# Malwarebytes Anti-Malware 1.46 And SUPERAntiSpyware 4.36.0.1006 Released



## flavallee (May 12, 2002)

*Malwarebytes Anti-Malware 1.46* (to replace 1.45)

Changes And Enhancements:

Improved database loading speed by approximately 15%. 
Drastically improved performance of Website Blocking on Windows Vista and 7. 
Fixed various scheduler compatibility issues on Windows 2000. 
Fixed issue with quotations around paths passed to /logtofile and /logtofolder. 
Fixed issue with detecting certain leftover traces of an infection. 
Fixed issue with freeze when adding a shared printer on the network.

*SUPERAntiSpyware 4.36.0.1006* (to replace 4.35.0.1002)

Changes And Enhancements:

New : Clear All Quarantine Option 
Scanning Engine Updates to fix .EXE broken extensions 
Rootkit Uncover Technology to help locate hidden drivers updated to handle boot bus extenders 
Check out our SUPERAntiSpyware Portable here:
SUPERAntiSpyware Portable Scanner
32/64-bit Users: New blended (32/64) bit installer pre-release available on our forums. A single install handles both 32-bit and 64-bit installations/updates!

---------------------------------------------------------------


----------



## bicycle bill (Jul 11, 2003)

Thanks for the heads up my man.


----------



## Cheeseball81 (Mar 3, 2004)

Thanks Frank


----------



## perfume (Sep 13, 2008)

Dear flavallee,
That's extremely nice of you. How are your grand children doing? Thank you! Will download.:up:


----------



## flavallee (May 12, 2002)

I ran a test scan this morning with the new version of SUPERAntiSpyware.

As soon as the scan started, it displayed this registry threat:

*System.BrokenFileAssociation*

The scan finished with no additional threats found.

Suspecting it to be a false positive, I didn't remove this threat.

I checked the SAS forums and discovered that others are having the same problem.

---------------------------------------------------------------

This is what my scan log looks like:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/30/2010 at 11:43 AM

Application Version : 4.36.1006

Core Rules Database Version : 4870
Trace Rules Database Version: 2682

Scan type : Quick Scan
Total Scan Time : 00:16:09

Memory items scanned : 387
Memory threats detected : 0
Registry items scanned : 504
Registry threats detected : 1
File items scanned : 7084
File threats detected : 0

System.BrokenFileAssociation
HKCR\.exe

----------------------------------------------------------------

Has anyone confirmed if this is a legitimate registry threat and can be removed?

---------------------------------------------------------------


----------



## tomdkat (May 6, 2006)

I learned about these updates through the update functions of each app. 

Has anyone had an issue with the Malwarebytes update closing the running Malwarebytes instance so the new version can be installed and then not doing the actual installation? Twice now, I've run into that and when I double-click the Malwarebytes icon to run it again, it says it will kill the running app and install the new version. On the second attempt, the upgrade was installed and all is well.

Has anyone else run into this? I hit this on a Windows XP Home Edition (SP3) machine and my Windows 2000 test environment.

Peace...


----------



## flavallee (May 12, 2002)

Tom:

Restart your computer after installing the MBAM update, and you should be okay. I had the same problem with XP SP3 and Vista SP2.

----------------------------------------------------------------


----------



## tomdkat (May 6, 2006)

I actually did restart the computer after updating both SAS and MBAM but not because I was instructed to do so. 

Glad to hear my experience wasn't unique. I don't like being "alone" when experiencing things like this. 

On a side note, while I haven't scanned the Windows XP system I updated yesterday with either app, I'm scanning my Windows 2000 environment now with the updated SAS and I didn't hit the registry issue you mention above. Either that key didn't exist in the Win2k registry or the key was deemed to be "ok" by SAS. I ran the SAS update on Win2k this morning and ran a definitions update after doing the SAS upgrade and I'm scanning the system now.

Peace...


----------



## Phantom010 (Mar 9, 2009)

I had the same issue with MBAM.


----------



## SIR****TMG (Aug 12, 2003)

All fine here


----------



## tomdkat (May 6, 2006)

flavallee said:


> I ran a test scan this morning with the new version of SUPERAntiSpyware.
> 
> As soon as the scan started, it displayed this registry threat:
> 
> ...


Ok, I've scanned the Windows XP Home Edition (SP3) system on which I upgraded to SAS 4.36.1006 and this registry key was NOT detected as being infected. I looked at it in regedit on this system and in my Windows 2000 test environment and the keys were the same and had the same values.

Have you looked at the key in regedit to see what it contains?

Peace...


----------



## flavallee (May 12, 2002)

Tom:

Here is screenshot of what the .exe section of the HKEY_CLASSES_ROOT menu looks like in my Windows XP computer.

YU3 is associated with *Your Uninstaller 2010* that I have.

My .exe key contains the same information that yours does.


----------



## tomdkat (May 6, 2006)

Maybe the "Your Uninstaller" entry is what is causing SAS to detect that key as having an issue. The registry keys I've seen on systems that don't have the issue don't have the "YU3" elements.

Looks like a false positive by SAS. I ran into another false positive by SAS about a month ago where GnuPG was being flagged as some kind of malware. 

Peace...


----------



## flavallee (May 12, 2002)

tomdkat said:


> Maybe the "Your Uninstaller" entry is what is causing SAS to detect that key as having an issue. The registry keys I've seen on systems that don't have the issue don't have the "YU3" elements.
> 
> Looks like a false positive by SAS. I ran into another false positive by SAS about a month ago where GnuPG was being flagged as some kind of malware.
> 
> Peace...


I've updated my last reply.

I'm going to assume it's a false positive from YU2010 and not remove it.

--------------------------------------------------------------


----------



## perfume (Sep 13, 2008)

Phantom010 said:


> I had the same issue with MBAM.


Dear phantom010,
I am having an MBAM issue alright, but a different one and it is"MBAM_ERROR_UPDATING(12007,0,WinHttpSendRequest)". I was away for the day and will be contacting the MBAM support.com with this error message. If any one has a clue as to what this is, kindly share! I always reboot when i remove or when i install a software!
PS: SAS upgrade worked fine!


----------



## tomdkat (May 6, 2006)

That message sounds like something blocked MBAM from contacting the update servers. Perhaps your firewall is blocking the new version?

Peace...


----------



## perfume (Sep 13, 2008)

tomdkat said:


> That message sounds like something blocked MBAM from contacting the update servers. Perhaps your firewall is blocking the new version?
> 
> Peace...


Dear tomdkat,
Thanks for the reply. You were *spot-on* when you said the Firewall may be blocking. I have actually set the bar very high to"MAX" , so as not to allow "even the least suspicious" packets from entering! After your "fast" reply, i set it back to default. The MBAM team sent me two files and please view"
This issue is commonly fixed by one of two things: 
1- Adding the following url to any type webfilter, ad blocking, identity theft protection, 'trusted sites' options or similar to your firewall 
data-cdn.mbamupdates.com

2- Adding the following Malwarebytes files listed in the link below to your currently installed antivirus\antispyware software exclusion lists or white listing options. (Section H-ignore AVG if you don't use it) 
http://www.malwarebytes.org/forums/index.php?showtopic=10138&view=findpost&p=167851

Problem solved! MBAM is back in business. Glad you were around!:up:

PS: I am very interested in scientific medical things(among many things) and i remember reading that guzzling too much beer on Sats. and Suns. regularly,can cause what's called "a Beer-Drinker's Heart" and it's not a good thing to have, as there is no cure!


----------



## flavallee (May 12, 2002)

SUPERAntiSpyware 4.37.0.1000 is out. I did a quick scan with it and it looks like the "false positive" that occurred with version 4.36.0.1006 is fixed. :up:

----------------------------------------------------------------


----------

