Malwarebytes Anti-Malware Updates

Discussion in 'other anti-malware software' started by puff-m-d, Nov 14, 2016.

  1. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,385
    Location:
    The Netherlands
    Any comments on the latest SE Labs test? Malwarebytes performed quite poorly. :doubt:

    And I know that Malwarebytes claims it can actually block lots of malicious URL's, like that's what you buy an AV for LOL. I can already block those malicious URL's with for example uBlock and Google Safe Browsing! An AV should simply identify and block malware when it's saved to disk. And seems like Malwarebytes isn't really good in doing that.

    https://www.wilderssecurity.com/thr...-protection-jul-sep-2020.433463/#post-2959459
     
  2. plat1098

    plat1098 Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    1,067
    Location:
    Brooklyn, NY
    Well, I was looking at future Insider builds and came across this item concerning Malwarebytes' Web Protection:

    mb insider issue.PNG

    Source

    Hopefully users are familiar already and aren't barking up the wrong tree trying to fix the network connection problem.
     
  3. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    Last edited: Oct 27, 2020
  4. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    Malwarebytes for Windows 4.2.2.95 - CU 1.0.1091 has been released today.

    Announcement and release notes: https://forums.malwarebytes.com/topic/263168-malwarebytes-42/?do=findComment&comment=1416969

     
  5. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,901
    Location:
    Among the gum trees

    Attached Files:

  6. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    Last edited: Oct 29, 2020
  7. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,901
    Location:
    Among the gum trees
    https://forums.malwarebytes.com/topic/263168-malwarebytes-42/?do=findComment&comment=1418707
     
  9. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    146
    just updated MB free noticed use expert system alogrithms to identify malicious files was disabled. i assume this should be enabled? thanks for your help
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,084
    Location:
    USA
  11. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,907
    Hi,
    Does anyone know whether Malwarebytes had been giving false positives about NanoCore.Backdoor ?

    I see the following thread on their forum:
    https://forums.malwarebytes.com/top...itive-nanocore-ccme_asymdll-and-ccme_basedll/
    But those are others files.

    Last night malwarebytes free gave me suddenly several warnings about NanoCore.Backdoor while doing an on-demand scan.
    System: Win 7 Pro 64-bit, Dutch.
    The warnings were about reg keys and three files.
    Those three files:
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\FREN\MSB1FREN.DLL
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\GEEN\MSB1GEEN.DLL
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\WTSP61MS.DLL

    As far as I know those are all legit, old MS files.

    I got no warning from my Eset Internet Security.

    I picked one of those files and scanned it at VT. Zero warnings at VT.
    This file:
    C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\GEEN\MSB1GEEN.DLL
    Checksums:
    The file C:\Program Files (x86)\Common Files\microsoft shared\TRANSLAT\GEEN\MSB1GEEN.DLL has the following Checksum(s)
    MD5 - 5537FEE1E2E270B6103DCBBAF6A78D5C
    SHA-160 - 7E7F8F1741BDA1A5204AA23AC6F9FBB1931F61C5
    SHA-256 - 01EDFCD8FA0E402EADDC37D98224D373F1C22BDB90C1E7E521A3AAC2854FE647

    PS:
    I had just upgraded to malwarebytes free version 4.2.3.96 via its internal updater.
    In the meanwhile I have restored a back-up image yesterday, just to be sure.
    Upgraded again, scanned, no warnings.
    I wanted to watch TV last night so stopped looking further at it.
    I'm going to scan again later with both Eset and MBAM.

    Here you see a screenshot of the properties tab of that file

    MBAM_MS_2020-11-08_01.png
     
  12. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,539
    Location:
    Outer space
    Tried a standard scan with Expert system algorithms enabled on 3 different machines, no false positives.
     
  13. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,907
    I was wrong here; sorry! I must have been doing that too quickly when I really wanted to watch TV last night.

    Scanned again with Malwarebytes free :
    Version: 4.2.3.96
    Components Version: 1.0.1104
    Update Package Version: 1.0.32618

    All those same reg key- and file-warnings are still there: NanoCore.Backdoor

    I will give here now those three file warnings with their checksums.
    All three files were scanned at VT: zero warning.
    Full scan with my Eset: no warning.

    Here you go:

    1.
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\FREN\MSB1FREN.DLL
    Checksums:
    MD5 - 8034E5B2A572B525DF441F1AE172B344
    SHA-160 - 1CB04641EFD4E8D857FCAB63022CD890551174E0
    SHA-256 - C70943557F14338170AF8E7ACC1E527C6F5B49191F8DD80939CD1469D49B8DD1

    2.
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\WTSP61MS.DLL
    Checksums:
    MD5 - 86CC13EE1D093AB7D8C409396F256EE3
    SHA-160 - 331BAA47778AF13C2F03A2C84F77BFF00B43128E
    SHA-256 - 7043A6F05C96B44FB3CBF51E434F20D4F5BFE6B7C72375A311B940B6E5B4BFBC

    3.
    C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\TRANSLAT\GEEN\MSB1GEEN.DLL
    Checksums:
    MD5 - 5537FEE1E2E270B6103DCBBAF6A78D5C
    SHA-160 - 7E7F8F1741BDA1A5204AA23AC6F9FBB1931F61C5
    SHA-256 - 01EDFCD8FA0E402EADDC37D98224D373F1C22BDB90C1E7E521A3AAC2854FE647
     
  14. topo

    topo Registered Member

    Joined:
    Nov 11, 2013
    Posts:
    146
    victek, thanks for your reply. will leave disabled until MBAM gives it the green light
     
  15. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    Malwarebytes for Windows v4.2.3.96 - CU 1.0.1112 BETA was published 11-November-2020.

    Announcement: https://forums.malwarebytes.com/topic/262752-malwarebytes-42-beta/?do=findComment&comment=1420160

     
  16. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,748
  17. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    3,907
    In reply # 2536 and reply# 2538 I posted about FP's called NanoCore.Backdoor.
    A few days later it was suddenly called Nimnul.Virus.FileInfector.DDS

    I'm glad to tell that a scan today didn't give anymore warnings.
    That scan was done with:
    Version: 4.2.3.96
    Components Version: 1.0.1104
    Update Package Version: 1.0.32862

    Thanks!
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,382
    Location:
    Slovenia
  19. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    If the current release version of MB4 (v4,2,3,96 - CU 1.0.1104) has impacted your system's ability to print and you have not already permitted MB4 to download the latest Beta (CU 1.0.1112), please consider permitting the CU 1.0.1112 Beta update followed by a system restart. Then, please post your results.

    Thank you.
     
    Last edited: Nov 15, 2020
  20. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,084
    Location:
    USA
    After installing the beta update printing has returned to normal on my system. Thanks!
     
  21. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    8,901
    Location:
    Among the gum trees
  22. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
    Malwarebytes for Windows v4.2.3.96 - CU 1.0.1119 BETA was published 18-November-2020.

    Announcement: https://forums.malwarebytes.com/topic/262752-malwarebytes-42-beta/?do=findComment&comment=1421794

     
  23. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    1,083
    Location:
    North of the 38th parallel.
  24. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    6,748
    Malwarebytes for Windows v4.2.3.96 - CU 1.0.1122 has been published 23-November-2020.
    https://forums.malwarebytes.com/topic/263168-malwarebytes-42/?do=findComment&comment=1422880
     
  25. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    39,333
    Black Friday Deal: Get 50% off Malwarebytes Premium, 25% off Teams
    November 24, 2020
    https://www.bleepingcomputer.com/ne...ff-malwarebytes-premium-25-percent-off-teams/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.