EliteKiller
-
Posts
74 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by EliteKiller
-
-
By free anti-vrius software I mean AVG, Avast, Avira etc. Which one is the best? I know AVG is the most popular, but I've heard lots of bad things about it. I've heard Avira has the highest detection rate...is this true?
Out of the three products that you list Avira has a history of offering the highest detection rates. FP's really aren't an issue even when the heuristics are set to high. However I have found that it's lacking in the removal dept. You can easily block the update nag screen by searching Google.
Please keep in mind that in the end all of the responses are based on opinion. The best is what performs best on your system. Read some credible antivirus reviews/comparatives, use the forum search, and drop one on your pc to see how it works out.
-
Right-click the Norton tray icon and disable protection.
-
Is there any chance for a public explanation about the technician license or is this a private matter?
-
Glad you got it fixed. It sounds like you were infected with a TDL3 rootkit. If you still have the infected atapi.sys you should send it to the MBAM research team.
-
Nothing is 100% on any given day. Losing faith in a product such as MBAM over some missed sample(s) is acting in haste. Instead you should look at the number of times it has saved you. Zip those samples up and send to the research team. F-Secure focuses on viruses where MBAM focuses on other malware. Everyone would benefit if you could post the F-Secure scan log. For all we know it only found some cookies.
-
Many thanks to MBAM Staff for all of their efforts. This is one of the many reasons that MBAM continues to flourish.
-
That is actually incorrect. Go ahead and private message me and we'll get it all squared away. We were going to contact our technician's license purchasers soon to let them know about the links etc.
Thanks!
RubbeR DuckY, what I posted is what was relayed to me a while back when the tech license was first made available. Would you be so kind as to clarify as to what I posted was incorrect so that we can all benefit from this new information.
-
AFAIK there is no special version to download or 'tech' license key that is input into the program. You simply use the latest 'public' (aka free) release on your clients computers as you are servicing them. You are basically paying for goodwill use of the program in a commercial environment.
-
An additional question: I saw several users mention this was happening with external USB hard drives. Is anyone experiencing this when doing backups to internal drives? That may be another clue as to the cause.
Thanks
I doing the backup/image creation to an internal WD Black 1TB. Since MBAM has been uninstalled for a few days I have experienced zero issues. I will reinstall MBAM and disable the real-time protection once I return to that computer on Wed. to see what happens.
-
I use CCleaner to remove them. If you install with the default options on your user account then you can log on to each user account (in this case your wife's), right-click the recycle bin, run CCleaner.
-
4.Get HItman Pro
If you are already running another A/Virus it is not a good idea to run a second A/Virus program -
FWIW HitmanPro is not an antivirus. It is a Second Opinion on-demand malware scanner that incorporates several cloud-based scanners, some of which happen to be anti-viruses.
-
One other thing, are you guys doing the system image backup along with incremental? This is an option in Windows 7...
Good observation. I was fixing to ask MBAM staff the same thing.
-
I'm running Win 7 Ult x64 w/ NIS2010. Two days ago MBAM (paid) was installed and excluded in NIS. I have a daily backup w/ image scheduled @ 4am (to an internal 1TB hard drive) using the built-in Windows backup utility. Ever since MBAM was installed the computer eventually becomes unresponsive once the backup has started. As an example I'll click the start button or try to pull Firefox up from the taskbar and they will appear on the screen. However Task Manager will not open up. A few seconds later you can continue to move the mouse but can no longer click on anything. After waiting several minutes the system is still not responding, so the only option is to press the reset button on the tower. What I have noticed in the even log (system) is that MBAM appears to be interfering with the Volume Shadow Copy service.
Event ID: 7009
A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
Event ID: 7000
The Volume Shadow Copy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Event ID: 10005
DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server:
{0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
There are no more events generated until the pc is restarted. If I disable real-time or uninstall MBAM the problem goes away.
** added reference to backing up to an internal hard drive
-
I have this one too. The file is signed by Microsoft, so I would think it's a false positive.
I also recently started receiving the FP on install.exe
http://www.virustotal.com/analisis/08966ce...1da2-1253182365
Malwarebytes' Anti-Malware 1.41
Database version: 2815
Windows 5.1.2600 Service Pack 3
9/17/2009 9:34:04 AM
mbam-log-2009-09-17 (09-34-00).txt
Scan type: Quick Scan
Objects scanned: 115109
Time elapsed: 3 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe (Trojan.Agent) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\install.exe (Trojan.Agent) -> No action taken.
-
Sorry, I totally missed the link to the log.
-
Any thoughts as to how MBAM discovered trojans and malware immediately following a fresh install of Windows?
Was your pc connected to the internet? Are you behind a firewall or router? They could be false positives (FP's) so we'll need you to post the scan log(s) to confirm or deny.
-
Post the logs since it may be detecting FP's.
Is your desktop a Mac as well? Under 'Other Devices' I see SMBus Controller which indicates that you need to install the appropriate chipset drivers. Afterwards you should be able to install the NIC drivers.
FWIW I've run MBAM on hundreds of PC's (zero Mac's) and never had it uninstall drivers or cause resource conflicts.
-
Could also be that the user has selected an empty drive to scan...
FWIW I have an empty USB flash drive hooked up, and a quick and/or full scan on that drive completes w/out an error.
-
I've had a couple of these pop up with similar messages in support system, not sure I've found the proper solution for it yet tho:
Suggestions, solutions?
Just a thought, but it sounds like MBAM is triggering HP printer/scanner software. HP software is notorious for bloat and becoming corrupted (photogallery aka image zone errors).
-
BUT Norton Corp will catch anything, as long as u update it daily and run the file system auto protect.
Don't kid yourself. The fact of the matter is that no AV is 100%. I've got SAV 10.1 Corp deployed at the office, as well as other client locations, and it fails to detect a lot of nasty malware. One of the guys at my office managed to infect a pc with Antivirus XP 2008 a few weeks ago.
-
Running any special fix tool, is never the first step.
That's your opinion. It's also worth mentioning that bleepingcomputer.com is one of the reputable sites that suggests certain tools for specific infections.
http://www.bleepingcomputer.com/forums/forum55.html
You'll find a lot of threads suggesting Smitfraudfix only. Some of the newer threads suggest MBAM due to its versatility.
@ EliteKiller please do not give malware removal advice here, you are not approved to do so.No problem. In any event the advice I offered is accurate and helpful to the topic of discussion. nosirrah didn't appear to have a problem, or at least he didn't make it public.
-
So, are you saying that MBAM isn't really an antispyware program either, but catchesa malware other than virii or spyware?
If so, should one actually have a resident anti-spyware app running all the time as well? That would mean 3 background security apps running all the time--AV, AS, and MBAM--a lot of background scanners?
Or enough to do on-demand spyware scannng with spybot or other app, as well as MBAM and AV scans?
IMO you're making things more complex than they really are. MBAM is an anti-spyware/adware/trojan. The term malware covers the aforementioned plus worms, poly's, rootkits, keyloggers, etc.
Having MBAM paid w/ real-time active, a real-time AV such as Avira, AVG, NOD32, etc., a hardware firewall (router), and possibly a light HIPS or behavior blocker such as Threatfire is a robust layered defense. Even with such a fine arsenal of tools it's still not 100% effective.
-
MBAM is a run first tool, combofix is definitely not
My initial reply was to the OP of this thread who claimed that he's already tried running various tools to clean up an infected pc. Majorgeeks.com recommends Combofix in their 'Read and run me first' before they will even assist you. I've been cleaning systems since malware became an epidemic (~6 yrs. ago) and used Combofix on close to 1000 or more pc's during that time. TTBOMK the number of times Combofix has hosed a pc to where I have to perform a repair install is <10 which is close to their estimate. IMO it's no different than people posting that MBAM has hosed their pc after a scan & reboot. It happens with other anti-malware software as well.
-
Tools such as SDFix and Combofix are recommended by their developers to be used in a supervised environment, by a Malware Removal Expert trained in their use.
You use them yourself at your own risk. See combofix's disclaimer:
I think its far better for users unsure of what they may be doing, to post a hijackthis log for expert help.
Post the log here.
Technically you use all anti-malware tools at your own risk. Both Combofix and SDFix (not as often) are typically recommend as "run this first" tools, and they generate logs in case an expert wants to review them. Most experts know by now that HJT logs don't tell the whole story. In any event I'm sure the MBHJT forum is more appropriate for the OP in case he still needs assistance cleaning up his infections.
Can't update with version 1.45 MBAM_ERROR_UPDATING (12150, 0, WinHttpQueryHeaders)
in Malwarebytes for Windows Support Forum
Posted
Why are using a 5 year old engine? Norton was extremely bloated from 2004-2006 and does not have a capability to deal with recent malware even though you may have up-to-date signatures. If you have a current subscription you can update to 2010 for free.
On a lighter note, I just reinstalled MBAM 1.45 on my Win7 Ult x64 workstation that is running NIS2010 (v17.5) & Prevx paid (v3.0.5.106). MBAM updated successfully without me having to add exclusions. I have not activated real-time protection since it causes conflicts with the Win7 backup/image feature.