Jump to content

clower_element

Honorary Members
  • Posts

    105
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

2,608 profile views
  1. Thank you very much for your help. I've submitted a ticket with my problem.
  2. Hi Would someone be so kind and help me please 😊. I've been a user of my Malwarebytes Lifetime License for about 8 years now. I've have just signed up to Malwarebytes Account and was going to input my Lifetime License there. I signed up for my my account with a different email address because the email address I purchased my Malwarebytes with 8 years ago no longer exists. Reading some helpful advice on these threads made me think it was OK using a new email address and just adding my Lifetime License ID and Key. The trouble is when i click on "My Account" from "Malwarebytes Dashboard GUI " it opens up my browser and prefills the "Sign In" page with the old non existent email address. When I try to register my Lifetime License ID and Key in my newly set up account it tells me "The product you are trying to use is already registered" I guess having my Lifetime License linked to my old non existent email address is preventing me to having it registered in my new account. How do I transfer my Lifetime License to my new account please? Helping me solve this issue would be very much appreciated. Thank you
  3. Thank you very much for your reply, Firefox . To your advice I've just installed the latest version and it seems to be working fine at the moment. I didn't install it over the top of my last version. I decided to use Malwarebytes clean tool first. Fingers crossed it stays working.
  4. Hi I've just turned my laptop on and got greeted by this warning from Malwarebytes version 3.1.2.1733, Component Package version 1.0.160, Update version 1.0.2681 I am not able to turn the Malware Protection back on. How do I turn it back ON, please?
  5. Hi I am wondering whether my exploit protection is working correctly? According to Nikhils expert advice In this thread "The mbae-test tool will not work for MB 3.0.6 if the Self protection is on" . In my MB 3.0.6 Self Protection is set to "ON" but when I run the mbae-test.exe it seem to be doing something because it is triggering the following pop up: Is this behaviour not normal for MB 3.0.6?
  6. Hi Kevin Thank you very much for your reply. No apologies needed, glitches can happen. As I understand from your reply I shouldn't worry about MSE logs in event viewer. Glad to hear it. Just to put my mind at rest. May I ask whether there was anything sinister on my laptop at all or just nothing to worry about? Thank you P.S. Donation has been made on my behalf by one of my family members. Hope you received it.
  7. Hi Kevin I have been keeping my eye on MSE since it was freshly installed last Friday. Here are my findings: The message “ Preliminary results show that malicious or potentially unwanted software might exist on your system. You can review detected items when the scan has completed” NO longer appears in the MSE interface whilst MSE is scanning. On one hand this seems like good news but on the other hand the (Event 5007) "Microsoft Antimalware Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware” still persists. This (Event 5007) makes me worried because it is not me who is doing any changes to trigger that in the event log. MSE also self updates before automatic scan starts with the latest definitions so I don't understand what is causing the "Event 2010" to retrieve additional signatures either? 15:14:42 "Event 2000,Microsoft Antimalware"- MSE updates with Antivirus signatures 15:14:42 "Event 2000, Microsoft Antimalware"- MSE updates with AntiSpyware signatures 15:14:44 "Event 1000, Microsoft Antimalware"- Scan started 15:16:09 "Event 19,Windows Update Client" - Windows successfully installed the definition update for MSE 15:26:56 "Event 2010,Microsoft Antimalware"- Dynamic Signature Service used to retrieve additional signatures to help protect your machine (Antivirus) 15:26:56 "Event 2010,Microsoft Antimalware" Dynamic Signature Service used to retrieve additional signatures to help protect your machine (AntiSpyware) 15:26:56 "Event 1001, Microsoft Antimalware"- Scan finished 15:26:57 Event 5007 “Microsoft Antimalware Configuration has changed. If this is an unexpected event you should review the settings as this may be the result of malware”. Thank you
  8. Hi Kevin I uninstalled MSE, restarted my laptop and installed fresh MSE from the link you provided. MSE seemed to install fine. It also performed its first self update and self scan automatically. I watched the scan run and this time for the duration of the whole scan the warning message DIDN'T resurface. Scan completed with no infections found. I'm going to monitor MSE scans for couple more days and come back (probably on Monday) to report if the dreaded warning message comes back again. I am secretly hoping it was just some kind of corruption with the old MSE at this point and nothing sinister lurking on my laptop. Thank you
  9. I will uninstall MSE from Control Panel and reinstall it tomorrow. I will report how it went tomorrow. I have to go to bed now. Thank you for your help so far,Kevin. Very much appreciated.
  10. Here are results of the GMER scan. I think it found something. Are these real threats or false positives? If they are false positives how do I release them back into my system. I still have got the Gmer Interface open. GMER 2.2.19882 - http://www.gmer.net Rootkit scan 2017-03-23 22:15:47 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950032 rev.0006 465.76GB Running: mxm852ir.exe; Driver: C:\Users\MCNEELY\AppData\Local\Temp\uwtirkog.sys ---- Registry - GMER 2.2 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27abb Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38e4dd08 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27abb (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38e4dd08 (not active ControlSet) ---- EOF - GMER 2.2 ---- Thank you
  11. That image I posted that identifies this entry C:\MSOCache\All I actually took just as an example to document the existence of the warning message when my MSE was scanning. It is not an actual spot where MSE would stall and and that warning message appeared. It is even hard to tell whether the message comes up at exactly the same spot each time because I have got a funny suspicion I have seen the message appearing in different spots in the past few days. I don't know if this helps a bit but I have just ran MSE quick scan twice in a row to catch MSE in action in real time and used the print screen button on my laptop to document the first appearance of the warning message. Strangely this time on both occasions the item in question seems to be "schvost". Also I have to add I don't have a USB flash drive. and used the print screen button on Thank you
  12. I stopped and changed those 2 Vaio entries to disabled. Then I ran MSE scan. The same problem with MSE persists. After the MSE scan I changed back those 2 Vaio entries I previously disabled back to "started". Thank you
  13. Hi Kevin Strangely there are no VAIO Care entries listed under the Services. Thank you
  14. Hi Kevin Thank you for your reply again. I followed step by step instructions from this link https://support.microsoft.com/en-gb/kb/929135 you kindly provided and set windows up for clean boot mode. Whilst in the clean boot mode I launched MSE and ran a quick scan. MSE behaved exactly the same as it currently behaves in my normal mode. Again it showed exactly the same warning message in its interface whilst it was running a scan and when it finished its scan there were no detections listed under MSE history tab. One thing I would like to mention. MSE was about half way into scanning and suddenly UAC popped up asking me whether I wanted (I think it was Vaio Care, can’t be sure 100%) to make changes to my computer. I had no idea how to deal with this in the clean boot mode (whether to allow it or not). I just closed this pop up window and soon after MSE finished scanning I left this mode and reset my laptop to start normally. Everything loaded back to normal as far as I could see except MSE icon was missing from the system tray next to the clock…. I had to kill msseces.exe process in the task manager to bring the icon back. I am not really sure what to do next with my findings. I am having one of those moments not fully understanding perfectly good set of instructions. Thank you
  15. Hi Kevin Thank you very much for your reply. This is what I see when I open History Tab on MSE. There are no detected items under Quarantine/Allowed and All Items. I also ran the the Rogue Killer as you requested. Obviously I am not able to read the logs myself but is this detection ... "[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [xxxx://www.docrafts.com/] -> Found" a false positive? I set this website "docrafts.com" as Google Homepage myself ages ago. Or is the site not to be trusted? I tried to attach the RK log but the forum gave me an error code: "There was a problem processing the uploaded file.-200" so I am copy/pasting it instead. RogueKiller V12.10.1.0 (x64) [Mar 20 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : MCNEELY [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 03/22/2017 12:28:16 (Duration : 00:37:06) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 0 ¤¤¤ ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤ [PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [https://www.docrafts.com/] -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST9500325AS +++++ --- User --- [MBR] 82c102291baac9b7855b8cc9293298a2 [BSP] 85d35a64660348e2957c1a36a0234f17 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13623 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 27901952 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28106752 | Size: 463215 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK Thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.