daledoc1
-
Posts
22,820 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by daledoc1
-
-
Hi, Grasshopper:
You might want to check at the McAfee forums about this -- I am pretty sure it was there (as opposed to here at the MBAM boards???) that I saw a recent thread about Nero 9.
I could be remembering it wrong, but I think it was the Nero ver 9 that was the problem.
FWIW, I don't have Nero, but MBAM Pro 1.46 with active protection runs fine in real-time alongside McAfee on both my Vista Ult SP2 (X86) and my Win7 Ult (x64) systems, at least with the "2009" version of the McAfee Security Center (the products were OEM on my Dell systems and I haven't yet received the 2010 version updates). I don't think McAfee consumer products allow the user to set individual file exclusions in the antivirus, but you can go into the firewall settings to be sure that the MBAM program files are allowed "full access".
Gosh -- sorry I can't be more precise. I do know that someone somewhere recently had issues with Nero. Wish I could remember exactly whether it was here or on the McAfee boards.... :-(
Good luck,
daledoc1
-
Hi, exile360:
Everything seems to be working OK, as of the moment. :-)
***I wonder though, if it might be better to disable the updater setting to "automatically download and install program updates"?***
Since the last 2 program updates caught me (and others) by surprise, and since the "automatic" update to 1.46 seems to have been so problematic, might it be better to manually install program updates?
If a clean MBAM update install requires (at the least) temporarily disabling the resident AV application, then maybe allowing for automatic MBAM program updates isn't such a good thing?
(Some of the other standalone security apps & suites I use/have used provide a separate notification -- usually a popup balloon from the system tray -- with something along the lines of, "new software updates are available. install NOW or LATER?" At least that way, we know before we start the update process to be prepared for (at the least) a reboot or 2, AND for the need to take whatever "precautionary" measures are indicated in order to avoid installation conflicts, crashes, errors. I suspect I, and perhaps others, might have experienced a smoother update to 1.46, if we had been able to do so.)
All of which gets back to my "original" question/thread from last week: perhaps for starters a more NOTICEABLE way of alerting customers to the availability of the version/software update might be helpful?
Anyway, I am most appreciative of the excellent program, and the outstanding support here at MBAM.
Thanks very much,
daledoc1
-
Hello, Noknojon and Exile360:
Well, I *think* I may be up and running again properly.
I printed out & followed all the usual uninstall/cleanup/reinstall instructions, including downloading fresh copies of the cleaner and the 1.46 installer.
The 1st time I did it, I got an MBAM error (18 I think?) when I tried to enable active protection after registering at the end of the process.
So, I repeated the whole process AGAIN, this time even disabling Carbonite.
Even though McAfee FW had retained the full program permissions from the the previous MBAM versions (see below), I made sure it and the AV modules were off completely through the 3rd and final reboot after the MBAM reinstallation.
Everything seemed OK: MBAM icon loaded in the system tray, program updated, GUI opened, was able to set the scheduler, etc.
I *think* the scheduler options seem to be sticking properly this time.
BUT, when I ran my first Quick Scan to test it, MBAM froze out ("not responding", but no error code) on: C:\Windows\Temp\Cookies\index.dat.
It eventually ran to completion (clean) after ~1 minute of delay.
So, I did the following:
1) Ran Windows disk cleanup and CCleaner to ensure all temp files and cookies were deleted.
2) Opened IE and cleaned all history there directly (FF automatically clears history when closing).
3) Ran a McAfee quick scan (clean, as had been a full scan at 0100 h this AM).
4) Ran a SuperAS quick scan (clean).
5) Ran an MBAM flash scan (no hangups, clean).
6) Scheduled an MBAM Quick Scan for ~30 minutes later, which just now ran fine to completion (clean).
I guess in retrospect I probably should have *deleted* the original McAfee firewall permissions before attempting to reinstall MBAM, and then let McAfee ask for them and/or manually set them, even though all 3 MBAM permissions were "full access"?
(With past MBAM versions, I had no conflicts with MBAM and it has actually played very well with MBAM much more easily than the Webroot suite on my other computer.)
So, this was a long way of saying that I *think* it's all working OK now.
The hangup during the 1st Quick Scan was unnerving.
Not sure why this turned out to be such a flail this time -- 1.44 and the update to 1.45 had gone seamlessly. This time was much more complicated on BOTH the desktop and the laptop.
Unless you suggest otherwise, I'll sit tight for now, monitoring for proper protection, scanning, scheduling and notification behavior.
I would eventually like to change my scheduled scan time to early morning, but I'm a bit gun-shy about making any changes at the moment. ;-)
Thanks very much for your assistance, as always,
daledoc1
-
Hello:
Thanks for writing with your excellent suggestions.
@Noknojon: FWIW, I *did* temporarily disable the McAfee AV/FW during the install, even though I don't know that it's strictly necessary for this particular security suite. In general McAfee has been playing fine with MBAM. And all the firewall exclusions are fine (McAfee consumer products don't allow specific file exclusions in the AV, but I verified that the all the MBAM exe files have full permissions.)
@exile360: Yes, I verified that the W7 taskbar is set to show icon & notifications.
Well, it seems that the flash scan after update isn't working, either, according to my logs, even though that WAS working yesterday, while I was in the process of troubleshooting this.
(The hourly update checks DO seem to be working, and the defs ARE updating; all the SCANNER settings are also working , as far as I can tell.)
So, it seems to be only the balloon popup after updates and (more recently) the flash scan after updates.
Selecting the options just doesn't seem to stick.
Darn, I thought I got a clean install the other day. :-(
I'm heading out for a while.
When I come back later, I will do the whole uninstall/cleanup/reinstall (with FW & AV disabled) again and see how that goes.
Will report back then.
Thanks,
daledoc1
-
Anyone else having this problem?
Could it be a bug?
Should I try reinstalling 1.46 on top of itself?
Do I need to uninstall/cleanup/reinstall again?
Thanks very much,
daledoc1
-
Hi;
Ever since updating to 1.46 on my Dell W7 Ult 64 PC yesterday, the popup balloon from the system tray notifying of a successful definitions update isn't working.
Everything was working fine in 1.45 (IOW I know how to program the scheduler).
I serendipitously was 1 of the first to update to 1.46 yesterday and, like many, ended up having to do a complete MBAM uninstall/cleanup/reinstall.
Even did the extra reboot some time later (which seemed to fix the missing date next to the definitions version in the system tray balloon when hovering).
But all seemed OK.
And, the hourly update checks are working, scans are working, right context menu is working, etc.
As recently as an hour ago, the requested flash scan after updating ran properly.
HOWEVER, I have tried several times to get the tick in the box for the updater scheduling to stick when selecting it to popup for a successful update.
So, even though (as of a while ago) the updates are happening and the requested flash scans are running, NO BALLOON.
No joy.
AND, having deleted my scheduler settings AGAIN and reset them AGAIN to try to get this to work, I now can't get even the "flash scan" option to stick.
FWIW, the options selected in the SCANNER scheduler do seem to be sticking (at least the boxes that are ticked are staying ticked).
No error message.
No problem with firewall exclusions.
I even tried turning off WinPatrol on my last attempt to reset the scheduler.
No joy.
SO, is this a bug?
Am I doing something wrong? (Should I try a reboot after configuring a "fresh" set of scheduler settings?)
Or do I need to try (as some have been advised to do) reinstalling 1.46 on top of itself, or (heaven forbid) ANOTHER uninstall/cleanup/reinstall?
TYIA,
daledoc1
-
Hi:
I'm not sure if my database updating is working properly after doing a fresh uninstall/clean/reinstall of 1.46 today on my main desktop PC.
I *thought* everything was working OK after doing so -- GUI opens fine, configured the scheduler fine (hourly updates), ran a Quick Scan fine, active protection module seems to be enabled, right context menu created fine, etc.
When I do a manual update check, I am told I have the current version.
HOWEVER, when I mouse over the system tray icon, it says "Malwarebytes Anti-Malware 1.46, Database version 4052" but there is no DATE next to the database version.
Isn't there supposed to be a *date* next to the definitions version number?
And t's now 9:25 PM locally (GMT - 5) and there has been no definitions version update since I installed 1.46 several hours ago.
Am I being paranoid that database updates aren't working properly?
Or is everything OK?
Should I try to download and reinstall 1.46 on top of the existing installation, as has been suggested for some folks?
TYIA,
daledoc1
-
Yup!
My W7 (64) XPS8100 system is so fast, that the little splash screens disappeared before I had a chance to process what was happening!
Everything went fine when I uninstalled/cleaned/reinstalled on that one.
My W7 (32) laptop running Webroot ISE was, as predicted far dicier just now. Webroot products have never played well with others. And even though I knew what was coming and took all the usual precautions (briefly disabling the FW and AV and "shields", etc), it was still a mess, especially with the reboots. Got it done. I think.
So, yes, better notification would be GREAT, please!
daledoc1
-
Hi:
Yikes!
Just had to uninstall/clean/reinstall with the update to 1.46.
1) Opened the 1.45 GUI and didn't notice the subtle message mentioning release of 1.46.
2) Clicked on update (I do this from time to time even though the scheduler is set for hourly automatic updates).
3) TOTALLY freaked when UAC oppoed up and the windows opened asking me to reboot for MBAM *installation* (I thought it was spyware or some other BAD thing, or perhaps a conflict with McAfee as I had only a few minutes earlier installed the day's DAT file from them)!!!
4) Anyway, before I realized what was happening, I got an error (don't recall the code now).
5) Ended up just doing an uninstall/clean/reinstall of MBAM.
1.46 is up and running and all seems to be well again.
(The 1.45 upgrade caught me by surprise, as well.)
That really inconspicuous message in the main UI just doesn't grab one's attention!
Perhaps ya'll could devise a more obvious way to alert users when there's a SOFTWARE update available (especially one that will require a reboot)????
For example, when Sunbelt's Counterspy (and probably VIPRE, which I haven't used) have software updates, there's a balloon popup from the notification tray, and it even asks something like, "install now" or "install later".
I LOVE MBAM and can't imagine running any of my computers without it.
If you could provide a bit more "notice" of version updates, so we could plan accordingly, that would be AWESOME!
Thanks so much!
daledoc1
-
Hi, MysteryFCM:
Hmm, so probably some leftover old trash in my bookmarks collection, then?
FWIW, I got the same result running this extension on my other system (with a nearly identical set of bookmarks, some of which are pretty OLD, to be sure).
No other warnings for these IPs, nothing on scans with MBAM, SAS, McAfee, and no odd behavior to suggest infection.
So, I guess I'll chock these up to posterity?
Thanks, as always,
daledoc1
-
Hi:
EDIT: OOPS! Typo! Should be 69.64.147.243 (and 208.73.210.27) Sorry for my lousy typing!
While running a newly installed extension for FF 3.6.3 today I received alerts for 2 blocked IPs.
The extension is called "Check Places" and it's a bookmark utility that checks for dead links, duplicates, DNS errors, server errors, etc.
So, at the time of the alert, only my homepage was open and the application was in the process of scanning my bookmarks.
I assume that these reflect bad IP ranges for a couple of my bookmarks.
Alas, I don't know the URLs that correspond to these IPs.
So, I'm not sure if this is enough information for you to check them. (Sorry)
Here are the AMO link and the developer landing page URL for the extension:
https://addons.mozilla.org/en-US/firefox/addon/10897
http://www.andyhalford.com/checkplaces/index.html (did not get an MBAM alert when opening this page).
In the interim, I assume these are *bad* and I have added these IPs to the "banned" list for my firewall.
TY,
daledoc1
-
Thanks!
daledoc1
-
Hi:
This is a legitimate brick-and-mortar business, but I suspect there might be an issue with their web hosting?
IP 74.54.82.41
www.rduniform.com
Thanks!
daledoc1
-
Thanks, Exile360.
I'll give it a try and report back w/results.
Thanks again,
daledoc1
-
Thanks, Sartori.
I assume you're backing up to an *internal* HDD? (Trying to recall from the earlier thread if the conflict affected both *internal* and *external USB* devices... ?)
Well, I guess I'll give it a try.
Windows backup in W7 (esp 64-bit) is most definitely wonky, based on the discussions out at the various forums. I hope they will fix it with forthcoming updates/patches/SPs.
So, in addition to Carbonite, I'm also looking at the various standalone backup apps for "offline" backup to my USB external HDD.
One can never have too many copies of one's files backed up, these days. ;-)
If all else fails, I can revert to the practice of disabling the MBAM active pro module during backups (I still have my firewall up and could even shut down internet traffic, to be extra safe during the backup period).
Thanks again!
daledoc1
-
Hi:
Does anyone know if the conflict between MBAM Pro active protection module and Windows backup has been resolved "in the wild"?
I understand that the issue was to have been fixed with v.1.45, but I thought I might check to see if anyone has any direct experience (good, bad or otherwise) since updating to the new MBAM version.
I am about to undertake my weekly backups on all my systems (Vista Ult SP2 (32), W7 Pro (32) and W7 Ult (64)), so I am hoping to avoid any OS hangups or worse.
(My procedures thus far have involved shutting down the MBAM Pro active protection module prior to plugging in my USB Ext HDD.)
TIA,
daledoc1
-
That's what I thought!
(But I was getting a little paranoid, after reading all the other threads.) ;-)
Thanks!
daledoc1
-
Hi, Exile360:
Thanks for your prompt reply.
That's pretty much what I thought.
Can you please clarify, though, what the protection log should show when the scheduler is set to check hourly?
IOW, I don't see the log entries for the hourly checks. Should there be an entry for each time it checks (as I might have expected), or only for those times when there is an actual update?
My computer's power settings are configured to NEVER put the computer to sleep (although the display is set to go to standby). And I am running the MBAM Pro 1.45 active protection module.
But I do not have the MBAM scheduler configured to "wake the computer" for update checks.
Is that why I don't see the hourly update checks being logged?
Or is what I'm seeing "normal"?
Thanks,
daledoc1
-
Hello:
I have been following related threads since 3/29, but since I received a slightly different error code (12002), I thought it best to start a new thread. Kindly excuse me if this was not the right procedure to follow.
ISSUE:
"Scheduled update failed: WinHttpReceiveResponse failed with error code 12002" happened last night at 21:00 on my Dell XPS 8100 (OEM W7 Ult (x64)), which is my main system and the only one that is up and running ~continuously.
I successfully updated (all 3 systems!) to v.1.45 earlier this week. Everything seemed fine.
Scheduler is set to update hourly, with a notification balloon for successful updates, and I am pretty sure it is/was working fine.
However, I reviewed my protection logs just now and saw the error message from last night.
This was the only time I received an update error since updating to 1.45, and, as you can see from the attached screenshot, there was a successful update an hour after it happened, at 22:06 (but none since).
The database version is currently 3945 (4/1/2010), and I have not tried to manually update yet, since I am waiting to see if the scheduler is actually working for update checks (scheduled scans are working fine).
There have been no IP blocks or other events, no symptoms suggestive of infection, and all scans (MBAM, SAS, McAfee) are clean.
QUESTION:
Was this just a "hiccup" or is there a problem with MBAM Pro 1.45 on this box?
Happy to provide more info, if needed.
TIA & thanks for the great product, as always,
daledoc1
-
Update to 1.45 on top of 1.44 Pro worked fine here.
Just ran a "flash scan".
Everything seems to be A.O.K. (though I was a bit surprised, since I didn't know that today was the day for 1.45 release).
Lookin' good!
Thanks to everyone,
daledoc1
-
Thanks, MysteryFCM!
I'll pass along your information to the developer.
(It's not my "job", of course, but he was kind enough to respond to my earlier emails about the problem.)
Thanks again!
daledoc1
-
Hi:
Just checking to see if this IP range is still bad?
The URL of the website is below.
It is the landing page for the dev of a popular FF add-on.
Unfortunately, it tries to load in a new tab automatically when restarting FF after updating it (as is common with many FF add-ons).
I am still being notified by MBAM Pro of a successful IP block every time I update this add-on, even though I try to close the tab before the page even has a chance to load.
According to the dev (~2 weeks ago, when I alerted him to the problem):
>> The landing page is hosted at a webservice called Strato (http://strato.de) and should not be malicious. Please confirm, that the page you've tried to load is: http://www.soerenrinne.de/GoogleShortcuts/update.html
I have not installed this on my new computer and may well uninstall it from FF on my other 2, if this is still a bad IP. Much as I like the add-on, it's ust not worth the risk....
Thanks!
daledoc1
-
Hi, Steven:
Yes, that's what I expected.
I'll pass this along to the add-on developer, so that he can take whatever action he feels might be needed about his website hosting.
Thanks to you and to MBAM for keeping us safe!
daledoc1
-
Hi, FF:
WELL, seems it was a false alarm.
After a remote-assist tech session with Dell, we determined that it's a legitimate file associated with the multi-media card reader on the computer.
It has undoubtedly been loading at startup for as long as I've had the new computer, but I didn't notice it.
Since I'm not using the card reader, and since it surely doesn't need to load at startup, we removed it from the startup list in the system configuration.
It is now gone from the TM. :-)
I was doubly concerned about the file when I saw it in TM on my Win7 64 desktop and NOT in TM on my Win7 32 laptop -- led me to believe it was a rogue file.
But there was an innocent explanation to that, since the laptop doesn't have a multi-media card reader. <Doh!>
Sorry for the panic, but that file name sure did look spooky and, yes, I *am* paranoid. (I had already downloaded all the cleaner programs to my desktop and was about to start the procedures...)
Now that I know where the file is located in the program files folder, I can send it for FP analysis, if you wish, but it seems unnecessary now.
****Thanks, as always.****
daledoc1
PS Anyway, we determined that the "black screen" I experienced has something to do with the rather pesky ReadyBoost feature in Windows (aka ReadyBoot in Vista, now ReadyBoost in Win7 --Google it to learn more) and it relates to the myriad issues Windows7 is having with power management. As I've seen first hand, there are a zillion issues with this (and with sound and with backup utility). From what I was told by the tech at Dell, Redmond is "well aware" of the power problems with Win 7, including ReadyBoost. Hopefully, it will be resolved soon with a patch or with SP1. There is a workaround for the problem that involves forcing ReadyBoost to "save" its files not to the HDD but to a USB flash drive, but I don't have the specifics yet. I scheduled a call back for Monday to try it out...
IP 69.64.147.243
in Website Blocking
Posted
Hi:
MBAM blocked www.kcpetsupply.com (IP 69.64.147.243) today.
I've done business with this company in the past (though probably before I started using MBAM), so I think the website is legit.
Apparently, there is bad stuff at this IP range, though?
TIA,
daledoc1