• Content count

  • Joined

  • Last visited

About ellentk

  • Rank
    New Member

Contact Methods

  • ICQ
  1. When I clicked "Scan with malwarebytes antimalware" after highlighting a file in windows explorer and right clicking it, MBAM began a threat scan of my entire computer. I just want to scan one file. Any way to do that?
  2. I've removed all references to babylon in Firefox's prefs.js and then deleted the user.js file, which I've read on the File Detections section of this board puts the entries back in Firefox's prefs.js file. But the entries keep returning to the prefs.js file. I'm running Win7 64 bit. I've searched the registry and removed all entries that contain the string Babylon. None of the programs that load at startup contain the string Babylon. It doesn't seem to be in processes or services either. And Babylon toolbar is not in my list of Firefox addons. And the toolbar doesn't load. But I would like to remove these pup files completely. I've searched and searched and cannot find a way to do it, except to totally remove all my extensions, which seems like overkill and way too much work restoring them. I'm seeing a simpler more elegant solution. Anyone got one? Thanks. Ellen
  3. Thanks, good to know going forward.
  4. Here's the thing. I downloaded a file from a freeware site that had a good rating from WOT. I scanned it using the right click menu. It was clean. I began to install it. Mbam advised it contained a trojan which it quarantined. It's good that I was protected on install, but I'd rather a scan warn me before I install a program. Since Mbam is capable of identifying this trojan, both in the protection module and in a full scan, I believe it should do so in a right click scan too and if not that it should be clear to users that this scan is not as thorough.
  5. How would I know there was a problem with the file if scanning it alone doesn't report it? Is the only reliable way to find out if there is a problem is to always do a full scan, even if you are interested in only one file? Seems counterproductive.
  6. Then what is the purpose of "scan with malwarebytes" being in the right click context menu?
  7. I did a full scan and these options were all enabled: Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P The scan turned up a minor problem in one file. I scanned that file using the right click context menu and the problem file was not found because the scan options were as follows: Scan type: Custom scan (D:\YYYY\JJJJJJ.exe|) Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Memory | Startup | Registry | Heuristics/Extra How can I enable Memory, Startup, Registry and Heuristics for a custom scan? Thanks. Ellen
  8. I do own MBam pro. I ran DDS and will send the logs to support. Thanks for your help.
  9. After installing a freeware program, malwarebytes pro ( informed me that it put backdoor.bot in quarantine twice, after failing to do so (error code 2): 2013/01/20 01:35:55 Detection c:\program files (x86) \zip password finder\recover.exe backdoor.bot quarantine 2013/01/20 01:38:18 Detection c:\program files (x86) \zip password finder\recover.exe backdoor.bot quarantine 2013/01/20 01:18 Error Quarantine failed: SDKQurantine failed with error code 2 Being unsure if the trojan got through due to the error, I took additional steps. Do I need to do anything else? Why was the trojan detected twice, or were there two trojans in the named file? How do I know if the trojan was quarantined before it did any damage? Should I delete the trojan or leave it in quarantine? Do I need to run combofix too? Here are the steps I've taken si far: I manually deleted the freeware program that contained the trojan along with a registry key containing the program's name as well as start menu links to the program. A search of my registry didn't turn up a key with the string "backdoor." A quick scan with malwarebytes reported no threats. A quick scan with GMER turned up a suspicious file, which I think it a safe intel process, based on this from http://www.runscanne...Client.exe.html "Privacyiconclient.exe with description IntelĀ® Management and Security Status is a process file from company Intel Corporation belonging to product IntelĀ® Management and Security Status. The file is digitally signed from Intel Corporation - VeriSign Time Stamping Services Signer - G2 We do not recommend removing digitally signed files from Intel Corporation" I've attached the GMER log, but only the above file was marked suspicious, if I'm reading it correctly. I ran AVG's anti-rootkit scan and it found no problems. I scanned my C: drive with AVG and it found no problems there. I scanned with Avast's aswMBR but can't interpret the log, which I've also attached. It gave me a choice of fixing the MBR but I'm reluctant to do that w/o knowing what will be fixed. I'm guessing it's the "disk 0 unknown mbr code" but I've read that these custom codes are not always malicious and the other scans turned up no problems. If someone can interpret the log, I'd appreciate it. I scanned with Sophos Virus Removal Tool, which found no threats. I checked running processes and didn't find backdoor.bot. Thanks for any help and advice. Ellen aswMBR.txt GMER Log after backdoor.bot quarantined.txt
  10. Thanks, Ron. The fix worked. Ellen
  11. New version broken on my XP(3) system too. No time to troubleshoot for malwarebytes. Please post a link to prior version. Thanks.
  12. I'm trying to solve an intermittent "Failed to perform desired action error code: 0" error and one suggestion was to install Visual Basic runtime. I have version 7 and wondered what version the current version of Malwarebytes (,which I am using, is written in. (I have a feeling the error will stop appearing when I defrag and close some tabs in my browser, but I like to cover all bases. And if it doesn't, I'll reinstall.) Thanks. Ellen
  13. Is there any way to protect my computer in the short interval before malwarebytes and my firewall load? A Chinese IP has been scanning my system and the first scan today was seconds after malwarebytes stopped it. I suppose the simplest solution is to unplug my cable modem when I log off and plug it in after the security software loads. But I'd rather find something that's automatic. Ellen
  14. Hi Yardbird and Noknojon, Thanks for your help. I had the latest update and my firewall has been set to exclude all malwarebytes programs for two years. For some reason, the problem stopped happening after a few reboots and scanning a third time, this time with spybot search and destroy. All three scans turned up nothing. I think that the problem may have had something to do with some changes I made to my computer yesterday, but I have no idea why. The first change was trying to disable googleupdate.exe from running on startup. I changed settings in scheduled tasks. I also installed and uninstalled a utility called ProcessTamer (I thought it would help stop googleupdate). And I installed a firefox addon called EmailTheWeb. Of these I think it possible that processTamer may have been at fault, but I don't know. Ellen
  15. When I booted up today Sygate Firewall gave me this message: Application has changed since the last time you opened it, process id: 1956 Filename: C:\Program Files\Malwarebytes\mbamservice.exe Do you want to allow it to access the network? I'm running version 1.46 and updated to that version back in the spring. I scanned the malwarebytes folder in c:/program files with avast and superantispyware, both didn't find anything. I updated malwarebytes a few times yesterday, but this hasn't triggered a warning from sygate in the past. Any advice about tracking down this reported change will be appreciated. Thanks. Ellen