Jump to content

ram1009

Members
  • Content Count

    67
  • Joined

  • Last visited

About ram1009

  • Rank
    Regular Member

Recent Profile Visitors

1,261 profile views
  1. I'm having the same problem and I have updated and restarted the program with NO effect. It's only happening on one of my desktops.
  2. Occasionally, A popup will appear on one of my MWB installed W7 boxes saying "Real Time Protection Is Turned OFF. Would You Like To Turn It On?" Of course I answer "yes" and wait for the next time but I'm finally tired of this happening especially since it doesn't happen to my other computer. Please help. Thanks.
  3. Yes, it went as you predicted. Thanks again.
  4. Attached is the file requested by your cleanup program. mb-clean-results.txt
  5. The machine you guys are currently evaluating has had no issues for several years. It was once hit with ransomware and I was able to offload important files using a CD program. That partition was never usable again so this is a new SSD.
  6. Since you are new on this topic I think it best to point out that the files you've analyzed (thanks) are NOT from the machine that I suspect was infected. The sick SSD has been reimaged and so no analysis is possible. The files you analyzed are from a second machine that appeared to be displaying the same window (asking to upgrade) that I think led to the infection. Your analysis shows this to NOT be the case although I have no idea how two versions of MWB are (or could be) running on the same computer especially if the older version were installed after the newer version. I would have thought the install program would disallow that. I'm at work now and don't have access to either machine but will comply with your suggestion later today. Thanks for your participation.
  7. Well, it's a no brainer. If I help you, I help me. So, you're proceeding under the assumption that the update offer was an attempt to load malware already downloaded to this machine, right? If you are correct, would MWB find the malware or should I just delete something you could tell me to delete? I'm just wondering how this is likely to play out.
  8. I followed the instructions as best as I could however neither of the downloads allowed me to choose a location so I just ran them from the "downloads" folder where they went by default. As a precaution I will attach the FARBAR files separately. mb-check-results.zip FRST.txt Addition.txt
  9. I did notice the difference you mention but I assumed it was probably the difference between one typist and another. Here's the file name you requested:
  10. Sir/Madam, I'm 71 years old and consequently have little time left on this planet. I have better things to do with that time than reporting false malware infections. If I wanted to lie about something I could create something much more plausible AND profitable. As you so glibly point out my story is less than integrated. As I said, my days are numbered and I've already wasted too much time on you but I do want to pass on an old saying. I'm big on old sayings. It gors like this: "Correct/inform a fool and he will curse you. Correct/inform a wise man and he will thank you" I'll let observers decide where you fall on that spectrum. BTW, I've attached a screen shot of the recurring upgrade notice which is now appearing on this computer as it on the one I just fixed. You'll see it in the lower right corner. It wants to upgrade to a version already running on this machine. Have a great day. Maybe you can find someone else to discourage from reporting to the forum.
  11. My guess was that the program was being controlled remotely. The initial infection just opened the door.
  12. I mentioned before that I talked with another troubleshooter about this. His screen name is "kevinf80". I followed his suggestions as best I could. He has some log files if you can find him. Sorry I couldn't be more help. BTW, here's another clue. When I pulled my ethernet cable I was able to engage all the protection buttons in MWB and they stayed "ON". The plot thickens.
  13. Evidently you don't believe something filled up a (nearly) 300GB space in my drive very quickly. Why would an infection only tell me my drive was full if it wasn't? We could play "what if" all day. You, obviously have more knowledge on this topic than I so you need to make the best of my observations and see if anybody else reports anything similar. Personally, I'm going to be very careful when I update/upgrade MWB.
  14. I doubt the beta option was active at the time the infection occurred AND I just got the same popup on this computer asking to install the same version I am already running. The beta option is definitely OFF on this computer. I'm not sure how you would define "overt signs" but to me there were several. For one thing my C drive filled completely (nearly 300GB) very quickly. Not just warning signs. I checked the properties and programs refused to run for lack of space. I couldn't access my mail program. The MWB protection buttons were all in the "OFF" position and when I moved them to "ON" they immediately snapped back. I ran a scan using MWB and the resulting report was absent a "quarantine" button. These are enough to convince me there's an active infection. BTW, I've completed re-cloning the sick drive and it appears to be running OK.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.