Firewall

Post all off topic / off the wall content here!
gopostal
Posts: 1396
Joined: Tue Nov 18, 2008 9:32 am

Re: Firewall

Post by gopostal » Sat Sep 05, 2009 10:56 pm

I was just funning you David. Nothing makes you care as much as when it affects you directly. Dontcha love that Malware proggy?

User avatar
Hermskii
Site Admin
Posts: 8689
Joined: Sun Jul 10, 2005 9:56 pm

Re: Firewall

Post by Hermskii » Sun Sep 06, 2009 6:02 pm

Yeah, I did not say this just 4 posts before David's success story:


When it comes to malware and spyware and all of that, I again stick to my AVG but when I see something has got past it and is doing stuff I use the latest greatest Malwarebytes which I install and update then run a FULL test with.
~Peace~

Hermskii

User avatar
David
Posts: 1603
Joined: Sat Oct 18, 2008 11:06 am

Re: Firewall

Post by David » Sun Sep 06, 2009 9:34 pm

Hermskii wrote:Yeah, I did not say this just 4 posts before David's success story:


When it comes to malware and spyware and all of that, I again stick to my AVG but when I see something has got past it and is doing stuff I use the latest greatest Malwarebytes which I install and update then run a FULL test with.
I wanted to say, I tried to run a full scan with Malwarebytes on my wife's Aunt's computer but towards the last 1/4 of the scan the computer will restart. I believe that was a self preservation method of the malware. I tried the full scan three times with the same result. So I had to do a quick scan, which did alert to the malware and then cleaned it up. It did not restart after the quick scan. Tricky little malware.
Are you going to pull those pistols or whistle Dixie?
Image

User avatar
Killer Klownz
Posts: 441
Joined: Tue Oct 21, 2008 8:00 am

Re: Firewall

Post by Killer Klownz » Sun Sep 06, 2009 10:42 pm

Beware the false positive . . . . . . Beware the false positive . . . .
Evil is obvious only in retrospect.

gopostal
Posts: 1396
Joined: Tue Nov 18, 2008 9:32 am

Re: Firewall

Post by gopostal » Mon Sep 07, 2009 10:10 am

Rename your executable from mbam.exe to mbam2.exe inside your:
C:\Program Files\Malwarebytes' Anti-Malware\

then update your desktop shortcut if you have one. The reason for this is that some really advanced spyware will disable the registry entry to mbam, rendering the program unable to run or shutting it down midstream. Changing the name alters the registry entry enough that the spyware cant find it. You also might need to do this with combofix.exe and change it to combofix7.exe or something, you get the idea.

User avatar
Hermskii
Site Admin
Posts: 8689
Joined: Sun Jul 10, 2005 9:56 pm

Re: Firewall

Post by Hermskii » Mon Sep 07, 2009 11:30 am

Smart! While I had considered sometrhimg like that before I had never fully completed putting thought into action or words. I have seen where these naughty programs are smart enough to try to prevent you from installing things that can make them go away.
~Peace~

Hermskii

User avatar
David
Posts: 1603
Joined: Sat Oct 18, 2008 11:06 am

Re: Firewall

Post by David » Mon Sep 07, 2009 2:28 pm

Well, what I did was to run the "quick scan" and it was able to remove the malware "safety center". Afterwords I ran CCleaner for registry errors and CCleaner removed the registries connected to the safety center. Her computer is up and running without the malware. It does not shut down now when trying to scan for viruses.
Are you going to pull those pistols or whistle Dixie?
Image

Post Reply