Jump to content

ellentk

Honorary Members
  • Posts

    23
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks for your reply. Since I posted my question, it occurred to me that all I need to do is add the program to the exclude list. I added the folder and the program launches with no problem. Daniel Kahneman wrote a book called Thinking, Fast and Flow. It's pretty clear where I come out on that spectrum.
  2. I'd like to run Auslogics DiskDefrag but a MB pup window is stopping me. I've used DD for years and just upgraded to the latest version. The older version never triggered malwarebytes. (Nor did it ever infect my system). The new version not only triggers MB but MB won't let me do anything but quarantine DD. Quarantine is blue, Ignore Once and Always Ignore are not active. If I click one the window vanishes for 15 seconds and reappears. I can't even dismiss the little window by clicking the X on the top right. The window slides down out of site for 15 seconds and slides back up. I can turn off MB to run DD but I'd rather MB run the way it's supposed to, that is giving users the choice of which pups they want to block. Is this a known bug or is there something I can do? Thanks for any help.
  3. Thanks, Aura. Just to make sure, I just download the latest file and run it? Should the installed version be open or closed? Ellen
  4. Instructions posted on this forum recommend uninstalling the version of malwarebytes on your computer before installing the current version. If I do that, will my settings, exclusions, etc. be saved? (FWIW I am running 3.0.6.1469, component packasge 1.0.76 and update package 1.0.1647) I haven't received the pushed file and plan to download the latest version. Thanks for any help.
  5. When I clicked "Scan with malwarebytes antimalware" after highlighting a file in windows explorer and right clicking it, MBAM began a threat scan of my entire computer. I just want to scan one file. Any way to do that?
  6. I've removed all references to babylon in Firefox's prefs.js and then deleted the user.js file, which I've read on the File Detections section of this board puts the entries back in Firefox's prefs.js file. But the entries keep returning to the prefs.js file. I'm running Win7 64 bit. I've searched the registry and removed all entries that contain the string Babylon. None of the programs that load at startup contain the string Babylon. It doesn't seem to be in processes or services either. And Babylon toolbar is not in my list of Firefox addons. And the toolbar doesn't load. But I would like to remove these pup files completely. I've searched and searched and cannot find a way to do it, except to totally remove all my extensions, which seems like overkill and way too much work restoring them. I'm seeing a simpler more elegant solution. Anyone got one? Thanks. Ellen
  7. Here's the thing. I downloaded a file from a freeware site that had a good rating from WOT. I scanned it using the right click menu. It was clean. I began to install it. Mbam advised it contained a trojan which it quarantined. It's good that I was protected on install, but I'd rather a scan warn me before I install a program. Since Mbam is capable of identifying this trojan, both in the protection module and in a full scan, I believe it should do so in a right click scan too and if not that it should be clear to users that this scan is not as thorough.
  8. How would I know there was a problem with the file if scanning it alone doesn't report it? Is the only reliable way to find out if there is a problem is to always do a full scan, even if you are interested in only one file? Seems counterproductive.
  9. Then what is the purpose of "scan with malwarebytes" being in the right click context menu?
  10. I did a full scan and these options were all enabled: Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P The scan turned up a minor problem in one file. I scanned that file using the right click context menu and the problem file was not found because the scan options were as follows: Scan type: Custom scan (D:\YYYY\JJJJJJ.exe|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra How can I enable Memory, Startup, Registry and Heuristics for a custom scan? Thanks. Ellen
  11. I do own MBam pro. I ran DDS and will send the logs to support. Thanks for your help.
  12. After installing a freeware program, malwarebytes pro (1.70.0.1100) informed me that it put backdoor.bot in quarantine twice, after failing to do so (error code 2): 2013/01/20 01:35:55 Detection c:\program files (x86) \zip password finder\recover.exe backdoor.bot quarantine 2013/01/20 01:38:18 Detection c:\program files (x86) \zip password finder\recover.exe backdoor.bot quarantine 2013/01/20 01:18 Error Quarantine failed: SDKQurantine failed with error code 2 Being unsure if the trojan got through due to the error, I took additional steps. Do I need to do anything else? Why was the trojan detected twice, or were there two trojans in the named file? How do I know if the trojan was quarantined before it did any damage? Should I delete the trojan or leave it in quarantine? Do I need to run combofix too? Here are the steps I've taken si far: I manually deleted the freeware program that contained the trojan along with a registry key containing the program's name as well as start menu links to the program. A search of my registry didn't turn up a key with the string "backdoor." A quick scan with malwarebytes reported no threats. A quick scan with GMER turned up a suspicious file, which I think it a safe intel process, based on this from http://www.runscanne...Client.exe.html "Privacyiconclient.exe with description Intel® Management and Security Status is a process file from company Intel Corporation belonging to product Intel® Management and Security Status. The file is digitally signed from Intel Corporation - VeriSign Time Stamping Services Signer - G2 We do not recommend removing digitally signed files from Intel Corporation" I've attached the GMER log, but only the above file was marked suspicious, if I'm reading it correctly. I ran AVG's anti-rootkit scan and it found no problems. I scanned my C: drive with AVG and it found no problems there. I scanned with Avast's aswMBR but can't interpret the log, which I've also attached. It gave me a choice of fixing the MBR but I'm reluctant to do that w/o knowing what will be fixed. I'm guessing it's the "disk 0 unknown mbr code" but I've read that these custom codes are not always malicious and the other scans turned up no problems. If someone can interpret the log, I'd appreciate it. I scanned with Sophos Virus Removal Tool, which found no threats. I checked running processes and didn't find backdoor.bot. Thanks for any help and advice. Ellen aswMBR.txt GMER Log after backdoor.bot quarantined.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.