Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Sep 2014, 10:34
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Malwarebytes Anti-Rootkit Beta
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [7 Posts]  
Author Message
xman


Joined: 24 Sep 2009
Posts: 145

PostPosted: Wed 12 Dec 2012, 03:18    Post subject:  Malwarebytes Anti-Rootkit Beta
Subject description: No full screen flash video and more
 

I downloaded and ran latest free Malwarebytes Anti-Rootkit Beta in my Windows machine some days ago. Mbar told that there is probably some rootkit activity because of some appinitdll's and asked permission to remove them. After scan I have to remove 'betterinstaller.exe' which was malware according Mbar.

Couple days later I found that I have problems with flash video when I use any Trident browser: no full screen. I found also browser periodically unresponsive. I run Microsoft Fixit, restored IE settings and removed couple of programs I have lately installed but problem remained.

Many hours later Mbar Beta was my primary suspected. I use restoration point which Mbar created when it removed 'bi.exe malware': No effect. Then I used earlier restoration point done by Microsoft update: Full screen was back. I installed all Microsoft Updates available and video was OK and browser responds.

Reliable Kaspersky Anti-rootkit utility TDSSKiller found nothing but stupid me. I ran again latest Malwarebytes Anti-Rootkit Beta and removed appinitdll's it asked to do but not 'betterinstaller.exe' which was now safe. IE full screen video was gone but I got it back after using Microsoft update restoration point.

Conclusion: bi.exe could be adware and rare antivirs detect it as adware according Virustotal, but Mbar was real malware which broke my system. It's okay because it asked my permission before it did it.
Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 718

PostPosted: Wed 12 Dec 2012, 05:41    Post subject:  

I regularly use Malwarebytes main product, MBAM. On a very few occasions it generated false-positives.

I use MBAM as a somewhat-paranoid second opinion for Microsoft's own-brand anti-malware.
Back to top
View user's profile Send private message 
cthisbear

Joined: 29 Jan 2006
Posts: 3414
Location: Sydney Australia

PostPosted: Wed 12 Dec 2012, 06:45    Post subject:  

Malwarebytes Antimalware Free is the Antz pantz.

As for the other ...Beta = Beware.

This is the genuine one??????

http://support.microsoft.com/kb/197571

http://msdn.microsoft.com/en-us/library/windows/hardware/gg463040.aspx

and this is.

http://www.prevx.com/filenames/371511880595215891-X1/APPINIT.DLL.html

Chris.
Back to top
View user's profile Send private message 
nubc


Joined: 23 Jan 2007
Posts: 1050
Location: USA

PostPosted: Wed 12 Dec 2012, 14:52    Post subject:  

@ cthisbear
I'm now using Microsoft Security Essentials on XP boxes, which pretty much disallows Malwarebytes Anti-malware. What is your opinion of MSE, cthisbear?

EDIT: Just read a review claiming that MSE is very difficult to uninstall, even with MS-provided remover. This reviewer claimed that after MSE (unsatisfactorily) uninstalled, attempts to install AVG subsequently failed. I haven't unistalled MSE before, will have to try it.

Last edited by nubc on Wed 12 Dec 2012, 17:31; edited 1 time in total
Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 718

PostPosted: Wed 12 Dec 2012, 16:11    Post subject:  

nubc wrote:
... I'm now using Microsoft Security Essentials on XP boxes, which pretty much disallows Malwarebytes Anti-malware.

I use MSE continuously, and occasionally use the free version of MBAM for a second opinion that my computer is clean, (as I mentioned previously MBAM can occasionally give false-positives).

i.e. MSE does not block my occasional use of the free version of MBAM, (which does not have "real-time" scanning). NB: two "real-time" antmalware programs running simultaneously could slow each other down and cause conflicts, ( like two security guards chasing each other, each mistaking the other for an intruder ).
Back to top
View user's profile Send private message 
xman


Joined: 24 Sep 2009
Posts: 145

PostPosted: Thu 13 Dec 2012, 00:35    Post subject: Mbar was the only one
Subject description: More about dangerous game played
 

A week ago I had time to play dangerous game with free antiviruses: Panda Cloud, Microsoft Security Scanner, Kaspersky Cloud Scanner, Bitdefender, SuperAntiSpyware, Kingsoft 3.5 & 5.5, Avast, MBAM, McAfee Labs Stinger, and rootkit scanners: Kaspersky TDSS, MBAR, Avast. Panda was primary antivirus installed in 7 and it was extremely aggressive against Avast products: rootkit scanner exe was send to Panda recycle bin four times before I shut down Panda, and trying to install Avast antivir was blue screen issue.

Malwarebytes Anti-Rootkit Beta was only one which find something 'suspicious' and removed needed safe stuff.
Back to top
View user's profile Send private message 
xman


Joined: 24 Sep 2009
Posts: 145

PostPosted: Thu 13 Dec 2012, 01:01    Post subject:  

Barkin wrote:
NB: two "real-time" antmalware programs running simultaneously could slow each other down and cause conflicts, ( like two security guards chasing each other, each mistaking the other for an intruder ).

Old fact is that two active antivirus can't live in same computer, but times can change: Kingsoft Antivirus 2012 is designed to work along with other antivirus products despite being a real-time antivirus and antimalware scanner, as exception products using Vipre engine.

Test results:
http://www.kingsoftsecurity.com/forum/viewtopic.php?f=9&t=1302

[Dec 12] Kingsoft Antivirus 2012 SP5.6 Officially Released:
http://www.kingsoftsecurity.com/forum/viewtopic.php?f=9&t=1320

Review:
http://www.instantfundas.com/2012/08/kingsoft-antivirus-2012-new-free.html
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [7 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0631s ][ Queries: 11 (0.0090s) ][ GZIP on ]