lordpake
Honorary Members-
Posts
210 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by lordpake
-
Good enough security setup Some little info: Either choose MBAM or SAS for real-time, do not use both! Additional notes: consider using alternative browser, you do not mention this. Using Firefox/Opera/even Safari can lessen the chances of getting infection through drive-by downloads. As IE is the most used and thus the most targeted browser.
-
Same as this? Let it fix it See nosirrah's response here http://www.malwarebytes.org/forums/index.php?showtopic=6249
-
Built-in updater worked fine here.
-
She should not use computer w/o antivirus protection. Also firewall + antispyware might be good thing to have too It should also be remembered that no single product catches 100% of the malware. So ditching McAfee because of such single incident may not be the wisest choice IMHO. Also patching OS/Java etc. play a key role in keeping PC safe online.
-
Beenthere, latest database is 1131 Please update and re-scan in case it's fixed.
-
Roger that
-
Here's my dev log (should have posted that earlier instead, my bad ^^) ---- Malwarebytes' Anti-Malware 1.27 Database version: 1128 Windows 5.1.2600 Service Pack 2 8.9.2008 13:04:41 mbam-log-2008-09-08 (13-04-39).txt Scan type: Quick Scan Objects scanned: 47589 Time elapsed: 2 minute(s), 52 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S) -> No action taken. [3974894881707936807878667969840910013986796885748079] Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
-
Edit See my dev log in posts below ...
-
Old log? Judging from the timestamps. Additionally, your program/database is way old Update through the program and re-scan, just in case it is already taken care of. Latest database 1125 and program is 1.26.
-
'not-a-virus:Downloader.Win32.MalwareBytes.a'
lordpake replied to a topic in Malwarebytes for Windows Support Forum
A what? If we are talking about MBAM here, I've never seen anything like that from my KIS. -
I subscribed to recent f/p thread here with immediate email notification. However, several posts had been made there, yet I received no notification emails at all? I have correct email address in my profile, and I did check my Gmail spam folder.
-
database 1096: Folder C:\WINDOWS\PIF (Trojan.Agent)
lordpake replied to ky331's topic in File Detections
Okay, that explains it, thank you. MS-Dos apps I do use every now and then Will restore folder then. -
database 1096: Folder C:\WINDOWS\PIF (Trojan.Agent)
lordpake replied to ky331's topic in File Detections
If you find out, care to post here or PM me? As I am also curious as to what might put such folder in my drive I personally consider myself as the cautious type who employs several tools to keep himself safe, plus I don't play with warez. So a mysterious folder in a drive is not what'd expect to find. -
database 1096: Folder C:\WINDOWS\PIF (Trojan.Agent)
lordpake replied to ky331's topic in File Detections
Same here. I simply allowed MBAM to deal with it. After all, it was empty folder, and I've had similar detections pointing to few oddly named also empty hidden read-only folders named like files in the past -
I actually had a similar incident some time ago, 3 of the 4 folder names listed above match those of mine Empty folders named like files. I was able to delete them and all seems okay.
-
AFAIK there should not be any issues if you use Spybot only as on-demand scanner. Using Teatimer may bring trouble.
-
You are using very old database. Latest is 1088. Please run the updater within the MBAM and re-scan. AFAIK there was a Bandu-related f/p but that should've been fixed
-
I can confirm the false positive, also winxp home sp2. Below is attached file from my system, if needed. Plus dev log. oembios.zip mbam_log_08_25_2008__00_25_04_.txt oembios.zip mbam_log_08_25_2008__00_25_04_.txt
-
So kinda like adding Secunia PSI -like functionality to MBAM? Oh and good to know about the possible IP blocking feature, sounds useful.
-
Isn't that a malicious Flash code we are talking about now, that is run in browser? And not some piece of malware that is installed/run locally in your machine. AFAIK the Flash 'exploit' is done for when you terminate browser process. I don't see what MBAM could do to prevent that
-
Making Malwarebytes Portable ?
lordpake replied to Korlean's topic in Malwarebytes for Windows Support Forum
Never even heard of you, or your software I do frequent some forums etc. and I have never come across any references to either you or your software So, no it's not as bad. I know people behind MBAM by reputation, I don't know you -
Making Malwarebytes Portable ?
lordpake replied to Korlean's topic in Malwarebytes for Windows Support Forum
Well this is a security forum. What do you expect? Post 1 users pimping a custom "build" of security software? Without any sort of official approval! Enthusiastic welcome? More like paranoia is what you get VT link posted by Hardhead obly shows one thing: only heuristic detections from apps that almost always give them, meaning this could still be trojan just one unknown to most vendors. -
Making Malwarebytes Portable ?
lordpake replied to Korlean's topic in Malwarebytes for Windows Support Forum
Well I for one did hit the 'report' button to make sure forum staff is aware of this "custom build". -
NO apparent improvement in Quick Scan speed. With only KIS 2009 running (with exlusions for MBAM of course) I still get over 2 and a half minutes runtime for it. Used the built-in updater, all went fine except the new updated MBAM didn't autorun after installation. Is it intended to be this way?