CurlySue

Members
  • Content count

    30
  • Joined

  • Last visited

About CurlySue

  • Rank
    New Member
  1. EYE DO NOW!! Thanks for the HEADS UP, Dave! Damn . . . gotta have my EYES CHECK today!! Looks like I should be DELETING that DIRECTORY immediately!! CurlySue
  2. Hello David, and thank you for your reply. I believe this may be the LOG FILE . . . if not, I will find it. BEGIN FILE Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/12/2015 Scan Time: 7:03:10 AM Logfile: Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.11.12.02 Rootkit Database: v2015.11.04.02 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: CurlySue Scan Type: Threat Scan Result: Completed Objects Scanned: 484419 Time Elapsed: 24 min, 45 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.MalwareProtection, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MalwareProtectionLive, , [f42ec3ba28630b2ba7e4911513f0ce32], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 2 PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\quarantine, , [f42ec3ba28630b2ba7e4911513f0ce32], Files: 9 PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MalwareProtectionLive\MalwareProtectionClient.exe, , [889a99e4f992e452c8826ae88d7435cb], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\MALWAREPROTECTIONCLIENT.EXE.CONFIG, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\certificates, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\certificates_filter, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\extensions, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\extensions_filter, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\uninstall.exe, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\LOCAL SETTINGS\APPLICATION DATA\MALWAREPROTECTIONLIVE\userinfo.dat, , [f42ec3ba28630b2ba7e4911513f0ce32], PUP.Optional.MalwareProtection, C:\Documents and Settings\CurlySue\START MENU\Programs\MALWARE PROTECTION LIVE.LNK, , [130f83fa2b60f5412a628c1a0ff45ea2], Physical Sectors: 0 (No malicious items detected) (end) END FILE
  3. Hello everyone! This morning, after updating MWB Pro, a SCAN resulting in 12 Threats Detected and ALL were MALWAREBYTES files. Would this be MWB's way of removing features without telling us? I have attached a screen shot image that illustrates the findings (results). Any thoughts? CurlySue
  4. Recently, due to an issue I posted at Malwarebytes . . . specifically >> https://forums.malwarebytes.org/index.php?/topic/166319-mbamserviceexe-windows-task-manager-mem-usage-for-windows-xp-vs-windows-7/ << . . . lacking a Malwarebytes response that answered my query, I chose to follow a suggestion submitted by Malwarebytes forum member, Nirose. Accordingly, I followed the instructions provided by Malwarebytes at >> https://forums.malwarebytes.org/index.php?/topic/146017-mbam-clean-removal-process-2x/ << where I chose the instructions associated with Method 1, because I am a "Paid PRO / PREMIUM version" user whom wants to perform a "(clean reinstall/upgrade)" of MWB. Those instructions include . . . Paid PRO / PREMIUM version WARNING: Please make sure you have or obtain your license activation information before running this procedure if you're using the paid PRO or PREMIUM version as this tool will remove all of the Malwarebytes Anti-Malware program files, logs, and licensing information from your computer. You will need to reactivate the program using the license you were sent via email.You cannot look up your Activation ID and Key from the Registry unless you have a previously licensed 1.x version installed. Fresh installs now encrypt that data so make very sure you have your ID and Key before you proceed. Previous 1.x PRO versions did store the ID and Key in the following locations of the Registry but a clean fresh install of version 2.0 will not store it in the Registry.Location for Windows x86 32-Bit HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware Location for Windows x64 64-Bit HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware If you cannot locate your license activation information in the Registry and no longer have access to your order number you can contact cleverbridge to obtain information about your order including license registration and activation information. Please note that cleverbridge does not offer technical support for any products. They will only provide you with your order information: Contact cleverbridge customer service If you purchased Malwarebytes Anti-Malware from another vendor or reseller and still require the license activation information you will need to contact that vendor or reseller to obtain the information before you proceed otherwise you will not be able to re-activate the product. When ready please proceed with the following:Make sure you disable the program Self Protection if you've enabled it. From Settings -> Advanced Settings -> uncheck the "Enable self-protection module" and close the programPlease download mbam-clean.exe from here to your desktop and save it.Please close all open applications and temporarily shutdown your antivirus to avoid any conflicts when running the tool.Locate the file mbam-clean.exe and double-click to run it and follow the onscreen prompts.It will ask to restart your computer, please allow it to do so very importantAfter the computer restarts, ensure that your antivirus is enabled and download the latest version of Malwarebytes Anti-Malware from here and save it to your desktop. Now close all open applications including your browser and again temporarily disable your antivirus as before and launch the Malwarebytes installer you just downloaded.Please make sure to uncheck the Trial checkmark near the end of the installation.Please make sure you check for updates at the end of the installation as well. The program should automatically update the database.Launch the program and click on the Activation button. Then copy and paste your activation ID and Key into the dialog box. This should automatically enable Protection and offer to add an automated update schedule which you should allow or ensure that you create one on your own to keep the program updated.Now setup any file exclusions as may be required for your Anti-Virus/Internet-Security/Firewall applications and then enable your Anti-Virus/Internet-Security applications. You may use the guides posted in the FAQ's here or ask and we'll explain how to do it.Restart the computer again and verify that Malwarebytes Anti-Malware is in the task tray runningBecause I "cannot locate your license activation information in the Registry" due to Malwarebytes ENCRYPTING this information I entered when I installed the software I purchased (a total of two Malwarebytes PRO at $24.95 each) from Newegg on 30 May 2014, I followed the instructions and submitted an email via the instruction's link >> Contact cleverbridge customer service With attachment, I submitted the following text via the Contact cleverbridge customer service web form as follows . . . After purchasing two copies of MWB Pro from Newegg (about a year ago) and installing each on different PCs, where I am having an issue on my Windows XP SP3 machine . . . as noted here . . . https://forums.malwarebytes.org/index.php?/topic/166319-mbamserviceexe-windows-task-manager-mem-usage-for-windows-xp-vs-windows-7/ . . . I want to perform a CLEAN install of MWB Premium on my XP SP3 machine and I cannot locate my license activation information. Licensed, and registered at XX:XX:XX on XX/XX/2014, my Identifier is XXXXX-XXXXX. (information intentionally omitted for this posting). Please forward my KEY and ID so I can reinstall MWB Premium and, hopefully, resolve my current MWB issue. Thank you. CurlySue Attachment(s) Unfortunately, I received a reply, IMO, that strongly suggests the Malwarebytes staffer did not read my email. The staffer's reply reads . . . Thank you for your message. We have been unable to identify any order in our system associated with your name or e-mail address. If you are certain that the order was processed by cleverbridge, can you provide us with your reference number or perhaps an alternative e-mail that you may have used when you placed the order? Otherwise, for any technical or product related inquiries we would recommend reaching out to Malwarebytes for technical support. Malwarebytes can be reached at: Support page: http://www.malwarebytes.org/support/ Knowledge base: https://helpdesk.malwarebytes.org/hc/en-us Thank you for your cooperation. Recognizing the detail I provided - specifically stating, "After purchasing to copies of MWB Pro from Newegg (about a year ago)..." and "... my Identifier is XXXXX-XXXXX..." as well as the attachment (screen shot image) confirming my Identifier - after reading this staffer's reply, specifically "If you are certain that the order was processed by cleverbridge..." and "Otherwise, for any technical or product related inquiries we would recommend reaching out to Malwarebytes for technical support" I can only conclude that the Malwarebytes stafter DID NOT READ OR COMPREHEND MY EMAIL. Reading "If you are certain that the order was processed by cleverbridge..." My web from submission stated, "After purchasing to copies of MWB Pro from Newegg (about a year ago)..." I strongly believe that I have provided the information necessary for Malwarebytes to reply with my KEY and ID so I can reinstall MWB Premium, but it appears that due to a communicatioin "comprehension" issue, IMO, I am limited to cleverbridge Customer Support INCOMPETENCE. At this point I have no idea what to do - due to my failure to keep the Malwarebytes retail packaging (a box) received from Newegg or document my ID and KEY - where the ID and KEY were inked on the bottom flap of the box (if my memory serves me). CurlySue
  5. Thanks for your reply. I consulted with two Microsoft Certified Systems Engineers as well as to Microsoft MVPs and all agreed it is NOT a memory management issue. The most interesting comment included the statement, "...given the 300% factor, if it were a memory management issue, the launch of Windows 7 would have included a marketing campaign that would have aggresively promoted this issue and Windows 7 would have been so successful that it would literally DWARF all other operating systems combined." His comment exceedingly convincing that this is NOT a memory management issue - it, in his words, is a MWB issue. After researching this issue across some 25 PCs, I strongly believe there is an issue with XP SP3 and MWB Premium (where I used "Pro" in my previous posts). Hopefully, MWB will review this post and address this issue. Thanks again!! CurlySue
  6. Thanks for your reply, 1PW. I have been researching this issue across some 25 PCs, Windows XP SP3 and Windows 7 SP1 machines, and am finding it exceedingly random. I now strongly believe there is an issue with XP SP3 and MWB Premium (where I used "Pro" in my previous posts). In each instance, we set MWB's settings identical to my XP SP3 machine's and some exceeded 270MB and others were less than 100MB (noting that all XP SP3 machines have 4GB RAM or more) - and 7 SP1 machines varied as well, from 45MB to 90MB (where all 7 SP1 machines have 6GB RAM or more). Hopefully, MWB will review this post and address this issue. Thanks again!! CurlySue
  7. Hi all! Upon reviewing Windows Task Manager to resolve a non-MWB Pro issue on my Windows 7 PC SP1 (a 64-bit machine), I noticed that mbamservice.exe's Mem Usage was less than 89MB after about 15 minutes of surfing the Internet, accessing email, etc, with less than 17 minutes of power on time. When I compared this MWB Pro on my Windows XP SP3 PC (a 32-bit machine), I found mbamservice.exe's Mem Usage exceeds 269MB after about 15 minutes of surfing the Internet (exact same websites, accessing email, etc) with less than 17 minutes of power on time. I am not alarmed, but I am SERIOUSLY CURIOUS why mbamservice.exe's Mem Usage on Windows XP SP3 is 3 TIMES that on Windows 7 SP1. I cannot imagine it has anything to due with 64-bit versus 32-bit, but I have been wrong before and look forward to being wrong again - since that's when I learn the most. Any thoughts on this Mem Usage DIFFERENTIAL??? Thanks in advance! CurlySue
  8. After updating to 2.0.4 I have noticed something that truly bugs me. When I right click on the MWB icon in my system tray, I find the following . . . Add (94.242.216.69) to Web Exclusions Due to the nature of right-clicking this icon, I cannot capture a screen shot image to attach to this post. However, I can recreate its location as follows . . . Malware Protection Malicious Website Protection -------------------------------------------------------------- Start with Windows -------------------------------------------------------------- Add (94.242.216.69) to Web Exclusions -------------------------------------------------------------- Open Malwarebytes Anti-Malware -------------------------------------------------------------- Check for Updates -------------------------------------------------------------- Exit Checking the location of this IP Address . . . findip-address states it is located in Europe, specifically in Schoos Luxembourg near CR 120. I have not and WILL NOT allow this CRAP to be added to Web Exclusions, but I do want to undertand why it appears? Thanks in advance for your support. CurlySue
  9. @ daledoc1 . . . Thank you for the informative and exceedingly comprehensive reply. Coincidence or not, I am happy to be back on the SMOOTH working side of MWB!! CurlySue P.S. Thanks again, mynorgeek
  10. Thanks for your reply and support mynorgeek!!! Was not aware of the 2.0.4 update - and my MWB Premium version was not updating to it on its own. Following your lead, I updated to 2.0.4 as you suggested and the "perpetual update" has now ceased - in short, all appears to be back to normal. I re-ran THREAT SCAN and MWB found nothing (as it did when I ran the 2.0.3 threat scan) - I will post the screen shot image and the associated SCANNING HISTORY LOG. Thanks again, mynorgeek!!! CurlySue Thanks for your reply, 1PW. You said, "... probably infected..." That surprises me since I ran and posted the results of a complete THREAT SCAN and MWB found nothing - I also posted the SCANNING HISTORY LOG. I would hate to learn that my PC was/is flawed in a "probably infected" manner - I'd have to take AVIRA to task on that. But I digress. As you may have read . . . Following mynorgeek's lead (and experience), I updated to version 2.0.4 (a version that MWB Premium 2.0.3 clearly IGNORED which thoroughly disgusts me) and the the "perpetual update" has now ceased - in short, all appears to be back to normal. Clearly the "perpetual update" problem I described and experience was due to a FLAW in MWB's previous update and the problem (not disclosed to the public) was quickly remedied with the 2.0.4 update. I am glad that I did not have to execute your suggestions, but truly appreciated your support. CurlySue Thanks for your reply, daledoc1. Please refer to my response (noted above) to 1PW. Thanks for the added insight regarding CDN as well. CurlySue = = = = = = = = = =
  11. Hi all! I am running MWB Premium 2.0.3.1025 and yesterday after an update, it is stuck in perpetual update mode (where the Updating database icon rotates continuously and the progress bar remains blue and full right and the Update Now > button is greyed-out) - see image below - and yet when I view Process using Windows Task Manager there is ZERO activity for mbam.exe and mbamservices.exe My OS is Windows XP SP3. Any thoughts? Thanks, CurlySue
  12. Hi all! I am running MWB Premium 2.0.3.1025 and yesterday after an update, it is stuck in perpetual update mode (where the Updating database icon rotates continuously and the progress bar remains blue and full right and the Update Now > button is greyed-out) - see image below - and yet when I view Process using Windows Task Manager there is ZERO activity for mbam.exe and mbamservices.exe My OS is Windows XP SP3. Any thoughts? Thanks, CurlySue
  13. I understand, Gringo. Thank you for your support. With kindest regards, CurlySue