Jump to content

dprout69

Honorary Members
  • Posts

    108
  • Joined

  • Last visited

Posts posted by dprout69

  1. You are using MB and another AV which, although not 100%, almost eliminates malware as being the culprit and the symptoms you were describing are not usually how malware behaves.  If it were a zero day exploit the odds are higher you would hear about it on the news or on a forum before you were affected by it.  True "hackers" aren't spending time with individuals unless there is some kind of payout and since you are asking on here instead of asking your IT department, I can gather you aren't a large entity.  True hackers are going after companies where the risk and reward are equal.  Since they were in your admin account, which as I mentioned should have been disabled the second you got your computer, it was obvious to me that a door was left open somewhere... the most common point of entry is a password (weak or none) and the only place a password exists as an entry point (since they were not in your locked account) is your router.

  2. Jerrybox it's your call.  You left the front door wide open, they came in and they had time to play around in your network (to include every mac address that connected to your router, phones or otherwise).  How long that was going on and what the extent of their tampering was is anyone's guess (You could probably review the router logs if you want to go to that level).  Me personally, I'd reinstall because I'd never have peace of mind that there wasn't something lingering.

    Windows Pro has an admin account enabled by default without a password just like home does.  So if they got in one they got in the other.   As far as if they did anything on your phone that depends on their skill level. 

    The intrusion may have been benign (just kids discovering).  The intrusion may have been malicious and turned your computers into bots for the next major virus outbreak.  Bottom line is do what you need to do to feel ok with it.

  3. Could they have connected to my computer from a distance?

    Yep... Not only yours but anyone connected to that network and in all honesty, if they have your password there is no telling how long it's been going on from the very first person you gave the pwd to, to the very last.  The day of the incident may have just been the day you caught them.  I would say reinstalling windows would be the best bet because with access to the admin account they could have done a million things and you will probably never be able to track down every change and have peace of mind.  Also, any transactions you were conducting on the computer, change passwords (banking, Netflix, email accounts, etc.)

    Most importantly, change your router password immediately and disable the admin account.

    Additionally, spend a bit of time going through your router configuration and look for anything abnormal... strange mac addresses or routing IP's that you don't recognize.  May want to just hit the reset button on that too

     

     

  4. Step 1 would be to disable the built in admin account.  That actually should have been done in any regard (its enabled by default).  Couple of ways to do it

    https://www.isunshare.com/windows-10/3-ways-to-enable-and-disable-built-in-administrator-in-windows-10.html

     

    Step 2 do you have a password on your router?  Is it a good password (not 1234)?  Do you have the ability to add mac addresses for allowed devices in your router?  Add them and add/change the password.

    Most likely this is someone that just exploited your lack of securing your system (someone that lives around you).   Also what firewall are you using?

     

    Step 3 Run a couple of other portable AV's (Avira has one, Emsisoft has one).  If they are all telling you there is nothing wrong then most likely see step 2, its one of your neighbors snooping on your computer.

  5. 1 hour ago, ICMCD said:

    Is there any necessity to have Malwarebytes and WD at the same, or would that be duplicating functions?

    It's not duplication... every AV has different signatures and different ways they handle scanning.  More is better, layers are better as long as you get them to work properly with each other.  Again, you cannot have two dominant at the same time but you can have them assist each other as I explained above.  Period scanning in WD is designed to run as a secondary when you have another AV present.

  6. 11 hours ago, Porthos said:

    Post #2 is all you need to do. I would not do the above because you will lose your real-time AV protection that works well with MB. 

    Not true.  You don't lose anything no matter which way you set it up.  The only difference between register and not register is Malwarebytes doesn't try to fight for dominance if not registered.  Everything else still works the same way.  I run Avast as my primary, WD as my secondary and MB as my tertiary and MB still chimes in from time to time

  7. You cannot have two dominant AV's at the same time.  What the above is telling you is that Malwarebytes is your dominant.  If Malwarebytes were to turn off, then WD would turn on automatically.  It's always been like that.  If you want Malwarebytes as the dominant you can still have WD do periodic scanning... WD security center > Virus and Threat Protection > WD Antivirus options > Periodic Scanning on.  If you want WD as the dominant then do as digmorcrusher stated.   

  8. Works fine, but you only want one dominant AV, which I assume you want Webroot?  Therefore, Malwarebytes > Settings > Application > At the bottom, Windows Action Center > Never Register

    The order of dominoes would then be WebRoot > WD > Malwarebytes (Malwarebytes still works the exact same way in this situation - all you're telling it is don't try to compete for top billing).

    You can leave it default however Ive noted my computers always have trouble if say Webroot shuts down then WD tries to jump in at the same time as Malwarebytes.  Whether that's a windows issue or Malwarebytes IDK, but either way you're protected three ways with no slowdown

     

     

  9. 1 minute ago, LodeHere said:

    Oh well, making mistakes is human after all. I'm sure it will be fixed. No biggie. :D

    No it is a biggie... if this is all shutting down as a result of some global cyberattack then Malwarebytes isn't doing it's job.  How can you say no biggie when whats protecting you... isn't.  Well my gun didn't work during the home invasion... no biggie... Ill take it into the shop tomorrow... wtf

  10. OK sincerely... what is the vendetta Malwarebytes seems to have with WiseCleaner?  Fine, you blocked Regcleaner because of your "opinion" and nothing more, but now you are blocking the entire website?  Care to enlighten everyone as to why?  If you have some information you'd like to share I'd like to know, otherwise I've been using their programs longer than I have Malwarebytes and never had a single problem with them.

  11. Deactivated the license, uninstalled, reboot, reinstalled, installation went ok... did the first scan on one computer (the other went ok) and the scan froze for a long time, stopped, and then on the main screen the Malware Protection off problem was there so doesn't look like that was fixed.  Scan never finished

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.