• Content count

  • Joined

  • Last visited

About exile360

  • Rank

Contact Methods

  • Website URL

Recent Profile Visitors

105,370 profile views
  1. In all likelihood that's probably what it is (a new product except for the name). I realize that some of the more technically inclined folks may have a low opinion of McAfee, but it is one of the "big two" in the AV space (along with Norton/Symantec) and is practically a household name, so I'm guessing that Intel intends to keep the McAfee branding on their AV/security products/tools for the sake of marketing. They've also got a lightweight little portable HIPS app that I've been testing for a while now. I can't say much about it positive or negative as it hasn't really done much, though it did FP on an installer thanks to its heuristics (classified as "Artemis", which if you check their website, is the name/classification given to objects detected via their heuristics).
  2. Greetings Anne If you believe that your issue is not related to an infection and you've already scanned with your antivirus as well as Malwarebytes and both report that your PC is clean then please follow the instructions in this post if you've not done so already to see if that helps any. If the issues persist then please do the following and we can try to help you tune up your machine and get it running like new again. To start off we'll need a few log files that will show us what's going on with the machine, including what programs and background processes and services launch each time you start up your machine. Hopefully, if there is any malware (i.e. infections) present on the machine, we'll be able to identify it and will then send you along to the malware removal area as recommended by David H. Lipman above so that you may work one-on-one with a malware removal expert to remove any threats from the PC, then we'll proceed to tune up the machine to make it run fast again, assuming any performance issues remain once any hypothetical malware infections have been removed. List Services: Please copy and paste the following text exactly as written into notepad (not wordpad or any other text editor): @echo off md "%userprofile%\desktop\Startup Logs" net start>"%userprofile%\desktop\Startup Logs\Services.txt" sc query type= service state= all>>"%userprofile%\desktop\Startup Logs\Services.txt" del /f /q %0 Once you've done that click on File and select Save As... In the Save dialogue box click on the drop down menu next to Save as type and select All Files Name the file ServInfo.bat(the .bat extension is very important) Save the file to your desktop and double click it to run it. Once the scan completes you should have a new folder located on your desktop called Startup Logs, please leave this new folder where it is for now and proceed with the instructions below to use Autoruns. Create an Autoruns Log: Please download Sysinternals Autoruns from here and save it to your desktop. Note: If using Windows Vista, Windows 7, Windows 8/8.1 or Windows 10 then you also need to do the following: Right-click on Autoruns.exe and select Properties Click on the Compatibility tab Under Privilege Level check the box next to Run this program as an administrator Click on Apply then click OK Double-click Autoruns.exe to run it and click Yes or OK if prompted by User Account Control. Once it starts, please press the Esc key on your keyboard. Now that scanning is stopped, click on the Options button at the top of the program and verify that the following are checked, if they are unchecked, check them: Hide empty locations Hide Windows entries Click on the Options button at the top of the program and select Scan Options... then in the Autoruns Scan Options dialog enable/check the following two options: Verify code signatures Check VirusTotal.com Once that's done click the Rescan button at the bottom of the Autoruns Scan Options dialog and this will start the scan again, this time let it finish. When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the file inside the Startup Logs folder on your desktop and close Autoruns. Right click on the Startup Logs folder on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder Attach the ZIP folder you just created to your next reply Once that's done you may delete the Startup Logs folder from your desktop if you wish.
  3. Thank you all for the wonderful comments. We're always happy to hear that our software has helped to free others of malware !
  4. PUP

    No, PUPs generally don't present any real threat and are typically just potentially annoying more than anything else. As long as your scans are coming up clean you should be just fine
  5. In addition to blocking malware, we also block scams (phishing etc.) as well as certain types of websites which host content which presents a risk/potential risk to the user, including some which may or may not be illegal. I suspect (though I do not know for certain as I do not work for the Research team) that the latter is the case here; basically that the content of the page might be illegitimate/illegal (though again, I'm not certain on this point) and/or the site might present a risk/potential risk to the user. I know that we do in fact block many fake pharma websites and it is possible that this one is blocked for similar reasons, though again, I do not know for certain.
  6. If I'm reading this correctly, your example describes a capability that the software doesn't have; i.e. adding custom IPs/domains to the block list. Certainly, if we had such a capability in the software (which in itself is a nifty idea and one we've long been considering to possibly add one day), then I definitely think having a comments section would be useful. As for having a comments section for exclusions, I don't see it as being quite as useful personally, but there's certainly nothing wrong with the suggestion either.
  7. We do generally try to block these when we find them via our Malicious Website Protection feature, however tons of new ones show up every day as this has become an extremely prevalent means of scamming people. If you find such a website and can make a note of the address, it would be most helpful if you reported it in our Newest IP or URL Threats section of the forums located here so that our Research team might add it to our block list. As for dealing with one of these pop-ups when they show up, the best method I've found is to open Task Manager by pressing CTRL+Shift+Esc on your keyboard or right-clicking on the taskbar at the bottom of your screen and selecting Start Task Manager and then locating your web browser's process in the list of running processes then right-clicking on it and choosing End Process. Click Yes when Task Manager asks for confirmation and the browser should close, ridding you of the annoying persistent pop-up/message/audio from the webpage. Just note that it will also most likely close any other pages/tabs you had open.
  8. Yes, as daledoc1 stated above, Malwarebytes Anti-Malware Premium/Trial users can selectively disable one or all protection components should that be necessary in order to perform any of the tasks you describe. All a user needs to do is right-click on the Malwarebytes Anti-Malware tray icon located in the notification area near the system clock on the taskbar and click on the protection component they wish to disable as shown in the below image: Once either or both protection components have been disabled, a notification will be displayed above the tray that looks something like this and MBAM's tray icon will have a red ! next to it: Once the user is done with whatever tasks they needed to perform with protection disabled they may click on the Fix Now button within the notification to turn all protection components on again or, if the user dismissed the notification via the X in the upper right side of the notification, they may right-click on the tray once more and click on each protection component to check/enable it again. The same tasks may also be performed using the settings located in Malwarebytes Anti-Malware's main UI under Settings->Detection and Protection.
  9. Chameleon actually already does this as part of its routine prior to scanning the system for malware. It checks all running processes and terminates any it identifies as malicious. The actual MBAM scan handles detecting and removing the actual files along with their loading points which might exist in one or more of the system's startup locations. The issue with the infection you link to above is that until the user terminates that process which is displaying that message box/warning screen, the user can't get to Malwarebytes Anti-Malware to run it so adding anything to MBAM to allow it to kill processes wouldn't do any good in cases like this because you'd still need to bring up Task Manager to kill the malicious process/block screen in order to access Malwarebytes Anti-Malware and get it running. Of course for Premium users with protection enabled, MBAM should block the threat from installing/launching into memory in the first place so those users wouldn't need any special procedure or instructions to deal with the threat as MBAM would take care of it on its own, removing the file(s) from the system and placing them in quarantine.
  10. Is this not at least partially moot now that individual domains/URLs can be excluded (as well as blocked as of 2.0), not just IP addresses? If possible, I'd highly recommend only excluding domains rather than IPs anyway, since the safe site you wish to exclude might share an IP address with some nastier malicious content (usually the case if you find we're blocking an IP where a domain lives that you know for a fact to be safe). If we're blocking something on an IP level rather than a domain level it's likely because there are many malicious pages hosted on that IP. It's sort of like a heuristics def where we use one big block to stop a whole bunch of malicious content.
  11. Moved to the False Positives section so our Research team can get this corrected.
  12. I suspect this is the reason it's failing to exclude the connections. Please try excluding the actual path where the EXE resides as indicated in the block notifications (the D:\Util\... path). That should hopefully resolve it, but if not, then please proceed with the instructions provided by AdvancedSetup above.
  13. Over at Wilders Security Forums they have an unofficial support thread for Shadow Defender here. Also, they have quite a bit of info on such tools in general in the section of the forums where that thread is found. Wilders is a great resource for doing research on a lot of the security software and tools out there as they have a vast and varied community of users all sharing their experiences with a very wide variety of software and tools.
  14. You're welcome. Apologies, when I split the topic I didn't realize it would cause the forum software not to transfer the follow topic setting. In my opinion that's a bug so I'll check with our forum software provider to see if we can change/fix that. I'm glad that it helped. Hopefully it resolves it as well as the other issues once and for all for you. Please keep us updated on how things go and of course let us know if you need any further assistance with this or any other issues. Thanks
  15. If the search provider you're attempting to use is actually "start-search.com", which is a known PUP (Potentially Unwanted Program) according to some due to being used for displaying advertisements and sponsored search results (rather than listing standard results ranked based on relevance to your search terms/keywords), then it is possible that your antivirus, anti-malware or anti-spyware software is removing it from your browser and resetting your search settings to use Google instead. If this is the case and you actually wish to continue using start-search (which I personally do not recommend, though it is of course your choice), then you will need to determine which program is detecting/blocking/removing it and add it to that program's exclusions or ignore list.