skilz853

Just one word to say about this joke... LMAO!!

I've discovered a couple bugs someone may want to take a look at. I did eventually get brave and installed 2.0.1.1400 to my D:\ drive and allowed it to install to the default folder except changing the drive to D:\ and all went very smooth. The license was carried over to the new install. Very happy about that I initially ran a couple scans with "Scan for Rootkit" ticked and it found 7 .sys files identified as rootkits that were in the C:\Windows\system32\drivers folder and most were Windows 7 files that I thought were false positives, so I selected to set exclusions for them. I have since turned off the "Scan for Rootkits" but on numerous occasions I've checked in Settings>Malware Exclusions and have discovered triplicates of all exclusions. I scrolled down to the beginning of the seconds set shown and clicked on it and clicked "Remove" and it and all of the second and third set of these exclusions are removed, but when I return later they're back and I repeat the step to remove the repeated files. The second bug I've noticed is on the Dashboard where it shows when the next scan is due and it will show a date and time that's already past. If I go to Settings>Automated Scheduling and edit the scheduled scan to be the next day it will eventually correct itself on the Dashboard. I'm not overly concerned about either of these issues, altho I'm sure y'all will agree this shouldn't be happening and I thought some of you may what to focus on your install and see if these "bugs" are happening on your machines and if so those who have the ability to alert the devs may want to let the know of these so they may be corrected as there working on the release Marcin mentioned would be released in 2 to 3 weeks unless their plates already full with intended fixes for that release. As always, in support of MBAM, skilz853

rednoise, Not sure this will work with the scan log in MBAM, but when I encountered this with another app using the Tab key would move to the lower section of the window and show the buttons located there. Hope it works for you with MBAM, Skilz853

BallyIrish, That is really welcomed news, as that was my reason for thinking the default path should have been maintained. Skilz853

Don't you think that was kinda stupid? Shouldn't the default path have been maintained for simplified over-the-top update to 2.0?

John, Do you know if your mother's 1.75 install was at Malwarebytes' and 2.0 went to Malwarebytes without the ' ? Skiz853

Just to update you guys, I've decided to wait until the scan issues are sorted with rootkit scans and such. Also my license is from TrialPay and am concerned with it working from scratch again, as I've always updated from inside MBAM, so I may wait until in-program update comes out, so I won't have to deal with the folder being Malwarebytes with an apostrophe or without. I'll update this when I eventually update MBAM, Skilz853

Hey John, Thanks for the quick reply. I will follow your suggestions and get back if I have issues. Skilz853

Hey Folks, I need some help. I currently have Malwarebytes Pro installed at D:\Program Files (x86)\Malwarebytes' Anti-Malware\ (notice the ' at the end of Malwarebytes) I just attempted to install 2.0 Premium and it offers to install to C:\ drive with the same folder except there's no ' at the end of Malwarebytes. After reading the posts in the Introduction post about 2.0 Premium it seemed others were installing over their existing install of 1.75.0.1300 and it carried over their license when they did. So my questions are, should I uninstall my current install and install 2.0 Premium in the default location (I know I can put it on D:\ drive if I choose to) and re-enter my license info, or can I install to the current folder and have the license carried over? Thanks in advance for any help, Skilz853

I opened MBAM and checked for update and went to v2013.3.17.05. Removed all references to GPTT.dll from the Ignore List ran a scan and nothing was detected. Seems all is well again. Thanks for your help, skilz853

Thanks Bruce I have them in my ignore list atm, but will remove them a do another scan and see if they're detected again. I'll let you know the results. MBAM is at v2013.3.6.12 currently. Not sure if the update came b4 or after your post but will give it a go now and see what results I get. Again, Thanks, skilz853

For some reason I was not able to get to the "Attach Files" section using FireFox. I'm now using Chrome and the box is available, so here's the zip of the GPTT.dll as requested. Finally, eh GPTT.zip

<p>Thanks daledoc1, I saw that pinned post but got involved in starting my thread and never read it, duh... :s</p> <p>Here's the details asked for in that pinned post:</p> <p> </p> <p>Quick Scan Results:</p> <p> </p> <p>Malwarebytes Anti-Malware (PRO) 1.70.0.1100<br /> www.malwarebytes.org<br /> <br /> Database version: v2013.03.16.12<br /> <br /> Windows 7 Service Pack 1 x64 NTFS<br /> Internet Explorer 9.0.8112.16421<br /> Harry :: I7-2600K-MAXPC [limited]<br /> <br /> Protection: Disabled<br /> <br /> 3/16/2013 8:53:07 PM<br /> MBAM-log-2013-03-16 (20-54-06).txt<br /> <br /> Scan type: Quick scan<br /> Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P<br /> Scan options disabled:<br /> Objects scanned: 266719<br /> Time elapsed: 45 second(s)<br /> <br /> Memory Processes Detected: 0<br /> (No malicious items detected)<br /> <br /> Memory Modules Detected: 1<br /> C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll (Trojan.FakeAlert) -> No action taken. [4b711ea3f77493a3e43665d691705ea2]<br /> <br /> Registry Keys Detected: 0<br /> (No malicious items detected)<br /> <br /> Registry Values Detected: 1<br /> HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\GIGABYTE\ET6\GPTT.DLL (Trojan.FakeAlert) -> Data: 1 -> No action taken. [4b711ea3f77493a3e43665d691705ea2]<br /> <br /> Registry Data Items Detected: 0<br /> (No malicious items detected)<br /> <br /> Folders Detected: 0<br /> (No malicious items detected)<br /> <br /> Files Detected: 1<br /> C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll (Trojan.FakeAlert) -> No action taken. [4b711ea3f77493a3e43665d691705ea2]<br /> <br /> (end)<br /> </p> Well there's the log generated running mbam.exe /developer, but I can not find where/how to attach the zip of the GPTT.dll file. Need some help. skilz853

Hello MBAM, I have a self-built PC with a Gigabyte mobo. Once I had the PC up and running I installed several apps off the driver CD that came with it, Easy Tune 6 being one of them. I've been using MBAM ever since I built the PC and only early this am when the database was at v2013.3.16.5 when the scheduled quick scan ran it found 3 items, all of which were about GPTT.dll which is in the Program Files (x86)\Gigabyte\ET6 folder. I scanned this at Virus Total and Malwarebytes is only scanner that flagged it. I believe this is a false positive, and wonder if someone can check into it and remove it from a future database update. I updated to v2013.3.16.11 and the .dll is still flagged. I've been using MBAM PRO and recommending it to others for years and appreciate the effort you guys and gals put forth to protect and cleanup our PC's Thanks, skilz853

Glad to see someone got rid of all that nonsense someone posted. Not only does Malwarebytes clean computers, but it also cleans forums. Ya'll are the best at both!

exile360, Thanks for your reply. I was hoping I did the right thing re-installing MBAM after TM installed. If things had not gone smoothly, I would have done away with TM, and kept MBAM. It's the best there is at what it does. I'll look around some more in F-Secure for the place to add exclusions, if there is one. If I find it, I'll will reply back to this thread to let's you know where it is. Thanks again, skilz853

Hey Malwarebytes I just installed F-Secure provided by my ISP and it uninstalled MBAM without warning. I also have Trend Micro Titanium + 2012 installed on another pc that at least let me know that MBAM needed to be uninstalled before it's installation could continue. I later reinstalled MBAM after Trend Micro finished installing, and setup exclusions for both, and it appears to be running fine. Can you tell me if MBAM is compatible with these two AV apps, and if so, how do I setup exclusions for F-Secure. Don't know if this matters, but my F-Secure is a version porvided by my ISP, Charter. Thanks for any help, skilz853

sorry for this misunderstanding it was my fault that i didn't fully describe the situation No worries, Tito just trying to make sure I hadn't missed sumptin

Is SP2 out for Windows 7? I thought SP1 was the only one out.

Thank you guys for the info. It's just what I was looking for. The guide is right on topic. skilz853

I just installed Avira AntiVir Personal, the free version. I looked in the FAQ to see if the was a guide to set exceptions for Avira and Malwarebytes and didn't see one. Just checking to be sure that there isn't one, or has a new guide been created and not posted yet. Was going to try Trend Micro Titanium +, but it insisted that Mbam be uninstalled and I'm not gonna do that, so so long Trend Micro. Please let me know if there's anything I need t do so these two antivirus/malware apps can co-exist. Thanks, skilz853

OK let us know what happens now that you switched over to MSE (I assume you removed Avast right?). Yep I uninstalled Avast with aswclear.exe in safemode. I believe all is well.

Thanks for that, I've upgraded to MSE since that log was created. So if you don't think those blocks are from malicious sites, I'll wait and see if I get anymore. I was concerned cause I saw someone say on here, either outgoing or incoming blocks were worst that the other. just not sure which one is. Later, skilz853 Looking for you on computer hope's chat anytime now.

Hello, the best anti-virus support forum on the web! I just noticed that mbam blocked a couple outgoing ip addresses. I thing I saw somewhere on here that blocked outgoing is a bad thing. Is this correct? Here's the ip's that were blocked: 15:03:28 Harry IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 64079, Process: avastsvc.exe) 15:03:28 Harry IP-BLOCK 208.87.149.250 (Type: outgoing, Port: 64062, Process: avastsvc.exe) According to http://whatismyipaddress.com/ip/208.87.149.250 this ip is in State/Region: California City: El Segundo Please let me know if I should b concerned. Thanks, skilz853

Yep, I was offering self-help. What would I need to do, to become a Trusted Adviser like you? sklz853