Malwarebytes' Anti-Malware [Released]

Discussion in 'Spyware' started by siljaline, May 31, 2011.

  1. siljaline

    siljaline Guest

    Announcement - changelog, chatter, etc >


    Note: The mirror sites for those that may wish to install over top
    are not necessarily showing the new version.

    For those that have turn of the phone-home feature, re-enable to obtain
    the new build via this method.

    Enjoy & Kudos to all @ The MBAM Team.

    siljaline, May 31, 2011
    1. Advertisements

  2. siljaline

    VanguardLH Guest

    Regarding the free version:

    They don't house the download at their own site. Instead the download
    link for their free version takes you to the (CNet) page,
    so you might as well as start at:

    The changelog is found at:

    Since the vast majority (almost all) of the updates apply only against
    the Pro (paid) version, there isn't much point in updating if you're
    using the free version.
    VanguardLH, Jun 1, 2011
    1. Advertisements

  3. siljaline

    siljaline Guest

    You're welcome.
    I was rather "taken aback" by this, of course, I declined.
    Those that have an issue with this being in the installer are encouraged to post
    your thoughts at the MBAM board.

    There have been a few since your post, JD, if you hit fetch again, you should be current.


    siljaline, Jun 1, 2011
  4. siljaline

    Buffalo Guest

    Thanks, I use the free version and just did an update in the program. It
    dl'd and installed the new version over the top.
    After another def update , I did a quick scan and it was really quick
    compared to what I normally get. 3min 4sec.
    Another good thing was that now it finally ignores one item I had on the
    ignore list, which it would not do before.
    That item was a 'shell\open\command' registry entry from SpywareBlaster, I

    Overall, a GREAT improvement.
    Thanks again, MBAM for an even better program. :)
    Buffalo, Jun 1, 2011
  5. siljaline

    siljaline Guest

    As noted elsewhere, the option to run the trial of the "Pro" build has
    been posted.
    You should - the MBAM folks have a clean-up too listed in the announcement
    thread. Keep it at the handy.
    You're welcome.

    siljaline, Jun 1, 2011
  6. siljaline

    siljaline Guest

    Those of you that use MBAM really should get your feedback to the people
    that can see what you findings are.


    Regards & enjoy !!

    siljaline, Jun 1, 2011
  7. siljaline

    siljaline Guest

    You're welcome, Autumn - enjoy the new release.

    siljaline, Jun 2, 2011
  8. siljaline

    Dustin Guest

    You really need to update to ensure the definitions can all continue to
    be properly interpreted by the underlying engine. Please don't post
    advice when you're talking from your ass.
    Dustin, Jun 5, 2011
  9. siljaline

    VanguardLH Guest

    I was referring to the *program* update which was the topic of this
    thread. Yes, you still need to get the *signature* updates to remain up
    to date. Since nothing in the new version (free or paid) has added new
    heuristics or schemes for better detection, all you need are the
    signature updates with the older version.

    If you have the paid version, some of the updates might interest you.
    VanguardLH, Jun 5, 2011
  10. siljaline

    Dustin Guest

    I'm going to try once more.. The "program" update, IS the fucking engine.
    Again, it's best you keep BOTH updated.
    Idiot.. I used to work for the company.. but, **** it, you know more I
    Dustin, Jun 6, 2011
  11. siljaline

    VanguardLH Guest

    Oh yes, Dustin, we are certainly convinced of your claimed expertise by
    such a professional response. (rolls eyes) Oh, please, grant us your
    shining expertise by pointing out just where MBAM points out what
    changes were made to their *engine*. Yeah, I thought so.

    I see you can't even figure out a legitimate right-id token for the MID
    header that you chose to have Xnews generate for you.
    VanguardLH, Jun 6, 2011
  12. siljaline

    Dustin Guest

    Claimed expertise? Are you saying you don't believe I worked for the
    company and was a malware researcher for them? Please clarify.

    MBAM isn't going to document every change made since last version, it's
    *never* done so.
    While I accept the fact you tried to insult me, the hex editing done to
    the executable is quite deliberate, thanks. It's been modified in this
    fashion for sometime now. I believe (yes, I did) I made a post
    detailing where the bytes were to change the default information. As
    Xnews would have originally put the WAN side IP there instead.

    Any more smartass remarks you want to make?
    Dustin, Jun 8, 2011
  13. siljaline

    VanguardLH Guest

    Ass, fucking, idiot, **** it, and smartass. And who said that? You
    really thought that attitude would lend an air of credibility to your

    I was sarcastic only after your peurile retort. I never attacked you or
    the product. Yet you chose to devolve into a troll. When you act like
    one, don't expect anyone to believe your claimed expertise. If you
    haven't noticed yet, sarcasm is more effective than vulgarities.

    Sales people also probably work at MBAM and it's common knowledge
    (amongst IT, dev, and QA folks) that sales folks don't know well the
    products that they sell. You could've been a janitor there. You
    might've worked in the human resources department, as a secretary, or
    workstation setup and maintenance. No one here has access to their
    employee records. You go ahead and claim whatever you want but your
    prose belies your implied claim.
    So you really don't know that there was a change in the engine, its
    algorithms, its heuristics, or any of its detection mechanisms. You're
    just guessing or hoping but claiming that you know the program update is
    a necessity. You don't know but you insult anyone that contests your
    unfounded and unproven claim. Oh yes, you are quite the professional,
    Dustin, uh huh, sure. (There's that sarcasm again warranted by the
    prose that you chose to use in your replies).
    And while making those hex edits, you must be claiming that the data
    block inside the executable for the MID value wasn't large enough to
    enter a valid right-id token in the generated MID header. That's odd as
    I've seen others posting with rather long right-id tokens in their MID
    header that are also using Xnews. Wow, all that expertise having to hex
    edit a file instead of modifying the user-editable configuration
    settings prompted on the first run of Xnews (e.g., the IDtoken),
    editable via the setup dialog (Ctrl+F1), or by editing the xnews.ini

    Other Xnews users probably just modify the settings under the "[ID]" or
    [Compose] sections in the xnews.ini file. Go into the setup dialog
    (Ctrl+F1) and just edit the form field to enter the value for IDtoken
    under the Identities tab. I did a quick install just to test this.
    When I hit Ctrl+F1, Identities tab, and entered in "",
    the value stored for IDtoken in xnews.ini was "newsmydomaincom" (the
    periods got removed). I also found out about the fqdn value that you
    can specify under the [Compose] section of the xnews.ini file that uses
    your fully qualified domain name in the MID header (see The setup dialog
    (Ctrl+F1) shows many user-configurable settings but not all of them that
    can be defined inside of xnews.ini. There are some examples at of
    xnews.ini that also show the use of the fqdn parameter under the
    [Compose] section. The sparse manual at the newsguy site really sucks.
    I don't even use XNews and yet I could search around to find info on the
    IDtoken and fqdn values.

    For my reply which neither attacked MBAM (and perhaps indirectly at you
    because of your claimed prior unprovable affiliation with MBAM) nor
    attacked you directly, you sure had a violent reaction to my post. I
    have to wonder with such an oversensitive ego if perhaps a moderated
    web-based forum might not better suit you. However, the forum moderator
    would've end up deleting your posts so unmoderated Usenet is where your
    posts can survive.
    VanguardLH, Jun 8, 2011
  14. siljaline

    Buffalo Guest

    VanguardLH wrote:

    Please take your hate and vindictiveness elsewhere.
    Buffalo, Jun 8, 2011
  15. siljaline

    VanguardLH Guest

    The only fallacy I see being promoted here is that you and Dustin make
    claims you cannot prove and are snared by the "newer must be better"
    sales mantra that consumers have been engrained with for decades.

    Users only have the changelog to go by, not your guesses.
    VanguardLH, Jun 8, 2011
  16. siljaline

    Dustin Guest

    I didn't post with concern for credibility. I was trying to assist
    others who might take you seriously and use unsound advice. The only
    reason you wouldn't want to do an engine update is because your running
    a keygenned version and you think the engine update might kill the
    key...Otherwise, why wouldn't you do the full update? Eventually the
    definitions file will no longer be supported by the older engines. It's
    It's not claimed expertise. This isn't a matter of me claiming the moon
    is made of green cheese. You and others can verify any claims I've made
    here. You'll find I'm not feeding you bullshit.
    I will claim the following (which is all true, and a malwarebytes
    employee and/or forum admin can verify them if they'd like).

    I was a malware researcher. I took live malware apart, analyzed it, and
    provided definitions so that the programs ENGINE could deal with the
    pest. I also did some antipiracy activities (I'm the reason why
    avoiding an engine update won't keep your key safer any longer).
    Actually, I know malwarebytes from a very intimate level. I wrote
    definitions for it, I've seen the definitions file in plaintext. [g]

    I'll go a step further, I wrote a small utility to better organize the
    definitions database that everyone built from. LOL!

    No, I'm not.
    While you might not like my choice of words or my style here on usenet
    with some people, I *am a professional*.

    The "data block" was a 2byte c++ character variable, wiseass. You
    should examine the xnews.exe binary for yourself. What other than the
    @"no" is wrong with my MID text?
    You can't replace the WAN side IP address (which is what's on the MID
    right side besides @ without hex editing.)
    Not unprovable. Locate a copy of mbam v1.25 and open the about menu.
    You'll see our names in plaintext before it changed to "Malwarebytes
    Feel free to lookup userid raid on malwarbytes forum. I *still*
    maintain expert status, Punk.
    Dustin, Jun 8, 2011

  17. Vanguard:

    While the written language may have put you off. Dustin DOES have the expertise he
    states. As another former Malwarebytes' malware researcher I can emphatically state he is
    stating correct information.

    The software version is the engine and we (Dustin and I) both know what is included in
    Engine Updates that make updating both the signatures and the engine imperative.

    After Merijn joined the software team (author of HiJack This!) one may have noticed an
    increase in scanning speed in a past, but not too distant, engine update.

    Other updates have to do with how signatures are created and applied which increase
    detection capabilites. How that is applied can not elaborate on.

    The fact is Dustin is well qualified to make the statements about MBAM that he has made.
    Please do however excuse the delivery method.
    David H. Lipman, Jun 8, 2011
  18. siljaline

    VanguardLH Guest

    I was the face that Dustin presented via his prose that contradicted his
    claim of expertise. Someone mouthing off vulgarities will never be
    viewed as an expert. All Dustin and Rhonda have to consider is what
    would happen if they used the same language during a job interview.
    Once they stepped out the interview room door, their resume would get
    trashed. They shot themselves in their own feet. It wasn't that it
    threatened or shocked me by their language. It was the comedy in their
    vulgar presentation while claiming to be experts. Once they chose to
    devolve, it was fruitless in trying to show (okay, harp on) their own
    posts as evidence that their "delivery method" contravened their

    For professed experts, they have overly sensitive egos. It was almost
    like responding to Alan Connor: if you agree then you are a saint but if
    you disagree then you are a boil on Satan's butt. I would think with
    being around Usenet for so long that they would be used to arguments and
    opposition. Guess not.

    From Dustin's 2nd reply to me, the subthread was no longer a discussion
    on whether the program update was needed or not. I probably should not
    have pricked their egos with sarcasm.
    VanguardLH, Jun 9, 2011
  19. siljaline

    VanguardLH Guest

    Oh yes, I was attacking Dustin by voicing my opinion (versus his and
    yours) that a program update isn't needed. Did I say to never do the
    program update? No. If nothing has changed in heuristics, algorithms,
    or other detection methods than the engine hasn't changed. Dustin
    claims the changelog never states critical functionality changes in
    detection for MBAM. That also means users have no official record that
    dictates a program update is required or even recommended - at this
    time. That a new version of something comes into existence doesn't mean
    you have to immediately jump on it. Even you've seen users that go
    updating the video drivers when nothing is broke and they have no clue
    that the new version will fix problems (that they have yet to exhibit)
    and may actually cause new problems with the new code. Not everyone
    wants their now stable computer constantly changing state.

    Rather than you and Dustin attempting to educate me regarding your
    *opinions* (i.e., argue or debate your points), both of you thought I
    would disappear from the discussion because, gee, I would get scared and
    offended by your vulgarities. Didn't happen, did it? I don't run away
    because someone chooses to devolve into an insult throwing child.
    Dustin got back the attitude that he gave (via sarcasm instead of
    vulgarities). That he didn't like my retorts should have made him
    review his own. That Dustin and you even think vulgarities are going to
    make someone go away contravenes your experience in Usenet. You already
    know that won't work plus you end up smearing your own reputation.
    Harpies aren't viewed as experts and don't scare anyone away in Usenet.
    VanguardLH, Jun 9, 2011
  20. siljaline

    Dustin Guest

    The thing is tho, and most importantly; Yours is an opinion. Mine isn't
    an opinion.
    I have no desire to attempt to educate you on anything. You seem pretty
    well set in your ways.
    I didn't plan to scare anyone off, nor actually offend you. Simply
    educate you, albeit in a smug fashion.
    My reputation is fine, thanks for your concern.
    Dustin, Jun 9, 2011
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.