Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by sys-eng

  1. Thanks, I have Process Monitor so I will try that. I believe it is as I first suspected - Avast scanning something and Malwarebytes picked up on it.
  2. advancedsetup: I believe you misunderstood my question. Do you have any ideas why Avast would be listed as the process for this block?
  3. I have noticed several times that Malwarebytes IP blocker stopping attempts to access websites that I am not trying to go to. The latest one is in the log as: IP-BLOCK (Type: outgoing, Port: 60501, Process: avastsvc.exe) Any idea why avastsvc.exe would be blamed for this? I am guessing that a link to this IP was in an e-mail message that came into Outlook and was scanned before I could open or delete it but I would not think that Avast was actually trying to go to the site. Any ideas?
  4. I don't use Postini. I am reluctant to give Google that kind of access considering their privacy and security policies. Anyway, I believe that between the mail provider (AT&T), Avast and Malwarebytes, the messages should have been flagged or stopped completely.
  5. I applied for a reseller account on Feb. 9, 2010 and have not heard a word since. I sent private messages as requested too but still nothing. I am setting up a new laptop today and wanted to load Malwarebytes Pro on it - - but still no account. B)
  6. The file is being modified either by program routines or by bad guys so there is currently many variants of it. I recieved several versions this week. Avast detected the first version I received a few days ago but none of the morphed ones. Malwarebytes did not detect any of them. BlueHost, AT&T, and Yahoo e-mail scanners are not detecting it yet. VirusTotal and VirSCAN both indicate over 30% detection of malware. The original version I received 3 days ago received about 60% detection. The file is included as an attachment to an e-mail such as the one below: From: UPS Support Darcy Bates [package@ups.com] Subject: UPS Delivery Problem NR 45688. Hello! Unfortunately we failed to deliver your postal package sent on the 25th of January in time because the recipient
  7. Having Malwarebytes on USB Flash Drive or CD would not help me unless it was bootable. Now a bootable disk would be very helpful but Malwarebytes scanning would be limited to a definition file rather than activity. At least that is my understanding. At least removing the files may allow Malwarebytes to load in Normal Mode and finish the cleaning.
  8. Thanks Samuel. The paragraph above would be a nice addition to the program help file. I have helped people over the telephone remove infections in Safe Mode with Malwarebytes free because that is the only mode that they could run it. I then instructed them to reboot in Normal Mode and run Malwarebytes again. I don't know of another option for these users. When I have the PC, I can boot from CD and scan the disk drive but this type of scan cannot be done remotely - - particularly when the infection has blocked internet connection.
  9. I entered a suggestion for "Safe Mode" operation to be included in the program's help file. Currently, there is no mention of it. Having it on this forum is not so good because infected computers often cannot access the internet and most often should be disconnected from the internet.
  10. jholland1964: I believe your answer is in Post #4. Malwarebytes is designed to run in Normal Mode; however, it will run with some features in Safe Mode. Some types of infections are easier to remove in Safe Mode because they are designed to operate in Normal Mode.
  11. That is good to hear. I applied for a reseller account a couple weeks ago but have not heard back yet. I want to strongly encourage customers to buy the Pro version to prevent these problems. I was extremely disappointed that SystemTools got past Avast!. I have used Avast! for over 5 years but I have lost some confidence in it.
  12. I recently worked on a PC with XP that had Avast! and Malwarebytes (free) running. It was infected with a fake antivirus program calling itself "SystemTools". Neither Avast! or Malwarebytes prevented the infection and neither could remove it because it filled the desktop with pop-ups. I rebooted the system in Safe Mode and successfully removed SystemTools with Malwarebytes. After rebooting to Normal Mode, another scan revealed no infections. So while Malwarebytes operates best while windows is in Normal Mode, it may not be able to remove some infections in Normal Mode. The Help window of Malwarebytes does not find anything when Safe Mode is searched. It would be good to add some instructions there about it. I hope Malwarebytes Pro would have prevented the infection but I don't know for sure.
  13. After the system is left on for 24 hours, mbamservice.exe is using about 45-MB. What seemed strange is that when it is using >70-MB, its CPU usage is not increased. I would assume that it would use more memory when it is working more but I don't see that is Task Manager. I have a wish feature that would be a huge step but I beleive there is another thread for that.
  14. Thanks for the info. I just looked, and it is using 79.4-MB of RAM this morning. This version is using about twice the memory of any previous version (except to the 1.43 with memory leak) so I became suspicious. I suppose that is the new normal for mbamservice.exe.
  15. This version did correct the escalating memory creep I was experiencing with v 1.43. How much memory should mbamservice.exe be using running v 1.44 on Vista 32? When I look at Task Manager, mbamservice.exe is using about 72-MB even before running a scan. It doesn't slowly creep up and sometimes it even drops to about 68-MB. It is the largest user of RAM on my system until I launch Visio or Photoshop. I'm just wondering if that is normal? Thanks.
  16. noknojon - While Malwarebytes is not designed for safe mode scanning, there are some infections that are removed in that mode. SystemTool is one of them. Malwarebytes was ineffective at blocking or removing it in normal mode but quickly cleaned it in safe mode. I like to try the more simple fixes first.
  17. Just saw your latest post. Good to hear the Safe Mode scan worked better. Yes, conflicts appear to be more common now. Both Symantec/Norton and Avast! now conflict with Malwarebytes. i never had a problem with Avast! before version 5. Follow Firefox's instructions. I find that it is worth the extra work to keep Malwarebytes running on PC's. It really does provide an extra level of protection.
  18. Lynn32, your computer system has problems though they may not be infection related. A full scan of a drive that small will usually complete in less than an hour - - not 14 hours. I do maintenance on systems to get back to "new system performance" but cannot do it remotely. There are many things that can cause poor performance. Have you ran chkdsk yet? Have you looked at Event Viewer for problems? If you don't get it working better soon, I suggest backing up your files and reloading XP. That should fix it and save you from wasting many more hours trying to diagnose the problem. I worked on a PC last year that ran terribly slow. It turned out to be the disk drive controller on the motherboard. I put in a 2nd party PCI ATA controller (~$30) and it ran great.
  19. It is communist China, people should not expect anything less. I met a Russian in the USA whose wife once worked for the "telephone company" in Moscow. Her job was to eaves drop on telephone calls from the hotels. They are probably recording them now but back then they had to type the conversation on a typewriter.
  20. It would be a big improvement if they updated the download every Friday. The current process has a download with a definition file that could be months old. I am no programmer but I suspect that the update process for the download could be automated.
  21. I just cleared a SecurityTool infection buy installing Malwarebytes and scanning. The computer was running Avast when it was infected.
  22. I would really like to have a program download available with the current defintion file or at least one that is only a few days old. If Malwarebytes is loaded on an infected computer to clean it, the program often has a malware list file that is months old. The program can be loaded from a CD or USB flash drive but the update file is only available via the internet which is usually not accessible by an infected computer.
  23. Nearly every time I come across a machine like that, I run chkdsk and find errors. I suggest running this test BEFORE anything else. It may save some data that would otherwise be lost. Then run CCleaner or another tool to remove uneeded files. I have also seen slow scan times when Windows Update is trying to download while the scan is going. This is another reason why a boot scan is so good.
  24. I can appreciate application testing. I was an IT Project Engineer at BellSouth for 28 years. I do wonder though why this problem was not picked up in the testing of 1.42. I have several customers running Vista 32, and they all have this same memory problem. Looking forward to the new version. Hope to see an e-mail notice announcing it. WIth the service disabled, it will not automatic update.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.