David H. Lipman

Something like 8 of 10 computers given me to service with Norton AV are overburdened by Norton and once replaced, the PC works and reacts properly. I just had a COTS Toshiba Satelite C855D-5100 with Norton AV and it was a dog with fleas and mange. It was removed and replaced with a corporate licensed copy of Kaspersky. The difference was night and day. I was on the phone with an owner of an Acer just last night. He couldn't print. He couldn't PING the IP of his Kodak printer nor his Netgear Router but could access the Internet. The Norton Suite was on the PC. We removed it. After a reboot he was able to PING the Router and his Kodak Printer and was now able to print. The suite Firewall was apparently "misbehaving". But what was noticed by the owner and was remarked to me was that the notebook was able to reboot quicker and then he was able to access the notebook in a shorter time frame than what he was used to. He remarked it was quicker. It was a phone call so I didn't experience it first hand. However, I did notice that time between a reboot and he was able to do tests was shorter after I had him remove Norton than what was experienced before. I had him install the free version of Avira AntiVir and it remained "quick". --- Over the years this has been the pattern. There are some platforms that don't exhibit a Norton overburden issue but my experience is, and has been, more platforms do exhibit a Norton overburden than don't. What I just related were two events in as many weeks. If you are willing and able then you can always verify your license such that you uninstall Norton and see how it runs and if you don't experience a lightening of the load then you can reinstall the software. It is an option. I wouldn't mention it if there wasn't some level of efficacy in the suggestion. Of course, YMMV.

Unfortunately, Norton software slows down computers.

For my dear friend Alice who went down the Rabbit Hole...

Because the plagiarized content was removed.

Thank you. Just to muddy the water a bit... update MSXML 4?

http://www.ridhughz.demon.co.uk/wav/meepmeep.wav

Errytinggoeshere: It was just to hammer in the point. The point being mistakes get made. Why ? Who knows - ship happens. gonzo: Yeah, well that your "next generation" AV from China for 'ya EDIT: AV vendor table

AntiY-AVL.

Ohhhhhhhh So that was you in the elevator the other day!

It indicates Trojan/Win32.SGeneric. It's not getting "picked up as a virus", its getting picked up as a trojan. Yes - It is a False Positive. Need insight ? Ask the company who is making the False Positive declaration. Mistakes get made. Kind of like the one you just made. The third party AV application declares it a trojan and you called it a "virus". Any insight on why

Eagleeye: Is it possible to post a screen capture or a text report of what Secunia PSI is actually indicating ? I am confused as at one point we are as MSXMLv4 and now it's MSXMLv6. This way we can ascertain what Secunia is "really" noting as needed to be updated.

Free - Protection, NO Paid-for, Protection, YES

Well - yes. The paid-for version protects and is proactive providing "On Demand" and "On Access" scanning. The free version does not protect and is reactive and provides only "On Demand" scanning. That's what separates the two versions. You pay for a license, apply the license to the free version and it unlocks the proactive capabilities providing "On Access" scanning.

I do not believe Malwarebytes' is supported on NT Server platforms as well as the free version is not licensed for business use. NT Servers are usually associated with a Business Model of operation so if you have a license you should bring the problem up in; Malwarebytes Anti-Malware for Business

You don't have to be sorry. Its all for the education factor. I would have posted something to the effect of what I wrote earlier but, I guess I wasn't in the mood. However since the thread continued I thought I should give a little informed information on the subject matter. The important concept is it is not about the numbers, it is about what has infected the computer. There may come a time when the numbers are too overwhelming and one should capitulate and wipe and reinstall the OS from scratch. That too isn't completely about the numbers but it helps tip the scale.

Samuel that an interesting observation that didn't occur to me before. I never put those pieces of the puzzle together and now I see the puzzle's picture, I won't forget it ! Obrigado.

Come to think out it... There have been posts about that . One thread's initiator blamed Microsoft and Skype.

vincentdb82: The thread you are replying to is 3 years old. Too old. Please start a new thread of your own fully explaining your problem, what you see, what you experience and any/all facts surrounding the problem. TIA

General PC Help I believe you want; Malware Removal Support

NT Services "look dodgy" ? I suggest researching TCP Port 135 and Remote Procedure Calls (RPC) and RPC over Named Pipes, Hyper-V, Remote Access Services and other NT Based OS sub-systems. One can not call them "dodgy" unless one studies the NT OS structure, NT Services, the Host Process for Windows Services (aka; Server of Services or Daemon of Daemons) and other NT constructs. Until then, please don't feed another's misplaced paranoia because of your own unfamiliarity with NT Based OS sub-systems and constructs.

I'm sorry but this sub-forum is specifically for submitting samples of files that the Malwarebytes' Anti-Malware (MBAM) has flagged as malicious or as a Potentially Unwanted Program (PUP) but you feel it is unjustified detection. That is this is a case of a False Positive declaration. I believe you want the following sub-forum; Malware Removal Support

The question is... is the software getting "stuck" or "delayed" ? That is when it stays showing a particular file, does it stay there ad infinitum or does it eventually continue on ?

I believe the reason it appears to be a post associated with the wrong sub-forum, is because the subject was MOVED to General PC Help. It is not that we are against Torrents. Its a fact that there is much misleading software that is what we call a "trojan horse". That installer that purports to install a package may be repackaged to include the execution of malware. Because it is P2P and a source of unvetted wares it is contraindicated.

That is the User Registry for the System account (a built-in OS service account). It may not be a case of scanning that file. It could be a case where that was the last file scanned. Now it is scanning an new file and that file may be a CAB, MSI or some other archive file type being scanned. Since they are a file of files they tend to take longer and the Scan Engine will report on the container but not the file contents. It is my understanding that the scanner doesn't display the file name of the file is to be scanned but shows the name of the file that had been scanned. One way to prove this is to explicitly exclude %windir%\system32/config/systemprofile/ntuser.dat Then if you do a scan and it gets "stuck", you would also see a different file name shown, then you'll know it is not that file but the subsequent file it is getting stuck on.

Thanx 1PW !! ------ It is just another name for a new variant of an old ploy. When Malwarebytes gets samples, they'll create specific signatures. As the new ploy plays out they may develop a generic heuristic detection. As with ANY malware, it is a race. The malicious actors race to develop new undetectable malware and the anti malware vendors race to detect them ASAP. If Phishing and malicious emails are used in this ploy then the best defense is to recognize a Phishing email and delete it and delete email with attachments from people you do not know and if the email purports to come from someone you do know AND... you are not expecting an attachment, do NOT open the attachment until you vet the email with the sender. If yoiu can't, delete the email. Social Engineering is NOT something that Malwarebytes can address. Social Engineering is the Human Exploit. YOU are the one that must address thiis via education, critical thinking, situational awareness and a good dose of general caution. NOTE: I'll presume MB is not Milton Bradley but it is also NOT an acronym for Malwarebytes or the core product Malwarebytes' Anti-Malware which is MBAM.