Jump to content

SpySentinel

Experts
  • Content Count

    1,848
  • Joined

  • Last visited

Posts posted by SpySentinel

  1. Hi DallasBob,

    After running mbam-clean.exe, here is how to set exclusions for McAfee:

    Set Exclusions for McAfee in Malwarebytes' Anti-Malware:

    • Open Malwarebytes' Anti-Malware and click on the Ignore List tab
    • Click the Add button on the lower left
    • In the small browse window that opens, navigate to C:\Program Files and click once on McAfee and click OK.
    • Click the Add button on the lower left
    • In the small browse window that opens, navigate to C:\Program Files and click once on McAfee.com and click OK.
      Note: For 64 bit Windows versions this will be C:\Program Files (x86)
    • Close Malwarebytes' Anti-Malware

    Set Exclusions for Malwarebytes' Anti-Malware in McAfee on 32 bit Windows Versions:

    • Open McAfee and click on Navigation in the upper right hand corner.
    • Click on Firewall located under Features.
    • Click on Program Permissions and wait for the list to populate.
    • Click the Add button and then click browser.
    • Add the following files to the firewall with full access:
      • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
      • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

      [*]Click OK

      [*]Close the McAfee main window and restart your computer.

    Set Exclusions for Malwarebytes' Anti-Malware in McAfee on 64 bit Windows Versions:

    • Open McAfee and click on Navigation in the upper right hand corner.
    • Click on Firewall located under Features.
    • Click on Program Permissions and wait for the list to populate.
    • Click the Add button and then click browser.
    • Add the following files to the firewall with full access:
      • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
      • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

      [*]Click OK

      [*]Close the McAfee main window and restart your computer.

    Let me know if this helps. :)

  2. Hi Fegiz,

    Welcome to the Malwarebytes Forum :)

    If you are going to use Malwarebytes Anti-Malware PRO on two computers, you will need to purchase 2 licenses.

    However, if you buy both at the same time, you will receive a 10% discount.

  3. All clean now :)

    Norton safe web doesnt work with firefox 5, i dont know how to use it :S

    If you are using Web of trust (WOT) you do not need to use Norton Safe Web.

    I have MSE so i dont need spyware guard

    MSE will not conflict with SpywareGuard. SpywareGuard is an extra layer of protection that provides heuristic protection against spyware.

  4. I THINK!, is that the spr hacktool was located in the system restore area. And when i deleted system restore it was vanquished

    More than likely, as it is not showing up in the logs.

    Your log looks clean, Great Job! :)

    Follow these steps to uninstall Combofix and tools used in the removal of malware

    • Click START then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      CF_Uninstall-1.jpg


      Now for some cleanup..
      Please download OTC and save it to Desktop.
      • Please make sure you are connecting to the Internet
      • Double-click OTC.exe
      • Click the CleanUp! button.
      • Select Yes when the "Begin cleanup Process?" prompt appears.
      • If you are prompted to Reboot during the cleanup, select Yes

    Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

    1. Disable and Enable System Restore. - Set a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.
      The easiest and safest way to do this is:
      • Go to Start > Programs > Accessories > System Tools and click "System Restore".
      • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
      • Then go to Start > Run and type: Cleanmgr
      • Click "OK".
      • Click the "More Options" Tab.
      • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

    [*]I recommend you install an alternate web browser such as FireFox or Chrome. FireFox and Chrome are more secure browsers than Internet Explorer and they have some additional tools you can install to help secure it even more.

    [*]Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

    [*]Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

    [*]Install SpywareGuard - SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program or there will be a conflict.

    [*]Malwarebytes’ Anti-Malware <= The best free antimalware application to remove malware and keep your computer clean. The free version is a great scanner to compliment your current antivirus software. However, if you upgrade to Malwarebytes’ Anti-Malware PRO, you will get real-time protection against the latest malware threats.

    [*]Norton Safe Web <= Norton Safe Web protects your browser against malicious sites and warns you when you go to one.

    [*]Update all these programs regularly - Please keep these programs up-to-date. Without regular updates you WILL NOT be protected when new malicious programs are released. You can use these free resources to check if there are any available updates to the programs you have installed: Secunia Software Inspector and Calendar of Updates.

    Follow this list and your potential for being infected again will reduce dramatically.

  5. Hi Otherguyx,

    You're welcome :)

    Glad to hear everything is running better.

    To make sure that there are no more rootkits on your system, I would like to see one more scan with TDSSKiller.

    Please delete the current version of TDSSKiller that you have and then:

    Please read carefully and follow these steps.

    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
      TDSSKillermain.png
    • If an infected file is detected, the default action will be Cure, click on Continue.
      TDSSKillerMal-1.png
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
      tdsskiller2.png
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
      TDSSKillerCompleted.png
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  6. Welcome to the Malwarebytes Forum :)

    The site at IP range (204.188.198.) is currently not blocked as of database version 7044.

    Please update Malwarebytes' Anti-Malware and let me know if the site is still blocked.

    Thanks,

  7. Do you know where the hack tool file is located?

    • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Click Continue at the disclaimer screen.
    • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

  8. Hi Dolfa,

    Welcome to the Malwarebytes Forum :)

    The site at IP (46.4.90.3) is currently not blocked as of database version 7030.

    Please update Malwarebytes' Anti-Malware and let me know if the site is still blocked.

    Thanks,

  9. Before I go through all of that, I can't be the only one with this problem. Some else must have the same problem (that is how I tracked it here by MJFischer's post - did he get an answer?)

    There have been multiple users with this issue that have received help via our Support Team.

    This error occurs when your DNS settings have been changed, usually by an infection.

    http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=439250entry439250

    Besides, I dont think the help desk would help someone with problems with the free MBAM. This is actually very disappointing.

    Yes, we help users of our product, Malwarebytes Anti-Malware, period. It doesn't matter if you have the PRO or Free version.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.