JeanInMontana
-
Posts
3,859 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by JeanInMontana
-
-
BTW, the same error code came up;
731 (0. 6)
Cheers
Rebooting should take out the error. I need you to find these four files and copy them to a zip folder.
C:\RUNONCE\GTA\POPLINK.lnk
C:\Program Files\chkmem\chkmem.exe
C:\WINDOWS\SYSTEM32\kxlgxldl.dll
C:\WINDOWS\TEMP\nes5.tmp
Attach the folder in this forum http://www.malwarebytes.org/forums/index.php?showforum=55 start your own topic please.
-
Yeah you should be worried.. and be worried about this too C:\Program Files\LimeWire\LimeWire.exe get rid of it. Your going to continue to reinfect yourself doing P2P. Have you installed other new stuff?
Look for this file please C:\WINDOWS\orclobi\suspatch.exe copy it to a folder and zip it then go here http://www.malwarebytes.org/forums/index.php?showforum=55 and attach it please.
We need this file, if you have any info on it please supply it. We will get an update to MBAM ASAP and clean you again.
-
Seriously, there is no need to puff your chest out and imply that you have more experience. Marcin will be the first to tell you there is/was a problem with the protection module on certain systems. I've experienced the issue first hand on numerous systems.
Seriously there is no need for your attitude at all. I'm not implying anything. It's a fact, I do know what's going on with the program and on the forums. I don't puff my chest ever! You have gone for me on several threads now and I'm over it. You don't need to try and undermine every post I make.
There have been some problems with cpu useage and that was quite some time ago. There is still a problem with the protection module, I have experience with it first hand.
But, that is not the issue here. It's about the protection on 64 bit machines and its NOT supported. Marcin is the one to deal with this too.
-
Please follow instructions. HJT log now. Be sure you have rebooted as MBAM requested.
-
You can also use a free tool vURL to dissect the site for malicious code. Very simple to use.
-
Have the friend join the site. No third party errors then.
-
Some people may only want auto updates, or scheduled scans, especially when the real-time protection module is chewing up resources (check the forums).
Umm I moderate the forums so I'm fairly in tune to what's there... and I have been in on the making of MBAM since before public beta. The person here is asking about the protection module. MBAM is very low on resource usage.
-
x64 is supported; real-time is not.
There is only one reason to buy MBAM. That is for the protection and it is NOT supported in Win64.
-
http://www.malwarebytes.org/forums/index.php?showtopic=2936 Hi start at that link. Follow all instructions as they are written and start your own topic in that forum.
-
Anything that's in there from SBS&D should be in there, or if your using a file like hpHosts and any of the others MVPHosts . The purpose of the Hosts file is to avoid bad sites. If SBS&D is adding them leave them. And a redirect is quite obvious. You don't go to the site you intended to go to.
-
Dave that won't do much good... she has illegal software on her machine, often bundled with malware. Deleting System Restore points isn't going to do squat.
-
Hi miserymachine and welcome to Malwarbytes. Please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936
-
My dilemma is that this is my first year as a tech on this school, that went the entire time with absolutely no malware protection at all for several years, and by the time I get a call to help them it is to the point where they have at least 150+ infections, and alot of the downloaders that just go crazy on the PC. This combined with the user's lack of knowledge of how malware spreads itself put the machines at even a greater risk for infection. If could devote my entire time with just cleaning the network that would be great, unfortunately I've other duties
I'll probably just wind up getting MBAM corporate version, or whatever is needed to cover the number of seats that I have and just tackle the problem on a case by case basis until the summer when I have the time to layout a game plan to get the network back into shape and locked down where users can't do that much damage. I think remote desktop connection, pc anywhere, etc., will help me out with cleaning once I get it installed on the workstations.
Greg would reformatting them be an option? Then you start fresh with no infections. I feel your pain, schools are one of the worst for not being secured. Ask Julie Amero.
-
Win 64 is not supported. PM RubbeR DuckY and he will deal with this himself.
-
C:\Program Files\Be Secure 2007\Symantec Client Firewall\ISSVC.exe <========= bingo. I would get rid of all that Symantec crap. Avira is a good antivirus and runs well with MBAM. But I need you to follow the instructions. I thought you were clean... your getting reinfected we need to find why.
Turn off TeaTimer
Remove the lines I said and update MBAM, scan post the log and a new HJT.
-
The forum you attempted to post in is not for random access. It is strictly for samples we find in HJT logs. The regular upload link is http://uploads.malwarebytes.org/ and is 2MB. I have a hard time with AVG finding it before MBAM. Not how it has worked in any logs I work.
-
I agree.
Do Marcin/nosirrah also feel that techs/consultants/businesses that service customers computers (not the businesses personal systems on the private lan) in their office and/or on-site should purchase a "tech license". If the customers machine is used at home, in a non-business environment, then the free version of MBAM and another other "free for home use" software should abide by the EULA.
That's not what is going on here. The 200 machines are not at home.
I fail to see what is so difficult to understand, the concept is very simple.He is a type of network administrator/technician who is running scans on approximately 200+ computers.
Having to manually go from one computer to the next to start the scan
Upon completion you have to manually go through and click to remove anything, if found, and then close the application.
This is extremely time consuming for network technicians
The concept is he wants auto clean, yet says he would rather approve every pop up window asking if it should clean. They aren't the same thing. I know what's going on and I know it would take time. That wasn't what he said.
-
Malwarebytes is also an official ASAP member obviously this guy has a hard on for MBAM. Probably cleaned up some of his malicious code. The screen shots he is linking to are from March. Someone needs to slap some sense into him.
-
The results are automatically shown, that is laserjet's complaint. You can look in settings and uncheck to automatically show a log after scan.
-
Sorry you didn't get a reply yardbird that is not the norm here. http://www.malwarebytes.org/forums/index.php?showtopic=5699 addresses part of this issue.
-
I was having a problem running a full scan with Malwarebytes, link, It turned out it was Zonealarm causing the problem, switched to Comodo and all was well.
MBAM runs well with OnlineArmor too.
-
Hi fareast and welcome to Malwarebytes.
-
Since this issue is resolved I will close the thread to prevent others from posting into it. If you need assistance please start your own topic and someone will be happy to assist you.
The fixes and advice in this thread are for this machine only. Do not apply to your machine. Please start a thread of your own and someone will be happy to help you.
-
No your not a failure. You have something "speshal". I've got the lead Developer working with me. We need a log from this please.
OK let's go for another special scan tool.
Download GMER get the zip file and save to your desktop.
Just run gmer.exe. All required files ( gmer.dll and gmer.sys ) will by copied to the system during the first lanuch. .
Do not click scan.Use the copy button to copy to your clipboard. Post the log in your next reply.
keylogger (Wolrd of Warcraft
in Resolved Malware Removal Logs
Posted
You didn't update Adobe.
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) <===== that should be removed. If you are using both AVG and McAfee Anti virus for real time protection you need to shut one down.
When you run HJT put a check next to the lines and then click fix.