David H. Lipman

I'm sorry but this sub-forum is specifically for submitting samples of files that the Malwarebytes' Anti-Malware (MBAM) has flagged as malicious or as a Potentially Unwanted Program (PUP) but you feel it is unjustified detection. That is this is a case of a False Positive declaration. I believe you want the following sub-forum; Malware Removal Support

The question is... is the software getting "stuck" or "delayed" ? That is when it stays showing a particular file, does it stay there ad infinitum or does it eventually continue on ?

I believe the reason it appears to be a post associated with the wrong sub-forum, is because the subject was MOVED to General PC Help. It is not that we are against Torrents. Its a fact that there is much misleading software that is what we call a "trojan horse". That installer that purports to install a package may be repackaged to include the execution of malware. Because it is P2P and a source of unvetted wares it is contraindicated.

That is the User Registry for the System account (a built-in OS service account). It may not be a case of scanning that file. It could be a case where that was the last file scanned. Now it is scanning an new file and that file may be a CAB, MSI or some other archive file type being scanned. Since they are a file of files they tend to take longer and the Scan Engine will report on the container but not the file contents. It is my understanding that the scanner doesn't display the file name of the file is to be scanned but shows the name of the file that had been scanned. One way to prove this is to explicitly exclude %windir%\system32/config/systemprofile/ntuser.dat Then if you do a scan and it gets "stuck", you would also see a different file name shown, then you'll know it is not that file but the subsequent file it is getting stuck on.

Thanx 1PW !! ------ It is just another name for a new variant of an old ploy. When Malwarebytes gets samples, they'll create specific signatures. As the new ploy plays out they may develop a generic heuristic detection. As with ANY malware, it is a race. The malicious actors race to develop new undetectable malware and the anti malware vendors race to detect them ASAP. If Phishing and malicious emails are used in this ploy then the best defense is to recognize a Phishing email and delete it and delete email with attachments from people you do not know and if the email purports to come from someone you do know AND... you are not expecting an attachment, do NOT open the attachment until you vet the email with the sender. If yoiu can't, delete the email. Social Engineering is NOT something that Malwarebytes can address. Social Engineering is the Human Exploit. YOU are the one that must address thiis via education, critical thinking, situational awareness and a good dose of general caution. NOTE: I'll presume MB is not Milton Bradley but it is also NOT an acronym for Malwarebytes or the core product Malwarebytes' Anti-Malware which is MBAM.

Please be more specific. An authoritative URL on the subject matter would help.

One is by Mike Burgess the other by Steven Burn. That's the difference.

Unsigned files is not about declaration and it being righteous or false. It means the file does not contains a Publishers Certificate and thus the validity of the file can't be checked against an Online Certificate Status Protocol (OCSP) server.

It is just another name for a new variant of an old ploy. When Malwarebytes gets samples, they'll create specific signatures. As the new ploy plays out they may develop generic heuristic detection. As with ANY malware, it is a race. The malicious actors race to develop new undetectable malware and the anti malware vendors race to detect them ASAP. Again... This is just another name for a new variant of an old ploy.

Oy... "1215 Infected Files" NONE were "infected". To be "infected" would be a case were it they had a virus which prepended, appended or cavity inject malicious code into a legitimate file(s). As a virus infected file, that infected file may in turn, infect other files or systems. A trojan can also "infect" malicious code into a legitimate file. We call that a Trojanized or Patched file. Unlike a virus, the Trojanized (Patched) file can not infect other files or systems. The files that are malicious in nature are not "infected". They are just malicious files. You can't call them infected. You can only call them malicious. However with Potentially Unwanted Programs (PUPs) that is another case altogether. You can't call them infected or malicious. You can only call them Potentially Unwanted Programs (PUPs), crapware, junkware, foistware etc. This numbers game is just plain BS anyway. If one has a ZBot trojan it may have created several instances and OS modifications amounting to several or more detections BUT... It was still the case of just a ZBot infected computer. If a Conduit Browser Toolbar is installed, you may have 20 detections on files, folders and OS modifications but is still the case of just a Conduit Toolbar. The real phun is when you have zapchast. That is a trojan infected with a virus. IRC Trojans can be distributed where not only do you have the case of the IRC Client Trojan but the mIRC Client executable is infected with Sality or Virut viruses. ( This is the real thing. Not the bull where everybody falsely calls all malware "a virus" ). The best way to example this is like a case of a tick. The tick is a parasite and sucks the blood of its host. You may say that the host is infected with a parasite. However some deer ticks are carriers of bacteria that cause Lyme Disease in the host.

Right off the top... Get a can of compressed air and blow out all the dust in the vents as well as the fan intake and exhaust areas. Depending on the make and model (which you haven't provided) there may be a BIOS update that improves how system provides cooling and control of the fan. Sometimes people use a computer for both business and personal reasons. That is often a bad idea as the business side use (often called production use) must be fully operation or it can affect your business model. The optimal solution would be to have two computers. One personal and one for business. Often that not be practical or financially prudent. However there is another way. You say you have a notebook. Unfortunately Today, most COTS retail notebooks are scaled down versions. But here is something to think about and implement. Use TWO hard disks. They can have the same OS since they run on the same system or you can have two different OS'. I do that. I am using a Dell Latitude D620. My main hard disk and the majority of my work is performed under Windows Vista. In my backpack I have another hard disk with 1Windows XP and I use that utility purposes and not data purposes. When I need it I just shutdown the notebook, then swap drives. I keep images of both the Vista hard disk and the XP hard disk so if something goes wrong when I am using the HP hard disk I can restore the image. In your case you use it as a DJ. I totally get it. You have one hard disk with all your personal day-2-day software. Another hard disk that has all the DJ software. When you work as a DJ, you just swap the drives. That will help to mitigate the following; "...get in trouble with my laptop effing up in the middle of the session...". --- 1. I also have another hard disk with Win7/64 and I had another with Windows 8.1 Preview (until 12/31/'13).

The location of the etc/hosts, services, networks and protocol tables are set in the Registry. Malware has been known to alter the location and slip in anti malware site negation. One looks at the traditional location and doesn't see a modified etc/hosts as most don't know about the Registry setting. This allows the malware to obfuscate and retain its OS modifications. HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters DataBasePath = %SystemRoot%\System32\drivers\etc

Actually, the majority of your posts are bothering many members. Please... just stop the tact you are on. Thank you.

One would have to ask Pat why he drops it there.

The etc/hosts file does not belong in %windir%. The etc/hosts is a Networking File Structure (NFS) component of the TCP/IP stack. Under MS Windows the etc/hosts file belongs in; %windir%\system32\drivers\etc Since %windir%. is a non-standard location, no wonder it is getting flagged.

Then do it already. Stop the whining and stop the invading of members posts with your borderline abusive comments. If you don't like the product, request a refund and have an enjoyable summer.

Not the Apogee used in Colorado and Washington State. I love the Santana follow-up... Awesome.!

Guarana: Please reference: Important: Please Read Before Reporting A False Positive Post #2 Thank you for understanding.

Indeed it is. And in honour of the Lunar Perigee another of the moon but in this one the moon is rising over the Atlantic's Jersey Shore.

In honour of our Summer's Super Moon.

Neither my phone needs a charge Nor My phone gets charged. As a landline it never bothers me or the people around me and because it is based on VoIP using Fibre Optics, I have crystal clear sound. Not that crap that sounds like one is talking in a fish bowl or loses a connection with someone.

=============> Here's where to go ===========> Malware Removal Support sub-forum.

B I N G O ! One wins the prize. I wonder if the alarmists would also promote a ban on deuterium. That is it may weigh heavily on their minds.

0 time. { Well.... relatively } Just download the free version and apply the license number. The free version will become the fully functioned paid-for version.