Slider51

Thanks - I just ordered NIS 2014 - a good deal on a 3-license pack. I prefer having the CD so it'll be a few days before I get it. Once that uninstall/install operation is complete, I'll come back and post my logs before I load the new MBAM. I'm well-covered in the back-up department including HDD cloning, imaging, and full and incremental backups stored off line...

Thanks for the reply,DaleDoc... Ahhhh..I never spent $175 an hour, I did get some free advice from an IT tech that charges that regularly. He did, in fact, give me some good advice to be careful with the new MBAM, as there were some nagging problems at the time. I just found out today that the Comcast version of NIS may be stripped, and with my other comment regarding Comcast, I really don't want anything on my machines that they exercise any control over. I have never run without an active paid AV solution, with MBAM alongside, until downloading the free NIS from Comcast. That being said, all that's left is deciding on which robust, paid, retail version of an AV solution to switch to. Within reason, cost is not a factor here, I just want performance and no problems running alongside MBAM full version. The reason for my original post was to test the current waters regarding the release problems new version of MBAM before deciding to download the new version or sticking with 1.75., and to find out if there were any known issues with the Norton Comcast version, as it was an unknown to me. There's no need to talk me into anything here, I am fully aware of the time and productivity losses with a Malware infection - I used to have to deal with them quite often until I started running MBAM Pro... Thanks...

Got it..a quick check showed several exclusions, but I haven't found a way to add exclusions yet...out of time for now - will have to check back if I find a way to exclude files...

Firefox and Ron - Doing a little research trying to find out what exactly the Comcast version of NIS is, I ran across this on the NIS forum...it's one post, and I have no way of knowing if this guy is correct. I'm leaning toward just keeping the Comcast Norton, only because I'm lazy enough not to want to uninstall it on 2 machines, wonder if it's completely uninstalled, etc. Plus retraining myself and my wife on using the replacement... Ron, what sort of "customizations" should I look for to see if they're still there..? Here's the quote from the forum....cloud storage is something I neither need nor want, the other differences seem immaterial...it still has a comprehensive "settings" screen including timers, etc. If it's actually Norton 360 renamed, think I'm good with the new MBAM? ----------------------------------------------------- For the record, Norton Security Suite from Comcast is simply Norton 360 renamed, minus a few features but otherwise exactly the same. The features removed are: - Online backup storage ability - The Feedback, Account, and Sign in commands on the main window - The Zone, Manage, and Mobile icons on the main window The minor changes would be: - License valid for the entire time you have Comcast service (or until the 2 companies break their deal, I suppose) - Can install on up to 7 computers (and they don't even have to be on Comcast, the activations are linked to your Comcast account) - There's an Xfinity logo next to the Norton logo on the main window Cheers

Let me put it this way - my gross sales for an entire year are very likely less than 2-3 weeks of your fees as an IT professional. Forgive me if I sound a little testy on this subject - but there are just too many instances where simply using the word "business" seems to have become a reason in and of itself to multiply the price of anything to do with computers. MBAM doesn't do that, from what I can see, but there are plenty that do. In my mind, I AM "fine" with my current setup, and I'd tell you that even if you were an MBAM employee. If it came down to having to run MBAM business version as a licensing issue, or nothing, I'd have to choose "nothing" on principle alone. As I said, I believe that people should get paid for what they produce - I don't run free anything, even if it's good, because (among other reasons) I don't expect something for nothing. The Comcast Norton is an exception I made because I already pay Comcast too much for some pretty crappy Internet access. This current computer era - the one I define as starting with Micro$oft's hardball ending of XP forcing us all to not only buy new hardware but all new software too, at one license per price - is in my opinion the beginning of the end of affordable computing for the masses. The total bill just for what my wife and I had to do was horrendous. People approaching fixed-income situations are being priced out of computing altogether. (Fortunately MBAM has stayed reasonable and offers multiple licenses per purchase.) Okay I'll step down off the soap box and return to the reason I posted.... I haven't ordered MBAM yet - first I need to decide what to do with regard to keeping or losing the Comcast Norton, going back to Avast, etc. I want the final AV solution in place before I add MBAM into the mix -

Please let me qualify (or quantify) the actual usage of these machines. They are first, our home computers. I am semi-retired and run a small (very small) niche business producing wood items out of a small shop on our property. My business is conducted primarily through e-mail. My machine is my personal computer that also gets used for business correspondence, etc and. My wife's computer is primarily her "Amazon shopping portal", is used for our personal finances, and occasionally to prepare invoices, that's it. I'm telling you this because I don't want it to sound like I own a conventional brick and mortar office or manufacturing factory with employees, etc. It's not a money thing, actually, MBAM's business version is very affordable too. But I am concerned about, and don't want to, load up programs that are first and foremost business applications - most are loaded with capabilities that I will never need or use, and are designed for network applications, and are way too complex to learn for a couple in their 60's. We run 2 machines on a router for internet access, with one share set up to a NAS for back-ups and photos of our grandkids, and that's it. Note that I don't intentionally run freeware, even the Avast that we used on the XP machines was the paid version. If what we do with these machines makes us bad guys because we aren't running business versions of everything, it's not that we're trying to "get away with" anything - it's that our machines tip the scale more toward personal computers than full-blown business workstations. I'd be very disappointed to find out that what we do with these 2 computers "disqualifies" us as consumers and is considered a license violation of any kind...MBAM or any other software company.

Thank you both for the quick reply. In defense of the friend who is an IT professional, I twisted his arm to help me get the machines set up at no fee, and his admonitions were more of a "be careful about MBAM at this point in time (this was back in April and I do believe the early problems were quite prevalent then). I may have made it sound more like a "don't do this" than a "be careful if you do this". At no charge, I really didn't expect him to take much ownership in setting up software and addressing problems for me. But I do understand what you're saying - had I been paying him his $175 an hour, I'd expect a lot more than what I got. He likes Norton products, and quickly recommended I download it saying "hey, it's free". I am a former Norton user who abandoned them during their bloatware days, and I actually am not yet convinced they have redeemed themselves , but it was free and with all the money pouring out at the time we replaced everything, it seemed like a good (if only temporary) move. I guess I hadn't considered that an ISP version may be pared down. I'm actually more concerned that Comcast is involved somehow - their tech support has been abysmal but we're locked in with no other ISP's available in our area. Ron, I know this is a subjective question and there is no "best" AV solution, but can I get an educated opinion on which, the full Norton or the free (or paid) Avast will give us the best protection? Are they (again in your opinion) on the same level in the ability to prevent/catch today's breed of virus/criminalware? Norton is pretty much an unknown entity to me, I did have good success with Avast, but are they apples and apples?

As a longtime MBAM user I loved the full version of MBAM 1.75, which ran very well alongside Avast paid version on my business's two XP machines ever since it came out. Well, we went through the expensive and frustrating process of replacing those machines with new Win7 computers and of course practically all new software. Once we were up and running, we downloaded Comcast's version of Norton Internet Security (free to Comcast customers using them as our ISP). The guy who helped us set up the new machines (an IT professional who is a friend) told us to hold off on MBAM, due to multiple issues with the new versions MBAM, as well as some problems with compatibility with Norton IS. But I feel totally naked without MBAM running on my machines. I have just two questions, and please understand I am a totally devoted MBAM user, I loved the software, it saved my bacon on several occasions... First, are the new version start-up problems and glitches pretty well ironed out now? With all new hardware and software, and the steep learning curve we've going through with the Win7 /new hardware upgrade, I'm still nervous about installing the latest version - I actually would rather load 1.75 on both machines, but with the end of support coming up, I hesitate to do that. Guys, I love your product and wish it was running on my machines, but I don't need a new set of problems to deal with...uninstalls, re-installs, etc. Second, can I get a definitive answer regarding running MBAM (either 1.75 OR the new full version) alongside NIS, the Comcast version (Norton says it's different, Comcast says it's different)...A visit to the Norton forums was enough for me to see that this was a highly contested, emotionally charged issue, with Norton 360 and NIS demanding an uninstall of MBAM...plus a whole bunch of highly opinionated people claiming you cannot run NIS and MBAM together unless MBAM is only used in a scan-only manner. The "fix" that Norton finally came up with only happened after about 35 pages on the forum thread regarding the problem, but I can't find any information that tells me the Comcast version has the "fix" applied, because the NIS auto-updates come from Comcast and the version umbers are different than the open market NIS. I would much rather hear it from MBAM...will MBAM in full capacity and NIS Comcast up-to-date version play nice together? I have to tell you I feel less than protected just relying on NIS, I want MBAM back on my machines, but I don't want to deal with either a new set of MBAM problems with the new version, or Norton problems because MBAM isn't their friend... Please help a loyal MBAM user make the right decisions here...thank you!

Done, backed up the regostry using Erunt, downloaded and ran the batch file. but the same problem still exists. Elise, you have almost certainly rid my machine of anything dangerous. This is a Windows-based error that apparently is simply a nuisance. I have had the problem before, but I dont remember how I fixed it. There are people here with very serious malware problems, and I hate to tie up your expertise when you could be helping them. Why don't we do this...leave the thread open and don't forget about me. When you have some extra time to look around or reasearch a fix, I would still appreciate some help. Meantime I'll look around myself for more info and maybe give something I may find a try. I just hate to make someone else with a really serious problem wait on account of this small nuisance. Thank you so much for resotring my machine back to good running condition. People like you are true lifesavers for alot of us out here who are way over our heads when something happens that our AV and Malware solutiuons can't fix. Thanks to you and MBAM for this forum and the great help you've given me! Slider

[ Done, however - at the end of the download when I ran the fix, I got this message. I have Googled this problem and I see several fixes out there, but all are from 2005-6-7 and are for XP SP2, of course I'm running SP3. I did find a thrid party fix but am hesitant to try it...it's here: http://hubpages.com/hub/How-to-Fix-Generic...-needs-to-close

The sfc scan is complete, it appeared that several files were replaced during the process, however, alas, the GHP error still appears at every startup.

Elise, I ran chkdsk last night. I cannot recall, does chkdsk produce a log or results page? This morning the PC had either finished starting up after the scan or had rebooted. I guess I expected to see a "scan complete" screen or something like that, with results shown. I checked the C: directory but found no "fileXXX" files. I was nmot able to monitor the process, but it looks to me as if the scan did not complete itself. In any case, the GHP Error is still there. Waiting for instructions....

Thanks, Elise... I am going to have to run chkdisk overnight - I need to use the machine for a few hours yet, but I will post the results in the morning, USA EST. I should make you aware I have a second identical 250Gb hard disk as a D: drive on this machine - it is used only as a storage disk for Acronis backups. I have not run any of the scans on the D: drive up to this point as I have several full backups of the C drive stored on there (not incremental, full backups). I suppose the possibility is good that one or more of those backups may be infected also, although I have scanned them in the past with AVG and MBAM. Do you see any need to work on the D drive as well? I realize if I have a crash and need to mount one of the backups, I'll have any infections that may be present on the disk, but if none of my software calls anything from D: or saves to D:, are they not isolated enough to not worry about on a day to day basis? Thank you very much for all your help so far, what you do is amazing and way beyond my capabilities!

Surely Elise, Sorry I was away this morning - I'll be here now for several hours... Here is the "Extras" scan - I also saved the OTL scan log if you need it. I am very curious - are the first four error scans listed as error 1007 related to the remote attacks? A remnant of when the machine was accessed through a back door? __________________________________________ OTL Extras logfile created on: 7/2/2010 2:23:40 PM - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,023.00 Mb Total Physical Memory | 558.00 Mb Available Physical Memory | 55.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 195.37 Gb Free Space | 83.89% Space Free | Partition Type: NTFS Drive D: | 232.88 Gb Total Space | 121.34 Gb Free Space | 52.10% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MJ-STATION1 Current User Name: Administrator Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-1614895754-1004336348-682003330-500\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1A3E23D7-7A1E-43EC-B35D-EB8A31BED943}" = FinalBurner Free v1.23.0.113 "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis

Of course, I'm sorry I didn't expand that error window to begin with. Here it is, actually expanded twice, the order is top to bottom. I should add that the remote attacks have stopped, that is a comfort in itself