-
Posts
53 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by voltron
-
-
Hi noknojon;
I'm sorry I must have confused you on my post. What I meant was "...for Mbam to provide a means for users to download mbam-updates via a link/associate link in/via the mbam website. If the auto-update or manual update (updating via the Update>Check for Updates) doesn't work it will be a great help/alternative to stay updated even if you get update errors.
"....Isn't it the time to offer users an alternative-updated-manual mbam rules update? There was a link I remember but it was not an updated one. Some AV companies do this..(Kaspersyky, Avira, FSecure, BitDefender, Superantispyware.. to name a few)..."
Pardon I must've confused you on this.
Thank you and regards:-)
-
Time to Reconsider offering Manual Update download?
Hi;
Every now and then when Mbam upgrades to a new version we all hear about the updating problem errors. You'll have to go through a ton of testing/fixes..some who have not solved his/her problem with updates have either stopped or just turned their back away up until it's okay. Some go and find another malware solution.
Isn't it the time to offer users an alternative-updated-manual mbam rules update? There was a link I remember but it was not an updated one. Some AV companies do this I am wondering why can't mbam offer that alternative? Why is it not being considered?
-
Hi exile360;
Sorry for the late reply. My updates are intermittent...sometimes I get to download updates..sometimes I cannot...I followed all suggestions and it seems that
my connection or isp is the culprit or something.
I just have to accept that my MBAM will not be up-to-date always...
Anyway thanks for the help and hope that an "UP-TO-DATE manual database updates download" is being considered ( I sincerely hope and pray for this....) atop solutions being given here.
Regards!
-
Hi exile360 ;
The set-up that you have identified in Steps 1 and 3 are okay. I don't use IE though..(I use Google Chrome and Firefox but setup is okay and even excluded:
http://mbam-cdn.malwarebytes.org/database/rules.ref
http://mbam-cdn.malwarebytes.org/database/....check.database
in both of them the same as with my AV and firewall.
Still haven't updated until now. :)
-
Hi guys;
Again I am back with the problem of th same Error 732.....
I am speechless to know that all my security software will update itself normally without exclusion in the firewall, but following all the guide in excluding mbam in my firewall and in my AV the problem is still persisting. It's been 6 days now. I did the complete uninstall via the use of the mbam-removal tool and re-installing it again but did not work. Have tried it again and did a clean install but it's the same. I did that for the past few days for more than 3-4x per day. :)
All my security softwares even when not excluded in the firewall update themselves normally..I wonder why is this so ieven if the firewall says that mbam is connected...
Can someone enlighten me on this...
-
Hi exile360;
Thanks for the reply.
Okay, very well said. So now I know that I don't need to download a separate file for re-installation purposes.
Thanks guys you rock!
-
Hi guys;
Hi exile360 ;
Thanks for the reply.
I have no problems updating now. Have updated 2 times and it was good. I also observed that it updates fast even though my connection speed is low..seems the version 1.44 is much faster in updating....
Will get back to you on this.
-
Hi mountaintree16;
Okay. I will try it out to see, and will remember to use the "add reply" button next time.
Thanks!
-
Greetings exile360;
Nice to hear from you! Well I verified again and it's included in the exclusions list of OA Premium and Avira 9.
For Windows XP:
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware\rules.ref
C:\Windows\System32\drivers\mbam.sys
C:\Windows\System32\drivers\mbamswissarmy.sys
I seem to remember that it was adviced to me when I had problems updating before and found out that it was Comodo whose blocking it..(and was eating up my resources so I switched) afterwards it was Avira 9 so I excluded it all.
Seems the problem of updating is fixeed right now. I haven't done anythin though...it just updated successfully the past 2 days. Now I'm in version 1.44. I'll check a little later if I'll have the problem again.
Thank you for helping me out guys! I'll get back to you when I try it again a little later.
Regards!
-
Hi;
Just a simple question during the Mbam update. Every update when there is a new version, mbam downloads the new version first before updating. I see an mbam-setup.exe in the C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware, my question:
Is this the setup.exe that I can save/use to install mbam to another pc? It seems to be the same as that of the downloaded new version of mbam (version 1.44 4.996kb)...
I do want to keep back-ups of my software so when I need to re-install it it's a breeze and for this I download the updated version separately.
If what I see in the C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware is the same set-up.exe for mbam then I don't have to download the updated version separately.
Is it?
Thanks very much.
-
Hi AdvancedSetup;
I am using Avira Premium version 9 and I have excluded C:\Program Files\Malwarebytes' Anti-Malware inlcuding the system32 files of mbam. I have temporarily disabled the firewall as you suggested. I had updated yesterday with the OA firewall "on" and "off" but not today. It's the same error....
Are there any suggestions that I can check further?
Regards!
-
That error code relates to the following.
12152 ERROR_HTTP_INVALID_SERVER_RESPONSE
The server response could not be parsed
Please wait a while and try to update again later today and let us know if you're still having an issue. It could just be a temporary Internet connection issue or it could be some setting on your software. Let's wait a bit and try again first before we start looking into other possible issues.
Thank you.
----
Hi;
When I did a clean uninstall via the mbam-clean removal tool I had the opportunity to update mbam. Settings remained the same for OA Premium and Avira 9 for me. But yesterday it was all the same story again. Same error message.
I had to uninstall mbam again and reinstall it again to have the updates?
When I take a look at the firewall log it says connected but I still get the error message.
Help...
-
Hi ;
Very well said! It has been a very motional issue with this event and I believe those who are thrustworthy will prevail! All security eagrer people will always trust the reputation of someone who is honest and is bale to proove that wjhat they have been working on is "their work" and will defend it with all their honest effort.
Kudos to the team and all the avd and loyal supporters!
Be all you can be!
Kind regards!
-
Hi;
I have a problem with error code Error 732(12152,0). This did not happened yesterday as I did not have any problems updating. Today it just went in a snag. I am using OA Premium and have created a rule to "allow" mbam.exe/,mbamgui.exe/mbamswissarmy.sys/mbamservice.exe/mbamext.dll and had no problems until now. I also have set exclusions to my Avira Premium to allow mbam to update. When I take a look at the firewall gui it says, "connected" for mbam.exe but I get an error 732. This only happened today approximately 20 hours ago there was no problem.
I already checked the links that were posted in relation to the update problem but still I cannot update.
Please help.
I'm using MBAM free as on-demand. With Avira Premium/OA Premium as real-time. I have also HitmanPro as on-demand. My browser are Firefox and Google Chrome and using Sandboxie 3.42 paid.
---
Just to add:
I place MBAM in the OA Premium Exclusion list and now I am getting an error 732(12031,0).
I have uninstalled and re-installed mbam and still cannot update. In the meantime I have placed a copy of the 12/21 rules I made in the Mbam folder Application Data.
-
Hi;
I have a problem with error code Error 732(12152,0). This did not happened yesterday as I did not have any problems updating. Today it just went in a snag. I am using OA Premium and have created a rule to "allow" mbam.exe/,mbamgui.exe/mbamswissarmy.sys/mbamservice.exe/mbamext.dll and had no problems until now. I also have set exclusions to my Avira Premium to allow mbam to update. When I take a look at the firewall gui it says, "connected" for mbam.exe but I get an error 732. This only happened today approximately 20 hours ago there was no problem.
I already checked the links that were posted in relation to the update problem but still I cannot update.
Please help.
I'm using MBAM free as on-demand. With Avira Premium/OA Premium as real-time. I have also HitmanPro as on-demand. My browser are Firefox and Google Chrome and using Sandboxie 3.42 paid.
-
Hi;
Faststone Viewerver4.0 has editing capabilities and it's free! It's not like Photoshop though but for a basic editing it's okay and light to use.
Another one is GIMP freeware.
You can also try ACDC Photo editor. It's more like Photoshop but not freeware.
Try this link:
http://www.filehippo.com/software/graphics/
Regards!
-
Hi;
I have HitmanPro 3.5 as an additional on-demand scanner and it detected "PDFCreator_Toolbar.dll" as malware while "hitmanpro35.sys" was detected as a suspicious file. I have Avira 2009 Premium and updated scans do not show any signs of infections. I believe HitmanPro also uses Avira AntiVir in it's cloud.
I am attaching the files for your perusal. Both files are password protected to prevent accidental launch. (Password: infected).
My HJT and MBAM log files are below.
Thank you very much.
voltron
-------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:05:26 PM, on 10/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: SaveAs Plus (Selection)... - C:\Program Files\WizBrother\SaveAs Plus\SaveSel.htm
O8 - Extra context menu item: SaveAs Plus... - C:\Program Files\WizBrother\SaveAs Plus\Save.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SaveAs Plus (Selection)... - {A99C7764-5DE9-4132-BACA-777D7AAEFB47} - C:\Program Files\WizBrother\SaveAs Plus\SaveSel.htm (HKCU)
O9 - Extra button: SaveAs Plus... - {C65E3344-C684-4427-AFD1-0675958B0114} - C:\Program Files\WizBrother\SaveAs Plus\Save.htm (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: JMP License Service - SAS Institute Inc. - C:\Program Files\Common Files\SAS Institute Inc Shared\Service\JMPLicSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 6046 bytes
-------
Malwarebytes' Anti-Malware 1.41
Database version: 2917
Windows 5.1.2600 Service Pack 3
10/7/2009 3:19:10 PM
mbam-log-2009-10-07 (15-19-10).txt
Scan type: Full Scan (C:\|)
Objects scanned: 128969
Time elapsed: 33 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
When you did the upgrade, did you install on top of the older version or install cleanly (uninstall, reboot, then install new version)? If you installed over the top, you might want to try installing cleanly. Have you installed anything else since then?
Hi swagger ;
I uninstalled OA and installed the newer version. I also installed Sandboxie 3.38(registered). But I noticed the delay when I upgraded to OA ver3.5. I posted a topic on this at the OA forums and they adviced that I uninstall OA again and re-install it with "Trust everything" instead of the Safety Check.
I did that but it's still the same. 1.3 to 1.5 minutes before the desktop shows the icons and the system tray elements.
Help...
Regards,
voltron
-
Hi;
Can you take a look at my HiJackThis log? Recently I noticed my boot-up getting longer. From the windows log-on screen it takes about 1.3minutes to show the full desktop with all the icons and the tray elements. It wasn't like that before. It normally would take only 1-2 seconds from the logon screen to show the full desktop and tray icons activating.
I recently upgraded to Online Armor free ver3.5 from OA free 3.0.0.9 and also installed Sandboxie ver3.38(registered). I also am trying out HitmanPro. It seemed to start before I installed Sandboxie. My MBAM/Avira 9/SASpy free log shows no infection whatsoever.
Can someone help me with this? I'd really appreciate the help.
Thank you.
Regards,
voltron
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:47:47 AM, on 9/5/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tall Emu\Online Armor\oacat.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\Jarte\Jarte.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\FastStone Capture\FSCapture.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3CB8A07-F387-4CEA-B6D8-19DB63AA8DEE}: NameServer = 203.131.75.67
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oacat.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
--
End of file - 7058 bytes
-
Hi ;
Can you help me with this problem. Since I updated to OA ver3.5 after the log-on screen the display shows only the wallpaper for a long time (about 45 seconds to 1 minute) before icons and taskbar will appear. This never happened before. Usually when the log-on screen finishes the wallpaper displays only for about 2-3 seconds then the desktop icons appears followed by Avira Premium splash screen then the tray icons (Soundmax digital, sound icon, Online Armor, LAN-unplugged).
Is there a way I can hasten my boot time? What can I check to determine what is causing the delay?
Regards,
voltron
-
Greetings Kelemvor .
You can download the definitions installer from here. However, if you're using Malwarebytes' on the machines of others you need to aquire proper licensing to do so if you've not done so already. If you'd like to inquire about pricing please contact corporate@malwarebytes.org.
Hi Kelemvor ;
In Windows XP systems you can copy the rules.ref file from the:
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
Windows Vista
C:\Program Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
Regards,
voltron
-
Yes, I suspect CIS as well - that was my first thought
Hi miekiemoes ;
I checked out the link thanks:-)and I am thinking of trying out Outpost Firewall. I also heard from wilderssecurity that it only consumes half of what CIS hogs. Thanks cute , you have a nice day ahead of you!
voltron
-
Hi,
Yes you can disable Comodo during the Avira scan, but not sure if that may help a lot since many components will still be loaded.
Also, Comodo isn't a bad firewall, but it may hog resources during other scans. But then again, it's not being said either that Comodo is the cause here.
The only way to figure out properly is to scan in Windows safe mode.
For firewall, I actually use Avira Security Suite, so this one contains a firewall already
Other standalone firewalls I recommend can be found here: http://users.telenet.be/bluepatchy/miekiem....html#Firewalls
Anyway, if the problem stays with Avira, I suggest you start a thread at the Avira Forums: http://forum.avira.com/wbb/
And yes, that's me in the avatar
Hi:
Thank you for the assistance. I have already ask someone in the Avira forum through personal email about this but they think it's CIS. I will check it all out. As for the avatar WOW
Thanks cute
Regards,
voltron
-
Hi,
Can you exclude this from scan?
The BSOD could be because too many resources are being used at that time, when scanning that folder. You can try if you have the same in safe mode as other applications won't run then.
I know Comodo may cause the extra resource hog during scan.
In anyway, your log looks clean here.
Hi miekiemoes
Thank you for the tip and for checking my HJT log. Whew, I thought I was infected again. And yes, I am beginning to think that Comodo is hogging my resources . Any tips for firewall replacement that can complement my pc? I will check out your tip. Can I also try exiting Comodo when I do a full scan with Avira? I mean is it alright to disable firewall when dong full system scan for it not to hog my resources?
Thanks again for the tip.
PS: Is it you in the avatar? I think youre kinda cute
Regards,
voltron
Time to Reconsider offering Manual Update download?
in Malwarebytes for Windows Support Forum
Posted
Hi buttons;
Thanks for the reply.
I do remember that link via your website and have used it before when I had trouble with 1.39. I still am wondering why (after a year+) is it not updated? If Mbam has this rules updated regularly(say, daily) then whenever some user has problems updating then he/she could always download it and paste it in the appropriate mbam-folder....
An updated-alternative to auto-updates would not surely hurt but rather would enhance more services(ease pressure/paranoia of not getting updated,etc..). Some people when they get updated-updates (whether direct or downloaded-separately/manually-installed) will not whine as long as they are up-to-date.