MJ Registry Watcher - Little Update 1.2.7.2

Discussion in 'other anti-malware software' started by Graphic Equaliser, Mar 11, 2011.

Thread Status:
Not open for further replies.
  1. Graphic Equaliser

    Graphic Equaliser Registered Member

    Joined:
    Nov 5, 2004
    Posts:
    411
    Location:
    London England UK
    I have just updated MJRW to 1.2.7.2 at http://jacobsm.com/mjsoft.htm

    Changes are :-

    Changes 1.2.7.1 to 1.2.7.2
    1) Now ignores changes due to the case of letters being changed. Windows is case-insensitive.
    2) Corrected exemption of filespecs with wildcards - these now work correctly.
    3) Allowed MJRW to initialise properly when launched with Windows Task Scheduler.
    4) Made watchdog process minimise more quickly at launch.
    5) Added several new alert sounds to the package.

    Enjoy!
     
  2. soccerfan

    soccerfan Registered Member

    Joined:
    Oct 15, 2007
    Posts:
    167
    Thanks Graphic. One of my favourite apps :thumb:
     
  3. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Thanks for the update..:)
     
  4. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Very useful Tool! :thumb:
     
  5. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Many thanks GE!! :D
     
  6. Graphic Equaliser

    Graphic Equaliser Registered Member

    Joined:
    Nov 5, 2004
    Posts:
    411
    Location:
    London England UK
    A slight update - apparently arwwdwin.exe was reported by 10 out of 43 virus checkers as malware at virustotal.com. I checked and verified that these are definitely false positives. So, I shuffled a couple of lines of code around (with no effect on functionality) and recompiled it. The new version of arwwdwin.exe is now only reported by 3 out of 43 as malware, and one of those (Bitdefender) previously did not report it. These are definitely false positives, since all 3 PCs I compiled it on produce the same executable. What more can I do? :doubt:
     
  7. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    Can you UPX scramble the .exe? I do that with some Nirsoft utilities that I use on systems where I can't set exclusions in the Antivirus.
     
  8. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Hi,
    Actually after the last update Bitdefender engine was the first to detect it and then came detections from other engines. I personally submitted FP to Bullguard (using BD engine) and they fixed that to BD. Now after this update BD again started detecting it. Don't bother I will again submit that FP to them...:)
     
  9. Graphic Equaliser

    Graphic Equaliser Registered Member

    Joined:
    Nov 5, 2004
    Posts:
    411
    Location:
    London England UK
    Thanks sg09. I have tried several combinations of juggling lines, variables around and the result is that there are always 3 checkers reporting it as malware. They are :-

    BitDefender 7.2 2011.03.19 DeepScan:Generic.Malware.P!.23A6C366
    F-Secure 9.0.16440.0 2011.03.19 DeepScan:Generic.Malware.P!.23A6C366
    GData 21 2011.03.19 DeepScan:Generic.Malware.P!.23A6C366

    o_O :doubt: :doubt: :'( :p o_O :eek: :blink: :gack: o_O :cautious:

    They are deffo FPs and I am leaving it at that. Hopefully, they'll get their acts together and realise they are being over-paranoid! ;)

    Regards
     
  10. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Yeh! all 3 are using Bitdefender engine..:) Once the detection is removed from Bitdefender Virustotal will show you a clean result..:D
     
  11. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,713
    Location:
    Kolkata, India
    Bitdefender detection cured. Now only Emsisoft and Ikarus are detecting it.
     
  12. Graphic Equaliser

    Graphic Equaliser Registered Member

    Joined:
    Nov 5, 2004
    Posts:
    411
    Location:
    London England UK
    That's good to know. Hopefully, the others will update their signatures eventually and mark it as clean. Thanks for keeping an eye on things, sg09.
     
Loading...
Thread Status:
Not open for further replies.