Jump to content

RedDawn

Honorary Members
  • Posts

    24
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, Why is MBAM trying to phone home each time I scan a file with it from the context menu? And what info is it attempting to send? I have 'Anonymously report usage statistics' unchecked.
  2. Sure, many people have setup multiple sandboxes (Sandboxie Control > Sandbox > Create New Sandbox), each to be used for a different purpose (online banking, browsing, program testing etc.) and each one configured best for that purpose. For example, my browser sandbox settings for everyday use, I have Internet access restricted to IE, Firefox, Java and WMP (Sandboxie Control > Sandbox Settings > Restrictions > Internet Access). I also have blocked access to My Documents and D and E Drives (Sandboxie Control > Sandbox Settings > Resource Access > File Access > Block Access). To be even more secure, you could limit what can start/run in the sandbox, I'm toying with this at the moment. Some may find this setting a little too restrictive for normal use, it may be better suited to a sandbox used solely for online banking for example. See this thread. There is also the Drop Rights feature. The links below will explain things better and go into more detail on the different SandboxIE settings. Sandbox Settings Restrictions Settings Resource Access Settings
  3. I would guess Oneder tested the sample using the latest version of Sandboxie. It's good news though to hear the file was contained successfully in his testing. A restricted Sandbox would be one that has been hardened through the Sandbox settings, such as enabling the Drop Rights feature, restricting Internet access to certain programs, selecting what's allowed to Start/Run in the sandbox etc. All the best, RD .
  4. Thanks Tom, but no need, Oneder has kindly taken the time to test the file HERE. Thanks again .
  5. Hi TeMerc, Any chance you could elaborate a little on this. What variant of Virut, Sandboxie version etc? Thanks .
  6. Updated through Internal Updater - No problems. Malwarebytes' Anti-Malware 1.31 Database version: 1456 Windows 6.0.6001 Service Pack 1 04/12/2008 04:39:19 mbam-log-2008-12-04 (04-39-19).txt Scan type: Quick Scan Objects scanned: 44623 Time elapsed: 3 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0
  7. Hi Alicez, Yes, Swiss Army is safe, it is part of MBAM, a Driver if I'm not mistaken. To configure Windows Defender to ignore it: Open Windows Defender click Tools > options scroll down to Advanced Options and under Do not scan these files or locations click add, navigate to mbamswissarmy and click OK. The path should be C:\Windows\system32\drivers\mbamswissarmy.sys You should now stop seeing the warning from WD.
  8. Hardhead, Thank you very much for your help.
  9. Just updated to (Free) version 1.29. Uninstalled version 1.28 using Revo. Rebooted. Installed version 1.29. Rebooted. Everything is okay, except I now have the following entry in my startup list. Why is this here and can/should I delete it? Thanks, RD.
  10. Hi Guys, Sorry for the late post on the subject, but I've only come across this tonight. A couple of questions if I may. I've restored MBAM-dor.exe from McAfee's quarantine, should everything be okay now with MBAM, or would It be advised to reinstall it? Also slightly odd, McAfee's quarantine report for MBAM-dor.exe, Process: SuperAntiSpyware?? Any thoughts appreciated. Thanks.
  11. Smooth update, no problems. Just one thing I noticed on this [and the previous] version, After I initialize a scan, 7 seconds will elapse before scanning actually starts, not really a problem, just reporting (I'm running Vista Prem.). Malwarebytes' Anti-Malware 1.27 Database version: 1130 Windows 6.0.6000 09/09/2008 00:31:40 mbam-log-2008-09-09 (00-31-40).txt Scan type: Quick Scan Objects scanned: 43249 Time elapsed: 3 minute(s), 14 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  12. Hi AdvancedSetup, No, everything is okay, I was just curious why the thread had disappeared. Thanks for the explanation. Take care.
  13. It was to do with MBAM flagging the file lvuvc.hs as a rootkit. The thread was finished, I just wondered as to why it has been deleted?
  14. A little curious as to why my recent thread "Anything to worry about?" on the HJT board has been removed?
  15. Hi Jean, Scan is clear now (see below), must have been a FP as I've never had any infections. Thanks so much for all your help. Take care. Malwarebytes' Anti-Malware 1.11 Database version: 686 Scan type: Quick Scan Objects scanned: 35179 Time elapsed: 3 minute(s), 13 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.