Malwarebytes

D-Dan · May 10, 2009, 17:32:06

For information, I've just posted the results of my latest testing roundup over at TechSupportAlert ( http://www.techsupportalert.com/best-free-adware-spyware-scumware-remover.htm ) and MBAM did less well this time, owing to inadequate built in protection against termination.

I'll be re-testing shortly to see if it improves, but for now, my 2nd place recommendation has changed. Top spot still goes to SAS.

Steve

Rik · May 10, 2009, 17:38:43

There's a formatting problem in the last paragraph, Steve (old typographers never give up!

):

QuoteAnd as always, let common sense guide you. Don't run a program from an untrusted source, and don't visit websites <para break here needs removing>
where infection is likely. You should also beware of popups from programs that you haven't installed, some of the fake anti-spyware I managed to pick up in my browsing sessions was surprisingly convincing. Remember, sometimes malware will scream into your face that it is there. It will just not tell you what it really is

Interesting.

D-Dan · May 10, 2009, 17:49:25

I know - I spotted it after putting it up - noted to fix when I start adding screenshots. There's also a full stop missing in the introduction, that you missed

Steve

Rik · May 10, 2009, 17:51:19

I was trying not to be too picky.

D-Dan · May 10, 2009, 17:54:19

You could have tried harder and not noticed the para break too

Rik · May 10, 2009, 17:56:25

That shouted.

D-Dan · May 10, 2009, 18:00:18

OK - both errors fixed

Rik · May 10, 2009, 18:01:43

Noreen · May 28, 2009, 10:30:00

I noticed this post on the American forum to which I belong and thought that it may be of interest, it's talking about the latest version.

QuoteJust a "heads-up" about this release...

I've been running NOD32, version 3.0.684 along with MBAM for some time. After the upgrade, the computer would freeze at Windows unless, MBAM's real-time protection was disabled. Starting the real-time protection module after booting was fine and presented no problem but if both NOD32 AND MBAM loaded on startup...freeze. Several other users have experienced the problem as well. The code on the front-end of the new version of MBAM was completely re-written so they don't really know right now where the conflict point is.

The solution for me was simply to upgrade NOD32 to the 4.0 (4.0.437.0) version. Once done, everything back to normal.

Rik · May 28, 2009, 10:31:54

Interesting, thanks, Noreen.

karvala · Oct 01, 2009, 23:32:22

Having been recently infected with the deadly virut infection, which has been king of the virus jungle for over a year now and remains widely regarded as the most dangerous file infector out there, I would like to give a further comment and recommendation here in case anyone else is unfortunate enough to get hit with this. The security experts I talked to all told me virut was a death sentence, and reformat and reinstall was the only way to go. That wasn't an option for me, and I had some backup images to play with, so I tested a few things, including Malwarebyes anti-malware (MBAM). AVG first of all scanned the file that contained the original infection, and passed it as clear

; this is why I executed it in the first place and got the infection. Thereafter, as the infection quickly started invading and corrupting all of the executables on the system it could find, AVG flagged them up as the infection spread, but simply offered to delete them, which would neither stop the infection in its tracks, nor help the system, since these were essential system files.

I ran MBAM, and I'm sorry to say that it was also completely ineffective against virut, not even identifying the corrupted executables as having a problem (when even a simply CRC check would demonstrate had been infected!). I've used it before against other types of viruses, and it's been pretty good, but it was completely hopeless in this case. Avira and Kaspersky were also little better. Then I came across one tool which had I not seen enough positive references to it in regard to this toughest of infections, I would normally have assumed was fake software based on it's origin (little known Russian developer), it's seemingly limited interface and configurability and it's awful name: DrWeb CureIt! However, this alone of all programs that I tried not only could detect the infected file before it was executed (with an on-demand scan; no resident protection I'm afraid), but also actually reverses the damage on the infected files (some misinfected files are beyond repair, but even for these the cure removes the offending code and renders the file harmless). With that (being run from another OS, with the infected drive as a slave), and subsequently the Windows system file protection utility (to repair any files that were misinfected and could not be properly cured), the system could not only be cleaned, but actually made bootable and usable again. It's actually rather good against other infections too, I should add. So, if you're ever hit with the nasty virut infection (and it remains prevalent, so it could still happen), try DrWeb CureIt!; you might be pleasantly surprised. Of course, I hope none of you ever need to.

Simon · Oct 01, 2009, 23:38:35

Thanks for the recommendation. I've also read good reports of Dr Web on Wilders, but haven't had the need to try it myself, thankfully!

Rik · Oct 02, 2009, 09:01:55

Available here:

http://www.freedrweb.com/

quandam · Oct 02, 2009, 16:03:28

Ran it on my laptop out of interest and using the express search it found a 'Trojan Loader' immediately. Seems pretty good

Rik · Oct 02, 2009, 16:05:53

Thanks, Q. Maybe I should try it...

quandam · Oct 02, 2009, 16:12:37

Worth a try Rik and simple to use

which suits me

Rik · Oct 02, 2009, 16:14:57

I like simple too.

glen · Oct 02, 2009, 16:16:26

Quote from: quandam on Oct 02, 2009, 16:03:28
Ran it on my laptop out of interest and using the express search it found a 'Trojan Loader' immediately. Seems pretty good

As long as it's not a false positive.

Rik · Oct 02, 2009, 16:19:48

I note they do a link checker too, which scans a site before you visit it. For Firefox:

http://www.freedrweb.com/browser/mozilla+firefox/

For IE:

http://www.freedrweb.com/browser/internet+explorer/

For Opera:

http://www.freedrweb.com/browser/opera/

somanyholes · Oct 02, 2009, 17:06:18

have no real need for the app it'sself, but going to try the live cd which could be handy for checking other systems, thanks for the info.
http://www.freedrweb.com/livecd/

somanyholes · Oct 02, 2009, 17:08:01

this might be of interest https://addons.mozilla.org/en-US/firefox/addon/938

Rik · Oct 02, 2009, 17:21:27

It gets the same addon as I've linked to above, So.

quandam · Oct 02, 2009, 17:46:53

Tried the express scan on the desktop and it found another one. I have several AV progs and use them usually twice a week without fail and none of them have found anything. Impressed so far

Rik · Oct 02, 2009, 17:50:12

Good to hear, Q.

Glenn · Oct 02, 2009, 17:55:30

All clean here.