Jump to content

Kernel Krumpet

Honorary Members
  • Posts

    94
  • Joined

  • Last visited

Everything posted by Kernel Krumpet

  1. By and large, almost all of the time MBAM has been the cream of the crop, the best of the bunch etc... but, the technical stability and robustness of the product for me has always been an anal-clenching adventure.. Yes, ever since it hosed Windows Backups in the early days! In addition, it is still quite beyond belief as to why it doesn't register with the Windows Security Center, hangs on scans with cancel and pause not registering, confusing end-user messages about 'updating the database et al.. Certainly not show stoppers or disasters but... indicative of a culture.... I appreciate that people who work in ivory towers and testing labs can't cover the myriad of disasters that occur, can occur and are waiting to occur in the trenches of 'the real world', but.... i really do think that aspects of this company could be better attended to for graduating 'top of the class' - if that's where you want to be. Zlob vs. MBAM's RootKit Utility? Zlob wins! [still it's better than HitMan Pro which removes the Zlob and takes the user HD out at the same time!!] However, this is all fine for me as I bill by the hour and support Software's idionsyncracies and imperfections - and there's lots to be found everywhere.. I see other techs. comments here and am in agreement. I can see who works in the trenches - and how long they've been at it. There is some very valuable, sage, FREE [!!] and substantial advice here. Heed it! thanks for reading my .10c
  2. figgered. others tho' slipped by the mbam eye. maybe 'fresh' is just 'getting to know you' time! thanks.
  3. i wrote a backup script last night and saved it where i save all my other simple backup scripts Here's MBAM's prognosis: and here's the contents of the simple backup scipt file - c:\dubu.cmd. robocopy.exe x:\ "C:\Users\me.domain\documents\my web sites" /E /XJ /TEE /XO /NS /NP /XA:H /MT:4 /R:3 /W:8 /REG /XD _vti_cnf akismet twentythirteen twentyfourteen /XF *.tmp /log:C:\Users\me.domain\desktop\dubyou.txt
  4. To reply to above, I need to assume something else. Mbamchamelon Failed to obtain file name information - C0000022 is not a result of a drive being formatted... Anyone? thank you.
  5. This Error ID: 67103 in Windows System Event Log... Mbamchameleon Failed to obtain file name information - C0000022 I'm assuming this happens while a drive is being formatted? Or, should I be assuming something else? Thank you.
  6. @shadowwar Tx for that. Yes, Tom quickly clued me in to that after I'd followed FF's advice in his/her 1st post above. I would assume that Malwarebytes Heuristics catches more than the notepad executable. They might like to add twains and thunks too! I didn't want to post Tom's solution detail as I thought it might be too revealing... Mea Culpa apparently.
  7. Indeed. I have been called many things but never that! Cryptolocker bundled with Zbot malware was, as you probably perceived, the intention. Thank you for pointing this out. It has been duly edited.
  8. To clean up any confusion, no, no help from bc - just reading the 10 page thread on Cryptolocker. You are the only other helping.
  9. Hmmmmm. Given the 10-page-or-so bleepingcomputer Cryptolocker thread along with 2 full Malwarebyte scans and RootKit checks, I was thinking more like false positive but, your 2 comments "...take a look under the hood to make sure the infection is completely gone......" & "...Being that you are probably infected..." are duly heeded. Thank you.
  10. 8:30am PST. After spending a couple of days on a client's Zbot Cryptolocker removal and file restoration - the blocking of executables running from XP's %username%\Application Data\ folders and sub-folders was implemented through Group Policy. As a test I just now copied notepad.exe from c:\windows into the \application data\ folder. But, Malwarebytes blocked this and called Zbot Crypto on notepad.exe - and Quarantined. Next, Right Click notepad.exe and 'scan with malwarebytes' - no malware found? Next, Delete notepad.exe from windows\ and windows\system32\ and replace with known good copy. Next, copy good notepad.exe into %username%\application data\ again. Again, Malwarebytes calls Zbot Cryptolocker on the copy and quarantines. Next, copy thunk??.exe into %username%\application data\ folder & run. Group Policy blocks the execution! Whassup with copying notepad.exe from \windows into %username\application data\ ? Thanks.
  11. Just in case any of you are unfortunate enough to have paid for the "new and improved" Trend Micro Titanium anti whatever software, please see screen capture below to be a totally bogus Trend Micro Titanium message. The Trend Micro Software seems to think that the mbam-clean executable is a threat! Not that I am in any affiliated with the Malwarebytes company but, subject to all the official screening and editing of these Forum posts, I can almost assure you all that the mbam-clean executable is not the Fake Trojan that Trend Micro would have us believe! The only threat to Trend Micro is their constant inability to produce a decent software product. That and Malwarebytes of course!
  12. New Version huh? Did the Marketing Department have anything to do with this? Can we have the old version back please so that millions - yes millions - of your users don't waste any more of their own or their companies time. (We ALL know about the disclaimers on Software Licenses) And, it's not just XP users suffering a time, protection and money loss in spite of their appearing to be this Board's majority posters. ======================================================================================================= Win7 Ultimate, Core-i7, 6GB RAM patched, up-to-date and working flawlessly - until this morning's MBAM install! Faulting application name: mbam.exe, version: 1.60.0.59, time stamp: 0x4ef23d40 Faulting module name: mbamcore.DLL, version: 1.60.0.52, time stamp: 0x4eea37f7 Exception code: 0xc0000005 Fault offset: 0x00060ae0 Faulting process id: 0x9e4 Faulting application start time: 0x01ccc5b2f968dc91 Faulting application path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe Faulting module path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.DLL Report Id: 39101e7f-31a6-11e1-98f0-0024e811876b ========================================================================================================= Also, some of the suggested resolutions are seriously worrying in as much as the "uninstall, reboot, run a cleaner, reboot, get your License Key and ID, Re-install and, let us know" software manufacturing patter goes. What's worrying is that this doesn't appear to be working all the time thus leading to more wasted time and money. In addition, preventing Acronis working appears to be a throwback to the early days when MBAM prevented MS Backup from working too. Did anyone read yesterday's article on Slashdot about American Software? The title read "Why American Corporate Software Can No Longer Be Trusted " Anyways, can we have a guaranteed fix or solution for this please. Our computers are messed up. thanks.
  13. History: Sage technical support insisted that MSE and MBAM must be set to ignore one of their Medicalware Applications - written in Clarion. Even tho' MBAM (& MSE) were setup to ignore the aforementioned Clarion MedWare App. - it still cratered! In true Clarion fashion it was only fully repaired after 2 days worth of Clarion DBase Utility Repairs and the requisite 3 foot high stack of report paper!! Current Status: Sage now recommends what they refer to as "Business Class" Security Software and, in the same breath, trot out the words "Symantec Endpoint". But, interestingly enough, Sage Software support continues to recommend that their Medical Software App. is ALSO excluded from Symantec's Endpoint Scanner. This begs the question: Why, if MBAM (& MSE) are being blamed for corrupting the Sage Medical Apps. Clarion Database - even with "Ignore" on - will Symantec's Endpoint not manifest the same behaviour? My own experience with SEP is that it is a) not very effective and b) high maintenance($) to setup efficiently (for a small business). Given all the above can anyone please speak to MBAM and Clarion Databases or, as I suspect, are we, in this instance, getting a run around from Sage. Thanks.
  14. Another truly wonderful "second opinion" scanner is from surfright.nl called hitman pro. Not only do they they use interesting "offline" techniques but also were effectively eradicating that nasty low-level Alureon malware before quite a few others'.
  15. Ah - that's maybe why it was never found in my /developer scan this a.m. The ExWeb file was found sometime earlier than my /dev scan. I am assuming you refer to the FP rather than my IE9 comment? Thank you, as always, for your timely response.
  16. Not sure about this one.... Should be OK but, these days, who knows? Thank you protection-log-2011-04-19.txt xWeb4LightboxEE.zip Also, FYI: i had problems w/IE9 bringing up the "advanced uploader" - maybe just impatience but switched to FF after a pregnant pause w/IE9.
  17. In spite of all your hardwork and dedication to the cause - which is, as always, truly commendable - I have 3 suggestions to betterize this product. (and I know my technical friend here will put me right if I'm wrong) 1)... Get the affiliate banners and the program/app logo switched over to your newer blue/grey theme. 's mo' beddah fer sure. 2)... What's with the updates not working for versions? Unless I go to most of my clients and activate the - paid for - mbam app it resides in history land. Only after the manual update and reboot and update and reboot does it come to current status. Whassup with that? Geez, even MS Essentials gets that one together. I don't need to get a reputation for updating my clients' paid for programs manually and them billing them for that. 3)... Win32/Alureon? Is Mbam nuking that sucker yet? It's getting prolific out there. But I'm sure you knew that. Thanks for reading, digesting and assimilating. Aye.
  18. Goodness. We're not reduced to the "either one or other" discussions are we? Listen up. I use 3 browsers and love them all for their various strengths - and weaknesses. Just like having 3 close friends. FF deletes my flash cookies, chrome is fast and cute, IE9 is the most standards compliant (Yes, it is!). And many other reasons too. Those were just the ones that came to me in 6 seconds or less. Stop this "Which is better? Ford or Chevvy?" rubbish. It just downgrades the whole human race to neanderthal status again.
  19. Wrong move. Go here: http://goo.gl/RZEzZ and be educated. Then when you've uninstalled Avast and re-installed MSE and rebooted then, if you haven't done so already, install MBAM following the excellently laid out instructions already referenced by many in these forums. i.e. MSE and MBAM co-existing. Yup, totally the wrong move keeping Avast. Totally.
  20. Follow this link to slashdot. http://goo.gl/RZEzZ Read the articles and postings and mention that Malwarebytes, objectively, is the necessary 1st or 2nd vector in PC (Personal Computer) defense. I did, 3 or 4 times and was proud to do so. This means that Malwarebytes will get more kudos, get more hits, make more money, be able to afford better sales reps and be able to sell more product. Simple! We all want it to succeed right?
  21. Yup - looked like something like that due to the - Sorbs inaccessibility. Thanks for the link. I appreciate your follow-thru. Re: Paraphrasing from the article above, two of the only "eggs in one basket" I use are Malwarebytes for Malware catching and SpamGrabber --> SpamCop for acting Globally! think local - act global
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.