Firewall
-
gopostal
- Posts: 1396
- Joined: Tue Nov 18, 2008 9:32 am
Re: Firewall
I was just funning you David. Nothing makes you care as much as when it affects you directly. Dontcha love that Malware proggy?
-
Hermskii
- Site Admin
- Posts: 8689
- Joined: Sun Jul 10, 2005 9:56 pm
Re: Firewall
Yeah, I did not say this just 4 posts before David's success story:
When it comes to malware and spyware and all of that, I again stick to my AVG but when I see something has got past it and is doing stuff I use the latest greatest Malwarebytes which I install and update then run a FULL test with.
When it comes to malware and spyware and all of that, I again stick to my AVG but when I see something has got past it and is doing stuff I use the latest greatest Malwarebytes which I install and update then run a FULL test with.
~Peace~
Hermskii
Hermskii
-
David
- Posts: 1603
- Joined: Sat Oct 18, 2008 11:06 am
Re: Firewall
I wanted to say, I tried to run a full scan with Malwarebytes on my wife's Aunt's computer but towards the last 1/4 of the scan the computer will restart. I believe that was a self preservation method of the malware. I tried the full scan three times with the same result. So I had to do a quick scan, which did alert to the malware and then cleaned it up. It did not restart after the quick scan. Tricky little malware.Hermskii wrote:Yeah, I did not say this just 4 posts before David's success story:
When it comes to malware and spyware and all of that, I again stick to my AVG but when I see something has got past it and is doing stuff I use the latest greatest Malwarebytes which I install and update then run a FULL test with.
Are you going to pull those pistols or whistle Dixie?
-
Killer Klownz
- Posts: 441
- Joined: Tue Oct 21, 2008 8:00 am
Re: Firewall
Beware the false positive . . . . . . Beware the false positive . . . .
Evil is obvious only in retrospect.
-
gopostal
- Posts: 1396
- Joined: Tue Nov 18, 2008 9:32 am
Re: Firewall
Rename your executable from mbam.exe to mbam2.exe inside your:
C:\Program Files\Malwarebytes' Anti-Malware\
then update your desktop shortcut if you have one. The reason for this is that some really advanced spyware will disable the registry entry to mbam, rendering the program unable to run or shutting it down midstream. Changing the name alters the registry entry enough that the spyware cant find it. You also might need to do this with combofix.exe and change it to combofix7.exe or something, you get the idea.
C:\Program Files\Malwarebytes' Anti-Malware\
then update your desktop shortcut if you have one. The reason for this is that some really advanced spyware will disable the registry entry to mbam, rendering the program unable to run or shutting it down midstream. Changing the name alters the registry entry enough that the spyware cant find it. You also might need to do this with combofix.exe and change it to combofix7.exe or something, you get the idea.
-
Hermskii
- Site Admin
- Posts: 8689
- Joined: Sun Jul 10, 2005 9:56 pm
Re: Firewall
Smart! While I had considered sometrhimg like that before I had never fully completed putting thought into action or words. I have seen where these naughty programs are smart enough to try to prevent you from installing things that can make them go away.
~Peace~
Hermskii
Hermskii
-
David
- Posts: 1603
- Joined: Sat Oct 18, 2008 11:06 am
Re: Firewall
Well, what I did was to run the "quick scan" and it was able to remove the malware "safety center". Afterwords I ran CCleaner for registry errors and CCleaner removed the registries connected to the safety center. Her computer is up and running without the malware. It does not shut down now when trying to scan for viruses.
Are you going to pull those pistols or whistle Dixie?