lmacri

Hi daledoc1: Thanks for the reply, but I don't know if the two issues are related. I'm not having problems updating MBAM, so MBAM's Canadian CDN seems to be working fine for me and what is described in that thread sounds like a temporary connection problem. My problem is that I can't update Norton Internet Security (NIS) when MBAM's Malicious Website Protection is enabled, and this has been going on for over six months now. My current thinking is that MBAM blocks the connection to Symantec's Canadian CDN because the geolocation / IP address (Toronto, ON, Canada) is different from the "expected" geolocation / IP address for their main servers in the USA (San Franciso, CA, USA). As soon as I disable MBAM's Malicious Website Protection my NIS updates immediately resume running again. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.5 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.8 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

MBAM Premium has updated to v2.1.8.1057 and NIS (2014) v21.7.0.11 Pulse Updates and Automatic LiveUpdates still fail to run to completion when MBAM's Malicious Website Protection is enabled. The QA team at Malwarebytes was unable to reproduce the problem and when they last contacted me on 04-Jun-2015 I was told they were going to investigate if my issue is related to my location (Canada) and the content delivery network (CDN) that Symantec uses to distribute updates to customers outside the US. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.5 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.8 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Just another update to let folks know that Norton Customer Support has re-established contact with me and has decided to escalate my support ticket to Malwarebytes QA and the Software Development team to see if they can reproduce the problem. While we were troubleshooting the issue of MBAM's Malicious Website Protection (MWP) causing my Norton Pulse Updates and Automatic LiveUpdates to fail, we uncovered a few additional problems on my system that also seem related to blocked connections to the backend Symantec servers when MWP is enabled. Namely, Norton's Download Insight is unable to check the trust rating / reputation of new (updated) executables when MWP is enabled. If I disable MWP, re-boot my computer and re-download the same file from the same download site, Download Insight is able to retrieve the file's trust rating. Also, if I run trace routes to the Norton LiveUpdate servers from the command prompt when MWP is enabled (i.e.,tracert liveupdate.symantecliveupdate.com, tracert liveupdate.symantec.com, tracert update.symantec.com), two of these three traces consistently end in a general failure, even when these domains are added to my MBAM web exclusions. If I disable MWP and re-boot my computer all three traces result in a successful connection. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Hi miekiemoes: Thanks, I'd be grateful for any assistance. I've been running NIS and MBAM Pro/Premium together in real-time since 2009 and this is the first problem I've run into that couldn't be fixed by adding a few scan exclusions recommended in the forum. I just noticed a typo in my previous post - I mentioned tracert liveupdate.symantec.com twice. I should have stated that the thrid trace was for tracert update.symantec.com. When MWP is enabled, the trace routes for liveupdate.symantecliveupdate.com and update.symantec.com both fail on my system while the trace for liveupdate.symantec.com is successful. I should also mention that I tried clean reinstalls of MBAM v2.0.4 and v2.0.6 (mbam-clean-2.1.1.1001.exe) as well as NIS v21.6.0 (Norton_Removal_Tool.exe) and that didn't help either. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Hi miekiemoes: Yes, it's very consistent behaviour. If I enable MBAM's Malicious Website Protection (MWP) at Settings | Advanced Settings and re-boot my computer my Norton Pulse Updates and Automatic LiveUdates fail to run to completion, and Norton's Download Insight is unable to connect to their backend servers to check the trust rating of downlowned files - see the screenshot posted in my 07-Dec-2014 thread Norton Pulse Updates Fail when Malicious Website Protection Enabled. If I disable MBAM's MWP and re-boot my computer my Norton updates and Download Insight checks run normally. I recently ran trace routes to the Norton LiveUpdate servers from the command prompt (i.e.,tracert liveupdate.symantecliveupdate.com, tracert liveupdate.symantec.com, tracert liveupdate.symantec.com) and all three traces end in a successful connection to the LiveUpdate servers when MWP is disabled. However, 2 of these 3 traces consistently end in a general failure when MWP is enabled. Those trace routes were sent to Malwarebytes Customer Support this week and they asked me to send new MBAM Check and FRST logs (yet again) "to make sure there are no signs of possible infection". I've added various malware and web exclusions in both my MBAM and Norton settings and nothing I've tried seems to solve the problem. Your feedback is greatly appreciated, but I realize that the False Positives board isn't the correct forum to be discussing this. I just wanted you to know why I was so paranoid when I saw the Hijack.Trojan.Siredef.C registry detection with my rootkit scan. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Hi miekiemoes: Thanks for letting me know this is an orphaned registry entry. I don't recall having any confirmed malware detections on my system in recent years other than an e-mail attachment infected with Trojan.Klovbot [sophos] that was removed by my Norton AV in July 2014, and I was just curious if this registry entry was a false positive. I have an issue with my Norton Automatic LiveUpdates failing when MBAM v2.x Malicious Website Protection is enabled and opened a support request five months ago, and Malwarebytes Customer Support still seems convinced that I have malware hidden somewhere on my system. They haven't found any evidence of active malware in my DDS and FRST logs but asked for new logs yesterday that they're forwarding to a malware removal specialist for a second opinion. I decided to run a rootkit scan with MBAM yesterday and was a bit alarmed to see a Hijack.Trojan.Siredef.C detection, so it's good to know it's unlikely that I have an active Siredef.C infection on my system even though this registry entry was a valid detection. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

I ran a Custom full system scan on 26-May-2015 with rootkit scanning enabled (malware database v2015.05.26.04 / rootkit database v2015.05.24.01) and had a Hijack.Trojan.Siredef.C detection for registry entry HKU\S-1-5-21-3086198521-800258848-3831315664-1001_Classes\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}. I wasn't unable to find any information on this CLSID when I searched VirusTotal and according to SystemLookup the CLSID {FBEB8A05-BEEE-4442-804E-409D6C4515E9} appears to be a legitimate 32-bit Vista shell32.dll file that was used to launch a file named CDBurn. This is the first time I've ever run a rootkit scan with MBAM Premium, and I was wondering if this trojan detection is a false positive or an orphaned registry entry for some PUP that was previously removed from my system. The detection was flagged at the very end of my Custom scan (i.e., during the heuristic scan and not during the rootkit scan) and a Custom full system scan on 23-May-2015 with rootkit scanning disabled (malware database v2015.05.23.01) did not detect any threats. I've quarantined the registry entry and haven't noticed any obvious problems but I'm concerned that I might have issues down the road with my optical drive if this is a false positive for a legitimate Windows file. I've attached scan logs for both the 23-May-2015 (no detections) and 26-May-2015 (Hijack.Trojan.Siredef.C detection) full system scans. ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS MBAM Custom Scan No Threats 23 May 2015.txt MBAM Custom Scan with Rootkits Enabled Hijack_Trojan_Siredef_C 26 May 2015.txt

Hi fatdcuk: Thanks for the prompt response. I tested this morning with MBAM database version 2015.5.25.4 and FileHippo.AppManager.exe is no longer detected as a PUP.

The realtime Malware Protection for my MBAM Premium v.2.1.6.1022 appears to have incorrectly detected the executable for the FileHippo App Manager v1.47.0.103 (formerly known as FileHippo Update Checker - available for download from http://filehippo.com/download_app_manager/59899/) as PUP.Optional.InstallCore.A. This is a utility I occasionally run to check if there are updates available for third-party software installed on my PC. The attached files are a zipped version of the restored C:\Program Files\FileHippo.com\FileHippo.AppManager.exe as well as my MBAM Protection Log showing the detection. Version 1.47 of this FileHippo utility is the current stable release and it has been installed on my system since 30-Jan-2015. Today is the first time it has been detected (MBAM database version 2015.5.24.3). ------------- 32-bit Vista Home Premium SP2 * Firefox 38.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS FileHippo.AppManager.zip MBAM FP FileHippo App Manager 24 May 2015.txt

I've now updated to NIS v21.7.0 and MBAM v2.1.6 (both clean reinstalls) and Norton Pulse Updates and Automatic LiveUpdates (ALUs) continue to fail to run to completion when MBAM's Malicious Website Protection is enabled. Norton Quick Scans are only scheduled to run during system idles after virus definitions are updated by an ALU, so these ALU failures also prevent my Quick Scans from running throughout the day. I requested to have my original support ticket re-opened but received the following response from Malwarebytes Support: "Unfortunately it will not be possible to reopen the old case you had with Malwarebytes Support as we have migrated to a different helpdesk system since that time. We would like to ask you to gather some logs again in order to proceed." After resubmitting new diagnostic logs and repeating the same troubleshooting steps I tried for the original support ticket I'm no closer to a solution. I haven't heard back from Support for over a week now and no one has been able to answer my question <here> about delaying the loading of MBAM services at bootup so I'm just going to leave MBAM's Malicious Website Protection disabled for now until someone comes up with a better solution. ------------- 32-bit Vista Home Premium SP2 * Firefox 37.0.2 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.6.1022 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

I am trying to troubleshoot a possible conflict between MBAM Premium and Norton Internet Security. The Advanced Settings section of the online MBAM User Guide states the following for Delay Protection at startup for <x> seconds: "There may be times when the startup of system services used by Malwarebytes Anti-Malware conflicts with services required by other applications at boot time. When this is the case, check this box. You will need to experiment with the specific delay setting necessary to compensate for the conflict. When required, this must be done on a case-by-case basis. The delay setting is adjustable from 15-180 seconds, in increments of 15 seconds." I've increased this Delay Protection setting to 120 sec but this only seems to delay the enabling/disabling of the realtime Malware Protection and Malicious Website Protection features. According to Process Explorer, the startup time of MBAMService.exe and MBAMScheduler.exe still occur within a few seconds of the load time Norton's NIS.exe. Is there any way to delay the loading of all MBAM executables at boot-up [e.g., changing the startup of MBAMService.exe from Automatic to Automatic (Delayed Start) in my Windows Services] without affecting the functionality of MBAM? ------------- 32-bit Vista Home Premium SP2 * Firefox 37.0.1 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.4 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

I regret to report that I my update to NIS v. 21.6.0.32 (2014) did not permanently solve the problem. One week after the NIS upgrade my Norton background updates started failing again and the only workaround was to disable MBAM's Malicious Website Protection. Here's a recent screenshot of my Norton Tasks window when MBAM's Malicious Website Protection is enabled: I've asked MBAM to re-open my support ticket and I'll post back if we make any progress. ------------- 32-bit Vista Home Premium SP2 * Firefox 36.0.4 * NIS 2014 v. 21.7.0.11 * MBAM Premium 2.1.4 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Hi nosirrah: Cheers. I restored ProgDataMgmt_PASW18_examples.zip from quarantine and re-scanned with malware database v2015.03.16.03 today and the file is no longer being detected as malware. ------------- 32-bit Vista Home Premium SP2 * Firefox 36.0.1 * NIS 2014 v. 21.6.0.32 * MBAM Premium 2.0.4 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

A MBAM Premium v. 2.0.4.1028 (malware database v2015.03.15.03) full system Custom Scan detected a zipped file named ProgDataMgmt_PASW18_examples.zip today as Trojan.Zbot malware that I believe is a false positive. This file was downloaded from http://www.spss.com/sites/dm-book/ (now http://www-01.ibm.com/software/analytics/spss/) in 2009 and contains sample data for a SPSS statistical software training tutorial. My previous MBAM full system Custom Scan on 23-Feb-2015 with malware database v2015.02.23.04 did not flag ProgDataMgmt_PASW18_examples.zip as malware. A VirusTotal scan today shows the SHA256 hash 8bf632c66bf2edbc02b480b7131dd83a4795f508e5d378b7b833a598ca0736c6 for this file has a 1/57 detection ratio (see analysis <here>) and MBAM is the only AV engine to flag this file as malware. ProgDataMgmt_PASW18_examples.zip MBAM Log FP Trojan_ZBot 15 Mar 2015.txt ------------- 32-bit Vista Home Premium SP2 * Firefox 36.0.1 * NIS 2014 v. 21.6.0.32 * MBAM Premium 2.0.4 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

I just wanted to report that I upgraded from NIS v. 20.6.0.27 (2013) to NIS v. 21.6.0.32 (2014) and that appears to have solved the problem - my Norton Pulse Updates and Automatic LiveUpdates now run to competion when MBAM v. 2.0.4 Malicious Website Protection is enabled. I performed a complete wipe of my old NIS installation as follows: Uninstalled NIS 2013 from the Windows Control Panel (Programs and Features) and chose the option "Please remove all user data" to remove all static user files (e.g., .dat, .log, .txt files with saved configuration settings, etc.) and re-booted Ran the Norton Removal Tool (www.norton.com/nrt) and re-booted to wipe orphaned registry and files Installed NIS 2014 using the offline installer from www.norton.com/latestnis Ran manual LiveUpdates untill no further updates were available and re-booted ------------- 32-bit Vista Home Premium SP2 * Firefox 34.0.5 * NIS 2014 v. 21.6.0.32 * MBAM Premium 2.0.4.1028 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

I use Norton Internet Security (NIS) v. 20.5.0.28 as my antivirus and have encountered a problem where my background NIS Pulse Updates, which should complete in 1 - 2 seconds, will fail to terminate and will run continually (i.e., until re-boot) if MBAM Premium's Malicious Website Protection is enabled. Here are sample screenshots: Norton Pulse Update Runs With MBAM Malicious Website Protection Disabled: Norton Pulse Update Fails With MBAM Malicious Website Protection Enabled: I first noticed this problem in MBAM Premium v. 2.0.3. I followed the MBAM clean removal process here to perform a clean re-install of v. 2.0.4 but this has not solved the problem. I created the recommended exclusions for MBAM executables in NIS for both scans and realtime protection (see attached screenshot) and also added my entire NIS installation folder (C:\Program Files\Norton Internet Security) in MBAM's malware exclusions but nothing I've tried so far has sovled the problem. NIS appears to function normally if I enable MBAM's realtime Malware Protection and leave Malicious Website Protection disabled. Is there some web exclusion for the Norton update servers that I have to create in MBAM in order to get my NIS Pulse Updates to run to completion when MBAM's Malicious Website Protection is enabled? ------------- 32-bit Vista Home Premium SP2 * Firefox 34.0.5 * NIS 2013 v. 20.5.0.28 * MBAM Premium 2.0.4.1028 HP Pavilion dv6835ca, Intel Core2Duo T5550 @ 1.83 GHz, 3 GB RAM, NVIDIA GeForce 8400M GS

Happy to see the ad banner at the bottom of the GUI is gone but hate the smiley face - it makes the GUI look like it was designed for a 5-year-old. Please bring back the old green checkmark. My only real issue with the current v. 2.0.3 GUI is that I have difficulty seeing the grey text and icons in the top toolbar (Dashboard / Scan / Settings / History). Unselected (greyed-out) toolbar buttons are almost impossible to see against the black banner unless the screen of my laptop is set to a perfect 90 degree angle to the keyboard.

Hi daledoc1: I read that entire thread Disable notification when I choose to disable Website Protection before posting, and I'm still not clear what comment in that thread you are trying to bring to our attention. That thread seems to be discussing adding an extra setting in a future release so that users can specifically prevent pop-up notifications from appearing at boot-up when real-time protection is deliberately disabled (i.e., while leaving other pop-notifications for malware detections, etc. enabled). I personally have no objection to a pop-up notification briefly appearing in my system tray when my MBAM real-time protection is partially or completely disabled. I just don't understand why it doesn't disappear on its own after 7 seconds if I have Settings | General Settings | Close Notification set to After 7 seconds. According to the MBAM v2 online guide at http://www.malwarebytes.org/support/guides/mbam/, the description of the Close Notification setting is: When a notification window is displayed on your screen, it remains visible for a time period which you configure here. That time is configurable in a range of 3-15 seconds. The default time is 7 seconds. ------------ MS Windows 32-bit Vista Home Premium SP2 * Firefox 32.0.3 * NIS v. 20.5.0.28 * MBAM Premium v. 2.0.3.1025 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

I have the same issue as UnusedName. If I deliberately disable real-time protection in MBAM Premium v. 2.0.3, the pop-up notification appears in the system tray after every re-boot and never disappears unless I maually click the "x" in the top right corner of the pop-up, in spite of the fact that Settings | General Settings | Close Notification is set to the default of After 7 seconds. ------------ MS Windows 32-bit Vista Home Premium SP2 * Firefox 32.0.3 * NIS v. 20.5.0.28 * MBAM Premium v. 2.0.3.1025 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

Hi AdvancedSetup: Further to my previous post, a friend offered to install MBAM PRO on a virtual machine (VM) running Windows 8.1 Pro Preview. This VM does not have NIS installed. MBAM PRO was configured with partial realtime protection (filesystem protection enabled, malicious website blocking disabled). With this configuration, MBAM PRO allowed the wrapped installer SoftangoDownloader_SysinternalsProcessMonitor.exe to download without incident but blocked and quarantined the .exe file when it was executed. This supports your comment in post # 2 that the file would likely be detected by MBAM PRO's realtime protection at execution. Thanks again for your excellent support in this forum. ------------ MS Windows 32-bit Vista Home Premium SP2 * Firefox 27.0.1* IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

Hi AdvancedSetup: Thank you for your prompt response. I had read the MBAM support article here titled "What's the differences between the Malwarebytes Anti-Malware Free and PRO versions" and it states in part: "The realtime protection module uses our advanced heuristic scanning technology which monitors your system to keep it safe and secure by blocking unwanted downloads or executable files from running. Another important feature is our malicious website blocking, meaning that sites known to be malicious will not load on your system thereby avoiding a potential malware infestation." I wasn't entirely clear if that first sentence meant that MBAM's heuristic scanning should detect unwanted files like PUPs during the download process (full stop) or if MBAM's heuristic scanning should block unwanted downloads from running. Your response has clarified that statement and I'll assume the wrapped installer containing the PUP would be blocked by MBAM PRO if it was executed. Fortunately, I didn't run the installer so my system was not infected. ------------ MS Windows 32-bit Vista Home Premium SP2 * Firefox 27.0.1* IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO 1.75.0.1300 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

Should files normally identified by MBAM as PUPs (potentially unwanted programs) be detected during downloads when MBAM PRO real-time protection is enabled? I was testing my MBAM PRO real-time protection by downloading a Sysinternals Process Monitor installer from Softango.com that is known to be bundled with unwanted third-party add-ons. MBAM scans should detect this wrapped installer (SoftangoDownloader_SysinternalsProcessMonitor.exe) as PUP.Optional.InstallBrain. When I attempted to download this file with MBAM PRO real-time protection fully enabled, the malicious website blocking feature prevented my browser from connecting to the server at www.humipapp.com (i.e., the IP address was identified as a potentially malicious website). So far so good. When I tried the download with MBAM PRO real-time protection partially enabled (i.e., with malicious website blocking disabled) I saw a pop-up in my system tray from my antivirus software (Norton Internet Security's File Insight) claiming the downloaded file was safe and the file downloaded to my hard drive. I right-clicked on the file SoftangoDownloader_SysinternalsProcessMonitor.exe from WIndows Explorer and a MBAM scan detected this file as PUP.Optional.InstallBrain. Is it possible that my antivirus (NIS) real-time protection interfered with MBAM PRO's heuristic scanning during the download, or does MBAM PRO's filesystem protection only detect PUPs when they are scanned and/or executed? ------------ MS Windows 32-bit Vista Home Premium SP2 * NIS 2013 v. 20.4.0.40 * MBAM PRO v. 1.75.0.1300 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS

Just to update my previous posts, I can confirm that I'm still getting the GetDefaultBrowserError: 2 with the latest Java JRE 7 Update 45 (v. 1.7.0_45-b18) installer and that the Java verification test at http://www.java.com/en/download/installed.jsp passes with my default Firefox v. 25.0.1 browser but continues to fail with my IE 9 browser. Also, when I browse to the Java download page in my IE 9 browser at http://www.java.com/en/download/windows_ie.jsp, Java is not detected and the auto-detection recommends that I install Java 7 Update 45 even though all v. 7.0.450.18 Java plug-ins are enabled in IE 9 when I check at Tools | Manage Add-ons | Toolbars and Extensions. When I try to run the Java applet at http://www.geforce.com/Drivers that auto-detects the best driver for my NVIDIA graphics card, the applet works fine with Firefox 25.0.1 but always fails with IE9 with the error message "Windows has blocked this software because it can't verify the publisher" after I accept installation of the Active-X control in IE9. ------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 25.0.1 * IE 9.0 * Java JRE 7U45 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS

A full scan with MBAM PRO v. 1.75.0.1300 (database v2013.07.08.06) has once again detected the above mentioned Word 2007 tutorial named Lindas2007MailMergeTutorial.exe as malware, but this time as a Trojan.PWS.Agent. The zipped file, as well as the log file from the MBAM scan run in developer's mode, is attached. ------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 22.0 * IE 9.0 * NIS 2013 v. 20.4.0.40 * MBAM PRO v. 1.75.0.1300 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS Lindas2007MailMergeTutorial.zip MBAM-log-2013-07-08 (18-08-12).txt

Hi SickAndTired: I also got the same error message on my 32-bit Vista laptop with Java 7U25. I wiped the old Java 7U21 installation off my system, installed the 7U25 Windows offline installer from http://www.java.com/en/download/manual.jsp and the error message popped up immediately after the installation wizard informed me that Java had installed successfully. Like you, I use Firefox 21.0 as my default browser and the Java installation tester at http://www.java.com/en/download/installed.jsp shows that Java 7U25 is working correctly with Firefox. However, the Java 7U25 installation test fails with my IE9 browser. I had the same GetDefaultBrowserError: 2 error with both Java 7U21 (see my previous posts in this thread) and 7U25. The only difference is that the Java installation test for Java 7U21 passed with both Firefox and IE9, whereas Java 7U25 only works correctly with Firefox. ------------ MS Windows Vista Home Premium 32-bit SP2 * Firefox 21.0 * IE 9.0 * Java JRE 7U25 * NIS 2013 v. 20.4.0.40 HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400 GS