I finally got around to running this tool on my XP box. I have always been a fan of MBAM. It's tools like this one from MBAM, and interviews like the one Ron posted, that make me believe that MBAM is without a doubt the creme de la creme of security scanners.
Strange, but when I check the saved log it showed that it updated... Malwarebytes Anti-Rootkit BETA 1.05.0.1001 www.malwarebytes.org Database version: v2013.04.13.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 6.0.2900.5512 ***** This line deleted because of identifying details***** 14/04/2013 12:29:16 AM mbar-log-2013-04-14 (00-29-16).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 25284 Time elapsed: 33 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
Hi Using Malwarebytes Anti-Rootkit BETA http://forums.malwarebytes.org/index.php?showtopic=127355 http://forums.malwarebytes.org/index.php?showforum=116 http://www.malwarebytes.org/products/mbar/
No problem with the latest beta: Malwarebytes Anti-Rootkit BETA 1.06.0.1003 www.malwarebytes.org Database version: v2013.06.13.07 Windows XP Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.18702 ***** This line deleted because of identifying details***** 14/06/2013 4:59:01 AM mbar-log-2013-06-14 (04-59-01).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Deep Anti-Rootkit Scan | PUP Objects scanned: 227764 Time elapsed: 24 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end)
Forgive me if this has been answered before, but will this be integrated into MBAM when it is out of beta? I've heard MBAM isn't the best at removing rootkits.
They don't give a direct download link, but once downloaded you can view the source website of the download and you can edit the version number in the link -http://data-cdn.mbamupdates.com/v1/mbar/beta/data/mbar-1.06.0.1004.zip-
The download is an EXE - is this the first version with an installer? Edit: It's not a typical Windows installer. It extracts the files to the directory of choice and then runs mbar.exe. That's a little easier than the Zip file of the earlier versions.
This time I got extracted files... But, I blocked this from connecting...because it is Facebook. Scan is running, now...
Scanning recommenced after I disabled Inbound Firewall Protection in DW. It had to be something I forgot about.
Scan Finished: Malwarebytes Anti-Rootkit BETA 1.07.0.1005 Database version: v2013.08.24.02 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 Gerard :: 24-8-2013 14:23:17 mbar-log-2013-08-24 (14-23-17).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 276958 Time elapsed: 15 minute(s)