Jump to content

JeffD

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Guys, thanks for the replies and your offers to help. However, I have both the machines cleaned up and running ok. The purpose of my post was only really as a general chat type missive and the topic title was tongue in cheek. I haven't lost faith in MBAM (but did give up on Fsecure for a number of reasons). I've worked as an IT tech support analyst for more years than I care to remember and virus bashing has always been a challenge that I enjoy. The pay off being increased knowledge and the thanks from the grateful user. The 2 machines I was playing with last week were not work related, they were the home machines for work colleagues - the sort of "friends" that come round to see the IT guy when they want a favour (you know the sort). MBAM will still remain one of my favourite malware bashing tools but I still need to occasionally use bootdisks and other tools and I'm constantly aware of the fact that we have to use "Free" tools to remove malware that "paid - for" AV stuff misses, with this in mind I try to persuade the latest victim to part with some cash and purchase the full version of MBAM. I use Vipre for a number of reasons and have never had a problem running MBAM with it. I did test this combination on a couple of VMs before applying on my main home PC, I have few other machines running Vipre + PC Guard (not as good MBAM) I can send the Fsecure log if anyone really wants it but the 3 items that MBAM didn't pick up on (Vista Home) were Adware:W32/DoubleD.gen!C, Gen:Adware.Heur.1M3@RedeKLfO and Adware:W32/DoubleD.gen!A. I'm pretty sure they're not tracking cookies The biggest surprise was that MBAM and RootRepeal didn't find anything on the XP machine and neither did fsecure once installed. I'm tending to think the "infections" was more "prankware" than Malware but I was a bit savage with MSconfig and did a really good manual clear out - pity I forgot to make notes but in defence I was trying eat my bacon butty and was connected remotely to 2 other PCs and I was doing it in work time before having to drive to another office and it was POETS day I'll see the user at work tomorrow and see how she has got on over the weekend once connected to t'internet. Cheers Jeff
  2. I've had 2 machines to look at in the past few days. One a laptop which wouldn't connect to the Internet (running Avast on Vista home). Safe-mode scan with MBAM found 80 "infections", problems removed but had to remove a couple of connection profiles to get I.E 8 working again. Next PC (XP Home running Macaffe suite) was getting smoothered in pop ups about being infected - wasn't able to access Task manager or anything just kept getting pop ups advising that whatever we clicked on was infected. Installed MBAM from a stick while PC off the network but it wouldn't run, started in safe-mode and it did run but quick scan found nothing, neither did full scan. Rebooted and still had problem. Safe-mode again and run RootRepeal, found nothing. Safe-mode again, disabled all startup items and non essential services. Cleaned user profiles (tmp, I.E history MRU's etc) and finally got PC stable. Updated MBAM and ran quick and full scans - nothing found. Off the network, removed Avast and installed Fsecure 2010 suite, scanned with that but nothing found, Re-enabled all disabled items at start and confirmed all seemed to be working ok. The laptop user advised his (11 yr old) son had downloaded something and got pop ups again but a scan with MBAM removed them but he couldn't get Live Messenger to work so I've taken another look, repaired messenger and noticed that the son's logon was a standard user and attempted to update Avast but it needed the admin password. Logged on as Admin and updated MBAM and then run full scan - reported clean. Removed Avast and installed Fsecure 2010 suite, run full PC check and it found 69 malware items. I don't know what to make of this, MBAM has been my main tool for virus bashing over the past couple of years or so and have used it frequently to remove malware that Fsecure didn't find - now it seems the tables have turned! I lost faith in Fsecure a couple of years ago and now use Vipre + MBAM (paid for) or Vipre + PC Guard on my PCs at home. Is it likely that I have somehow downloaded a nobbled MBAM? It updates ok so I reckon MBAM is valid. http://mbam-cdn.malwarebytes.org/database/....check.database resolves to 87.248.211.173 CName = cds243.lon.llnw.net. or 87.248.208.27 Cname = cds17.lon.llnw.net Anyone else having similar experience?
  3. Hi, I think this IP maybe a false positive www.ear-care.co.uk (194.154.164.82) - re-directs to www.affordablehearingaids.co.uk (195.47.247.146). Is the re-direct the reason for the block? 194.154.164.82 is located in United Kingdom 195.47.247.146 is located in Denmark Tracing route to 194.154.164.82 over a maximum of 30 hops 1 <1 ms <1 ms <1 ms smoothy [192.168.0.254] 2 10 ms 13 ms 9 ms 10.168.184.1 3 8 ms 17 ms 7 ms osr01roth-v15.network.virginmedia.net [62.30.252.193] 4 15 ms 9 ms 12 ms osr01barn-tenge81.network.virginmedia.net [62.30.252.77] 5 231 ms 18 ms 223 ms osr01brad-tenge94.network.virginmedia.net [62.30.252.17] 6 13 ms 9 ms 11 ms man-bb-a-ae4-0.network.virginmedia.net [212.43.163.233] 7 15 ms 17 ms 20 ms pop-bb-b-as3-0.network.virginmedia.net [62.252.192.158] 8 17 ms 15 ms 16 ms tele-ic-2-as0-0.network.virginmedia.net [62.253.184.6] 9 15 ms 15 ms 16 ms 42-14-250-212.static.virginmedia.com [212.250.14.42] 10 25 ms 23 ms 24 ms vl258.ar01.ld4.dco.webfusion.com [194.143.162.218] 11 21 ms 22 ms 26 ms 194.154.164.82 Trace complete.
  4. JeffD

    VIPRE v MBAM

    Nice to talk to someone else who is paranoid he, he. I usually find people's eyes glaze over when talking about layered security. I have a Linux Smoothwall as my gateway and have similar stuff to you. I use Process guard on a couple of my machines. I did use Spybot S&D and other bits but got tired of having to update everything on 9 machines (XP + UBuntu + Suse + Win7 + Vista). I did use Fsecure internet suite for a few years but it was always a system hog so I swapped to Vipre about a year ago and I really do like it. I also have their (Sunbelt) firewall (the old tweaked up Kerio fw) but Sunbelt are just about to release a security suite so I'm looking forward to giving that some poke. I'm just doing an email to my daughter to recommend what she does to avoid getting infected again. I'm going to recommend Avast, along with regular scans with MBAM. I think the paid for version of MBAM along with Process Guard will prolly do pretty much what Winpatrol does but not sure, what do think?
  5. JeffD

    VIPRE v MBAM

    I haven't used Avast for year but it's always had a good rep. You don't get any probs with having 2 system protectors running at the same time? I don't usually like having 2 things doing the same job but might give it a go.
  6. JeffD

    VIPRE v MBAM

    Yeah, that's been my thinking for the past few years, just seems a pity to give our money to the AV vendors instead of MBAM.
  7. Guys, Just had a battle royal with my daughters laptop (AVG (free) didn't protect it), she's 800 miles away so I had to use "Logmein" to connect remotely. Anyway, I have used MBAM for maybe 2 years or so and as an IT Pro I get a lot of "homework" from friends in need! This battle had ne scratching my head because MBAM would not run on daughters lappy and I couldn't install GMER or any other security stuff. I did manage to get VIPRE instaled but it kept find the same stuff and didn't fix the problem. The silver bullet came in the form of "RootRepeal" (found on the forum), I was then able to get MBAM to run and do a cleanup. My site licence for Vipre is up for renewal in a few days and now I'm wondering I should just rely on MBAM for all my machines - it clearly is the best but I have tended to use it mainly as my toolbox secret weapon and for doing occasional scans to confirm that whatever AV I'm using is working. I still prefer a layered approach to security so it might be better to continue as I am. I'm pretty sure that the paid for version of MBAM and Vipre will fight - so anyone like to comment and suggest what I should do? Regards Jeff (UK)
  8. Guys, I'm the record breaker:-) Actually Malwarebytes is the record breaker!! Yes I thought the only cure was "Fdisk" but Malwarebytes came up trumps again. It did take 5 hours or to do a quick scan and it did "choke" when doing the removal - got runtime error. Did another scan and again 5 hours or so later repeated the same and got same runtime error. Did a reboot and disabled the heuristics bit and anonymous reporting. This time the scan only took around 20 mins and removal went as normal. After reboot, enabled the heuristics and did full scan - found some more and again removal went as normal. I am absolutely gobsmacked I thought it was going to be terminal. I've done a system file check/repair and defrag and all looks good. I'm hoping to pursuade the owner of the PC to make a very large donation and least purchase Malwarebytes protection - that's on top of the bottle of something nice for me :-)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.