Bugbatter
6 Gallium

Updates - June 17, 2009

Please refer to Calendar of Updates for today's updates.

The Calendar of Updates is devoted to bringing you the latest information about new and upcoming updates for almost every security software.

If anyone would like to discuss a specific update, please reply in this topic.


Windows Insider MVP 2016 -

Microsoft MVP - Consumer Security 2006-2016

Social Media and Community Professional

0 Kudos
11 Replies
ky331
5 Iridium

Re: Updates - June 17, 2009

(Please note my comments in the lower portion of this post...)

SpyBot 2009-06-17

Keylogger
+ InvisibleKeyLogger97
Malware
+ AdDestination + Fraud.AntivirusDoktor + Fraud.AntivirusPlus + Fraud.MalwareDefender2009 + Fraud.MSAntispyware2009 + Fraud.PCCenter + Fraud.PersonalAntivirus + Fraud.ProAntispyware2009 + Fraud.Sysguard + Fraud.SystemGuard2009 + MalwareProtector2008
PUPS
+ DAEMONToolsPro.Crack
Trojans
+ Virtumonde.sci + Virtumonde.sdn + Win32.Agent.jjv + Win32.FraudLoad.ie + Win32.Hidrag.a + Win32.Rbot.gen + Win32.TDSS.pe + Win32.TDSS.rtk + Win32.VB.mqz + Win32.ZBot
Total: 1433053 fingerprints in 490325 rules for 4696 products.

 

for those who use SpyBot's IMMUNIZATION** feature ---  which, in my opinion, is the main reason for average* users (XP or earlier) to keep spybot around nowadays --- be sure to RE-immunize after updating.

 

(*):  I am also a "fan" of SpyBot's TeaTimer (for XP only).   However, TeaTimer requires that the user respond to its occasional prompts to allow or deny various system changes.   Unless the user feels comfortable/confident doing so, it is preferable that a person NOT use TeaTimer, rather than risk using it haphazardly.

I do *NOT* advocate SpyBot for its scanner --- I believe MBAM and SAS are far superior.

 

(**):  Please be advised that there may be an issue with SpyBot's Immunization of Restricted Sites slowing down IE8 (some people are reporting that this conflict was resolved via the 9 June cumulative update for IE).   If you experience this problem, you will have to decide between the pros and cons, of extra protection vs. system slowdown.

Here's a "partial" solution:   SpyBot itself offers multiple layers of protection:  its SDHelper BHO for IE, its Immunization of Restricted Sites & Cookies (for specified/compatible browsers), and its HOSTS file protection (for all manners of internet access).   Admittedly, there are overlapping redundancies here, with each covering many (all??) of the same things.   Why?  Because, quoting PepiMK (the creator of SpyBot)  "There is malware attacking each layer, but rarely all [three], so we prefer multiple [redundant] layers".

HOSTS file protection is the first thing that "kicks in".   If a website is blocked by your HOSTS file (by virtue of a 127.0.0.1 local loopback entry for that site), no program [web browser, anti-virus / anti-malware, instant messenger, &etc.] will be able to access that particular website.   Meaning that, as long as your HOSTS file remains intact, IE will not have to "worry" about considering a duplicated list of restricted sites.   In other words, if you use SpyBot's Immunization to add its sites to your HOSTS file, then you don't also have to immunize against the same collection of multiple thousands of restricted sites that are currently interfering with IE8 running smoothly.   Be explicitly advised, however, that if you don't (also) immunize the restricted sites, and if malware somehow manages to attack and alter your HOSTS file, it will then leave these non-immunized restricted sites open to further attack you... meaning that this is not a "perfect" solution to the "congestion" problem... but it's certainly better than not using SpyBot's immunization at all.

----

This update has introduced another  Spybot/SpywareBlaster restricted site conflict, specifically, over

Red Sherriff (2) - imrworldwide dot com

Each time you hit the IMMUNIZE button in Spybot, it will remove protection from that site.   If you wish, you can then re-enable it via SpywareBlaster.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
Bugbatter
6 Gallium

Re: Updates - June 17, 2009

Just released: Malwarebytes' Anti-Malware Version 1.38 (June 17th, 2009)

1. (FIXED) Minor issue with updating.
2. (FIXED) Certain types of freezing during full and quick scans.
3. (FIXED) Problem with Estonian language and installer.
4. (FIXED) Certain folders showing up as files in results list.
5. (FIXED) Scan time improperly displayed if Abort Scan clicked after Pause Scan.
6. (FIXED) Error during loading log files after database update.
7. (FIXED) Issues with freezing in protection mode. Certain conflicts with anti-virus software.
8. (ADDED) Some proxy support, please see /proxy command line parameter.
9. (ADDED) New command line parameters: /logtofolder, /logtofile (see help file).

Details: http://www.malwarebytes.org/mbam.php


Windows Insider MVP 2016 -

Microsoft MVP - Consumer Security 2006-2016

Social Media and Community Professional

0 Kudos
melboy
2 Iron

Re: Updates - June 17, 2009

0 Kudos
dalem29
4 Germanium

Re: Updates - June 17, 2009

I downloaded MBAM version 1.38 to both computers today. The process went well for the Vista computer, although there were apparently some updating issues early on according to the website. But on my XP machine I still get the "can't update" error message after the program appears to be updating for 30-40 seconds. The mod over there on the forum says it has to be either my AV...Avast, or my Firewall...Online Armor. I can't see where to navigate in Avast to include or exclude something. And Online Armor shows several entries "allowing" MBAM.

Taking it a step further, I checked to see if A Squared Antimalware might be the culprit, but once again could see no provision to include anything. Doubting that Windows Defender had anything to do with it, I looked at WinPatrol and could find no reference to MBAM in the Start Up menu section. Figured this might somehow be causing the problem. The program wants me to type a path to add MBAM to the Start Up menu, but  I am not sure how to do that, so any advice would be appreciated. All my other security programs show up in WinPatrol's start up menu, so don't have any idea if this is somehow causing the error messages.

Several other users have had  similar problems according to posts on MBAM's website, so the developers must have made some internal changes  to the program starting with version 1.37 that causes this conflict. I think they are reluctant to admit to it or to fix it. I have not changed any settings or security programs after version 1.36 and before 1.37. I did delete WinPatrol temporarily but that had no effect, added it back.

0 Kudos
Highlighted
Willprospector
1 Nickel

Re: Updates - June 17, 2009

   TeaTimer saves me many times while surfing but I use VISTA Premium SP1 and it works well.  But I also have Webroot Anti-Virus with AntiSpyware

while I use the McAfee Security Suite given to me by Comcast. Although both are anti-virus programs and supposedly 2 anti-virus

programs cannot run at once on one machine,but they do on my Dell Inspiron 1501. I also use WinPatrol to monitor any changes

to my processes. However, there is something called Joke/Shake,i.e.: JS/Joke-Shake \AppData\Local\Mozilla\Firefox\Profiles\h8dwi0p3.default\Cache\19AA94Dd01

which cannot be removed by anything except closing my web browser and then using CCleaner.com to Anlyze and then Remove a lot of temporary

memory.

 

http://www.WebSuccess4You.biz,  ,  http://adlandpro-facebook-friendswin-social.blogspot.com/

0 Kudos
ky331
5 Iridium

Re: Updates - June 17, 2009

Dale,

I am using avast on XP, and had no problem updating mbam, so i doubt that's the culprit in your case.

As for a start-up entry in WinPatrol, assuming you are using the free version of MBAM, its installation should place a Run-ONCE entry into your registry (and WinPatrol's startup list).   upon rebooting, that entry will run, be "used", and then disappear --- having run ONCE, it's done --- so you won't find it listed again   [if you have the paid version of MBAM, the situation will be different].

my suggestion... try uninstalling MBAM.  reboot.   download and install MBAM again.   confirm the presence of the Run-ONCE entry in winpatrol's startup list.   reboot.   confirm the run-once is now gone.  and then try running MBAM to see if it's working any differently.  

EDIT:   Just to clarify, are you saying you were unable to update the PROGRAM from 1.37 to 1.38 ???  or that after updating the PROGRAM to 1.38, you were then unable to update to the latest DATABASE?

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
ky331
5 Iridium

Re: Updates - June 17, 2009

Willprospector,

I don't know if your mention of TeaTimer on Vista was in response to my comment that I'm a fan of TeaTimer on XP (only)... or if the placement of your comment here was purely coincidental.

As noted above, TeaTimer indeed has value, for those who can properly reply to its occasional prompts.   VISTA has significantly better built-in security (in the form of UAC) than XP, so it should duplicate many of TeaTimer's warnings.   If you don't mind the duplications... or if you find that TeaTimer actually provides you with security that Vista doesn't, then more power to you!  emoticon.Smile.title

As for running two resident anti-virus programs without you actually noticing any problems:

1) odds are that your system is in fact being slowed down, as BOTH of the anti-virus programs are monitoring/scanning all executable files as they're being opened.   Your system should run faster with only one anti-virus program being resident.

2) an outright "conflict" between the two may be waiting until a virus actually attempts to impact your machine, at which point, the two anti-virus programs may suddenly find themselves in a "tug-of-war" to see which one will remove/quarantine the virus.

I believe it would be prudent of you to remove one of the antivirus programs (suites) NOW, rather than risk a headache later.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos
dalem29
4 Germanium

Re: Updates - June 17, 2009

Thanks David:

Version 1.38 downloaded and installed OK, then when I looked for updates I got the error message. I'll try what you said and see if it shows up in the Start Up menu. It's just kinda weird, because on the Vista machine with the same programs it works correctly. emoticon.Confused.title 

EDIT: It went ahead and ran once...same symptom before and after the reboot. I think there is some problem between my computer and their server...based on the time delay for when the error message comes up. I'll go back to that forum and continue the saga. Guess I could just download each new version and scan once! emoticon.Geeked.title

0 Kudos
ky331
5 Iridium

Re: Updates - June 17, 2009

Dale wrote:  "I think there is some problem between my computer and their server..."   If so, shouldn't that equally impact what happens on your Vista machine?

I've been reading about the lag some people are experiencing in waiting for 1.38 to complete installation... the installer drops-off from the screen, is seemingly gone for quite a while... but eventually pops back to report the installation is complete.   Thinking back, I noticed that as well... on more than one machine... but it didn't phase me at the time.   But on reflection, I would have to conclude there's a problem ---- or else, a significantly new CPU-intensive installation procedure --- with the latest version.

Since I'm taking for granted your system is clean, and you like to have MBAM around and up-to-date "just in case", I would suggest you wait a few days to see how all this plays out.   Hopefully, someone will locate the problem and they'll issue a newer version.

Free Internet Security - WOT Web of Trust       Use OpenDNS       MalwareBytes Anti-Malware


Windows 7 Pro SP1 (64-bit), avast! v17 Free, MBAM3 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, IE11 & Firefox (both using WOT [IE set to WARN, FF set to BLOCK]), uBlock Origin, CryptoPrevent.


[I believe computer-users who sandbox (Sandboxie) are acting prudently.]

0 Kudos