[Mbamgui Not Starting]

Mbamgui.exe /starttray does not start at boot time - it's in the startup but it has to be started manually.

Windows-7 Professional 64-bit SP-1 with MBAM Pro, Avast! Free and Zone Alarm Free.

Suggestions?

Regards,

Cheemag

In short a reinstall. Thanks. I'll get back if it doesn't work.

Regards,

Cheemag

[Mbamgui Not Starting]

Mbamgui.exe /starttray does not start at boot time - it's in the startup but it has to be started manually.

Windows-7 Professional 64-bit SP-1 with MBAM Pro, Avast! Free and Zone Alarm Free.

Suggestions?

Regards,

Cheemag

[installfreefileopener_1556.exe is False Positive]

Malwarebytes Anti-Malware (PRO) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.06.26.02

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 6.0.2900.5512

Jim :: BB [administrator]

Protection: Enabled

26/06/2012 18:13:56

mbam-log-2012-06-26 (18-33-12).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 239016

Time elapsed: 18 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Download\installfreefileopener_1556.exe (PUP.BundleInstaller.IQ) -> No action taken. [90fa9c5c28348ea84b59cfe0a45cb44c]

(end)

[Persistent Blocking of Outgoing Access]

You are quite welcome, should you have other questions or comments don't hesitate to ask....

I've determined that these occur only when Firefox is open and TcpView confirms that they are coming from

Firefox.

Must be an add-on. I'll try deleting them all and adding them one by one.

Regards,

cheemag

[Persistent Blocking of Outgoing Access]

Thank you very much for that useful information.

It hasn't come up since, but I'm keeping an eye on the situation with TcpView.

Again thanks;

--

Cheemag

[Persistent Blocking of Outgoing Access]

This morning MWB is persistently blocking outgoing access to 199.27.135.184.

I don't understand the concept of outgoing access. Does this mean malware on my

computer is trying to contact 199.27.135.184. MWB scans find nothing. Avast scans

find nothing.

--

Regards,

Cheemag

[SnapDb & AutoHotkey Compiler False Positives]

Please update mbam and scan again. This should of been fixed. If not please attach a scan log and the files.

It wasn't found on a scan, it just popped up: SnapDb twice, the Autohotkey one once.

The programmes were declared clean by Avast and MWMB after download.

Nonetheless, I'll update and scan again.

Regards,

Cheemag

[SnapDb & AutoHotkey Compiler False Positives]

MWB reports SnapDb_ansi.exe and autohotkeysc.bin as containing trojan backdoors.

I cannot believe either of these harbour malware.

This only happens in XP SP-3, not in Windows-7 64-bit.

Comments?

[MWB Already Running says XP]

Hello and

Sorry to hear your having an issue with Malwarebytes, the instrucions below should solve your issue...

Please do the following:

[*]Download and run mbam-clean.exe from here

etc, etc ...

I did all of that to no avail, the second item was still in the startup.

I just deleted it.

[MWB Already Running says XP]

After installing v1.51.0.1200 I get a message at boot-time to the effect that MWB is already running.

I have two instances of MWB in my startup: mbamgui.exe /starttray and a just plain mbamgui.exe so I

assume one or the other will have to deleted. Presumably the latter?

Regards,

Cheemag

[Landing-Savetubevideo - MWB Failed]

Glad you got it fixed and working.

FWIW, the only place to get FF (or TBird) downloads is here either

http://www.mozilla.com

or

http://www.mozilla.org.

There are a lot of phony sites out there.

I've seen several threads about this at the mozillazine forums.

You might wish to start a thread here, since the mods/admins can try to get them shut down.

Unfortunately I don't now know the URL for the site from which I got the infected file. There are many offering Firefox downloads besides Mozilla itself.

Still, it might not be a bad idea to have one of the experts take a look at your system, to be sure it's clean.

You mean by getting a support ticket?

[Landing-Savetubevideo - MWB Failed]

Hello, Cheemag:

Sorry to hear about your infected computer.

I'm sure you are very frustrated.

Alas, no 1 AV or anti-malware product can protect against 100% of threats.

Moreover, MBAM is not an anti-virus -- it is designed to provided layered protection alongside a robust standard AV and firewall.

I am not an engineer and don't know specifically about the landing savetube-video, but it appears to be a virus -- hence it may not be something in the MBAM database, but it ought to have been detected by your AV.

The Savetubevideo thing isn't a virus, it's a "search hijacker", and in retrospect probably not detectable by either an AV or by MWB.

That said, free, expert, one-on-one malware removal assistance is just around the corner ...

Won't be necessary. The usual method of removing this nuisance is by deleting files and folders. Oddly, although I found one folder, it was empty. I suspect that I had downloaded an infected copy of Firefox from what appeared to be the Mozilla site. Uninstalling that and getting a fresh copy of FF seems to have solved the problem.

Neither MWB nor the ESet scanner can find anything except the AOA Audio Converter, which the latter considers a threat.

Thanks for the response.

[Landing-Savetubevideo - MWB Failed]

After re-installing Firefox I became infected by Landing.savetubevideo.com.

MWB did not prevent the infection nor did it detect it during a full system scan after the event. StopZilla detected it - and found four other infections which do not in fact exist on my machine. It demanded payment to remove the existent and non-existent infections! I presume StopZilla is scareware, but I would have expected MWB to have either prevented the infection or to have detected and removed it.

[IP False Positive]

MWB is throwing up a false positive for the following, which seems to be an Avast

antivirus site in Chicago:

Today, 15 January 2011.

10:55:59 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

10:56:01 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

10:56:07 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

14:57:41 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

14:57:44 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

14:57:50 Jim IP-BLOCK 67.228.77.19 (Type: outgoing)

This could probably prevent me from getting Avast updates?

Regards,

Cheemag.

[Malware Bytes Won't Update]

Right. Thanks. I'll do that when I've tracked down the clean tool - can't do any harm !

That worked!

Let's hope it sticks.

[Malware Bytes Won't Update]

I have the same issue. I had this same issue in the past with 1.45 and I fixed it by uninstalling and running the clean MBAM tool. That worked in the past, it's didn't work now....

Right. Thanks. I'll do that when I've tracked down the clean tool - can't do any harm !

[Malware Bytes Won't Update]

Close MBAM, delete the rules.ref in

C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware

(Directory may be hidden, unhide in Explorer's map-extra's)

Restart MBAM and manual update.

Don't be sure if it works but give it a try, it's a few clicks and can't do anything wrong.

'Fraid it didn't work. Same error.

[Malware Bytes Won't Update]

@ Cheemag -

Please also list all other security programs installed (Antivirus with its update version , and any installed Firewall) -

It's only just started to do this. It used to update normally.

Antivir is Avast v5.0.677

Windows Firewall, can't find version etc.

[Malware Bytes Won't Update]

Greetings

Please verify that you are logged in as an administrator. If you are not, then you will need to right-click on the shortcut to Malwarebytes' Anti-Malware and select Run as administrator in order for the program to allow you to download updates.

(Managed to get Quote to work - different to other forums I use).

I ran the update as Admin, but get the same error. The update window appears to download a 5.52MB file a number of times before crashing with the same error.

[Malware Bytes Won't Update]

(Quote doesn't work in this forum ...)

I wrote:

>I get the error MBAM-ERROR updating (5,0, Creatfile) Access denied. With a suggestion that I should report it.

>

>What is wrong here?

Have I posted in the wrong forum?

[Malware Bytes Won't Update]

I get the error MBAM-ERROR updating (5,0, Creatfile) Access denied. With a suggestion that I should report it.

What is wrong here?

Regards,

Cheemag.

[MWB & Windows 7 Slowdown?]

I use MBAM and Windows7 and haven't experienced any slowness (running MSSE along with it)..

OK, Thanks.

[MWB & Windows 7 Slowdown?]

Hello.

I'm using the MWB's free version with Avast Free as my antivirus.

I'd like to upgrade to the paid version of MWB, but after having experienced system slowdown in both XP and Windows-7 with some other on-the-fly security apps (like ZA Internet Security, AVG-9 etc) I'm reluctant to chance this happening again.

Are there any slowdown issues with MWB paid version?

[Windows 7 Professional 64-bit]

Regards,

Cheemag.