Jump to content

LouisAZ

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by LouisAZ

  1. Thanks for the prompt reply. Yeah, I was suspicious. I've used support tickets in the few other times, I've need some MBAM support. This knucklehead said that he was with the Malwarebytes support staff. Also, the phone number I noted in the initial message, responds with an innocuous answering machine message. Using reverse lookup programs, the number is registered in Pine Grove, CA to an individual. I've left a message on the answering machine to return my call. This is important. He used Ninite to download a new version of MBAM. I asked him WHY he didn't go to the Malwarebytes website. He gave me some lame answer. The version downloaded and running is 3.4.5, which appears to be operating properly. I'm guessing he used Ninite to not leave any crumbs (tracks) of his downloading from MBAM. Best, Louis
  2. Today, I noted that my MBAM Premium was not running, and that it was not installed. It apparently had been uninstalled inadvertently by me or by another program (perhaps a virus or malware). I went to the Malwarebytes homepage and searched around a bit to see how to reinstall my MBAM Premium. I have a Lifetime version and I kept my product key and ID. Not sure which version to download and install, I went to the Internet and found a website that offered Malwarebytes tech support. It appeared to be legit, but I was (and still am) not sure. After providing my email address, I received a "chat with tech popup" that I opened. They tech requested my telephone number. I received a phone call from 1-209-257-4300 -- a California number. The male spoke with a foreign accent -- probably from India or another Middle Eastern country. He said he could help me reinstall my missing MBAM Premium. I agreed to let him install a remote user program and he proceeded to download the current version of MBAM Premium. I watch his every move. I did provide him with my MBAM product key. It installed quickly and we ran a scan. No issues. The account information on the reinstalled program was correct. He did not ask for any credit card numbers or other forms of payment. We both speculated on how the version was uninstalled. He decided to check by TASK MANAGER and noted that I have two Csrss.exe files running. He immediately informed me that my PC was infected with a Trojan. Fortunately, I've been through this issue before. In fact, the legitimate Csrss.exe file is required and important. It is legitimate -- if it resides in your \Windows\System 32\ folder. The tech did not right click on either of the Csrss.exe files to determine their location (they are where the should be). He was completely convinced that my PC was infected with a Trojan. He said that I must take it to a Windows certified technician to remove the infection. I asked him why Malwarebytes could not detect and remove the infected Csrss.exe files. He said Malwarebytes cannot do that. (REALLY!) I asked him if he could recommend another program to remove the (presumed) infection. He said NO, only a certified Microsoft technician could do the job. He seemed to sense that I was very skeptical about his diagnosis and asked if there was anything else he could do for me. I said no and terminated the 2-way chat and the program that allowed him to access my PC. After our contact, I removed (deleted) the 2-way program used by the technician. Whoever he was, he didn't know what the hell he was talking about with respect to the Csrss.exe files. Before writing this, I used Totalvirus to scan my Csrss.exe (and related) files. They are clean. I've also re-scanned my PC with multiple programs Including EMSISOFT, AVAST, and Suerpantispyware (in addition to MBAM Premium). My PC is behaving as it should. No issues whatsoever. I have submitted a support ticket because I would like to formalize this event with Malwarebytes. Either they are using an ignorant technician to provide support or this guy was a fraud. I checked the telephone number the tech used and it is legitimate and apparently has never been used as for a SPAM or other illegitimate purpose. Yes, I know there are programs that allow the fraudulent use of legitimate numbers. This could be one of those. Below is a screen shot of all of my Csrss.exe and related files. None are infected -- according to MBAM, Totalvirus, etc. ANY AND ALL COMMENTS ON THIS EVENT WOULD BE HELPFUL. FYI, I am a loyal customer and believe that MBAM Premium is a superior product. Louis
  3. I have not had ANY problems with this issue since I posted the following in April: I don't want to take the chance of messing something up. I'm confident that if this happens again, I will be able to reboot and solve the issue. I do think it was some sort of transitory anomaly that may never happen again. To my knowledge it's only happened once. All of my AV and AM programs seem to play well together and nothing has penetrated my sanctum sanctorum -- other than a few unwanted cookies, which are easily identified and removed. Louis
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.