for one of the largest banking corporations in the Netherlands). This meant that we could use Cobol in overlays, in stead of using assembler. So we decided to use assemble routines for data access and from now on used Cobol for 'ordinary' data manipulation.

 

I think MBAM should enter antivirus test when it is used on top of Windows Defender (on Win 8 and higher) using IE as 'window' though the internet. Although MBAM is not an AV replacement, I think WD + MBAM is.

 

Though some A-V products may intentionally disable WD by design, a quality on-access anti-virus application + WD + MBAM Premium would hold a much more attractive beginning for myself. I guarantee others may not agree.

 

I think calling MBAM an "anti-malware" app is fine but it doesn't much matter what it's called. MBAM is defined by the malware it catches in comparison to other security apps. It consistently detects and removes stuff that AVs miss or can't remove. When I do system cleanup the only thing I regularly use along with MBAM is Hitman Pro because it covers the spectrum a little differently and catches things that sometimes get by MBAM.

 

https://helpdesk.malwarebytes.org/e...bytes-Anti-Malware-replace-antivirus-software-

 

I found MBAM fairly heavy personally. Also, install something to monitor HTTP/S dropouts, and you will see MBAM causing spikes in dropouts during Port80 activity. This has been confirmed, and I verified it was happening for me as well. To me, Mbam 'feels' fairly heavy, and slows boots quite a lot. To the point I ditched it, and went with an AV product that has 'effective' PUP/PUA deteciton (Eset). Which is really the only reason I wanted MBAM anyway.

I think they need to lighten the product up a whole lot.

 

Test it yourself. I haven't tested it lately.

http://www.thesycon.de/deu/latency_check.shtml

Latency with MBAM Website Blocking ON.
https://forums.malwarebytes.org/uploads/monthly_10_2012/post-119038-0-43200200-1350101753.jpg

With it OFF.

https://forums.malwarebytes.org/uploads/monthly_10_2012/post-119038-0-54336700-1350101768.jpg

 

Not seeing what you are, here are my tests with MBAM protection on and off.

 

Don't find it that heavy either, as you can see EIS uses way more ram than MBAM>

 

2.0 or 1.75? The latency issue was in 1.75 last I checked. I will re-check, but curious to see if they fixed it.

 

2.0.thought thats what you were talking about as this is the 2.0 thread.

 

Tested the Latency on MBAM 1.75 with website blocking on and off. Similar results as DoctorPC
mentioned. Haven't tried MBAM 2.0 yet. Prefer 1.75 until they get 2.0 issues resolved.
Also couldn't get MBAM to update from 1.75 to latest 2.0 version.

 

@digmor crusher: It looks like you could forecast global weather and future U.S presidential elections with your system's unallocated resources...

 

Seems like it's stable now.
http://downloads.malwarebytes.org/file/mbam is giving 2.0.2.1012 (latest beta).