• Content count

  • Joined

  • Last visited

About remargable

  • Rank
    New Member
  • Birthday 12/27/1961

Contact Methods

  • AIM
  • ICQ
  • Yahoo

Profile Information

  • Location
    New Paltz, NY
  • Interests
    Computers, glass collecting
  1. MBAM just quarantined on two of our computers C:\Program Files\SUPERAntispyware.exe I've posted here because others also feel it is a false positive. This comes on the heels of an actual malware removal process here, so it's upsetting at best. Log attached. I am not comfortable restoring a file from the quarantine to send it unless it is requested by staff here. Thanks! MBAM detection_SUPERAntispyware.txt
  2. Maurice~ I'm so very grateful for the time you've invested in helping me. As there was great concern about infection transmission and its impact on other computers here, I decided this morning to purchase a business license for AMP5 and submit a business support ticket. David P. has responded and I have sent him the fixlist.txt file you've provided. A lesson was learned by our firm... and our consultant is reviewing the business product offerings with a sales rep at this time. Best regards do you and to all the Moderators, Deities, etc. who are so willing to help out others like myself for nothing in return. I truly appreciate it. ~Margaret
  3. I needed to move the laptop so not knowing if was would be more dangerous to force close Combofix rather than to let it run, I let it run and the log is attached. I also sent a PM... am anxiously awaiting your response. Thanks again. ~Margaret ComboFix.txt
  4. Maurice, I rightclicked and selected disable on the SEP tray icon, but Combofix still detects the computer as running a real time antivirus/antimalware scanner. I tried to stop Combofix so I could simply uninstall SEP altogether, but when I clicked the close button on the Combofix dialog it didn't stop, it instead moved on and now is warning that "antivirus/antimalware is still active but Combofix shall continue to run, Kindly note that this at your own risk." What's my next step? Thanks!
  5. FRST scan and MBAM scan logs attached. Fixlog.txt mbam_2014-1019_1346.txt
  6. A dialog box told me the computer should be rebooted, so I did so. fixlog.txt attached. I will run mbam next and attach the scan log file to my next reply.
  7. Got it, am following instructions now and will post back asap.
  8. And the AMP5 process being blocked was c:\windows\system64wow\dllhost.exe
  9. Maurice, Neither computer generated an additions.txt file, just the FRST ones. AMP5_frst.txt and MHM4_frst.txt are attached. Should I run FRST again on each machine? I also have scan logs from other removal programs available for MHM4 if you would like to see them and hijackthis.logs for both. The other thing I did not mention was the AMP5 computer block dialog indicated it was trying to go to MHM4_FRST.txt AMP5_FRST.txt
  10. Thank you Maurice. I am not were the computers are right now so will post the FRST logs in about 1.5 hours.
  11. Two machines here had mbytes block access to this morning. One, a laptop, (MHM5) had access blocked only once. Scans by mbytes (w/rootkit option) as well as RogueKiller, AdwCleaner, MSRT and ComboFix (scan only, no fix) found no infections (logs available). The other, a desktop (AMP) has been trying to connect to that IP address every few seconds all day (internet access was removed as soon as it became apparent that there was more than just a simple block occurring), I've repeatedly tried to copy/paste or cut/paste the results of the FRST scan of that desktop here without success so have attached the file instead. Thanks! ~Margaret
  12. Is there a page on your website that outlines the EULA for the registered version? Specifically I would like to know if the the same license key can be used on both my desktop and laptop (or whether requires a unique license). Thanks!