Jump to content

keyes528

Honorary Members
  • Posts

    27
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Well currently my ip is dynamic, and it says the special reason is for being dynamic. On apews it says I must use a configured static ip, so is that the reason for the blacklist?
  2. Well I've been posting on forums for years withput issue. Im a home user, so cqn I confirm this wont have any effect? This isn't malicious? I heard if your ip gets blacklisted it could mean your ip was used as part of a bot net. Also, it says the ip was blacklisted in 2007, long before I was part of the ISP im with now.
  3. Im sorry if this is the wrong place. Im just looking for a qquick answer. I found out about the website whatismyipaddress by a mod I believe on these forums. When I entered my own home ip address, and did the ip blacklist check, l2.apews said my ip was blacklisted. When I checked the website it said this was the special reasons: Dynamic IP, generic DNS, missing rDNS/PTR not permitted for direct email connection. You must use correctly configured [with registered working abuse contact] static IP / ISP mail servers / smarthost service Does this mean ip was used for something like a spam/botnet? Out of the 80 blacklist checkers that was the only one that blacklisted it. I noticed the base ip was blacklisted aswell (e.g xx.xx.0.0) Is this bad or what?
  4. And I think I found a bug relating to the registry keys, who should I report it to?
  5. I posted the exact files above. 2 .sys files. I have removed both mbar and malwarebytes so can I just remove those files?
  6. I have deleted the folder, im wondering what was the reason that it wouldn't the first time? I had to reboot. I dont mind using regedit to remove the entries. Is it safe to remove the 2 system 32 entries manually?
  7. So I want to do a complete uninstall of malwarebytes and malwarebytes anti rookit. I have uninstalled malwarebytes fine, however 2 files remain. Mbamswissarmy.sys (system32/drivers folder) Mbamchameleon.sys (system32/drivers folder) Can I delete these and delete any malwarebytes registry keys? Now with malwarebytes anti rootkit when I tried deleting the foldermit said folder access denied. I had placed the mbar folder in this directory. C:/users/(myusername)/desktop/sysinternals/ Sysinternals as I had some sysinternal programs e.g process explorer. I restarted and I was able to delete it. Why wasnt I able to delete it? Was that behaviour normal? I had just run a scan with it. So can I get help with my two questions? Thanks.
  8. Its all fine now, you see steam uses a cloud system for some settings, config and save files, and I was able to remove with a bit of tricky editing of a .vdf file the server history. Im 99.9% sure theres no infections involved as this ip block happened on another system.(the server history file was downloaded onto the other systems since its saved on the cloud.) Instead of deleting I was able to edit the history file, and enable cloud, and then the blank file is on the cloud instead of the old one with the all the history). When I reinstalled steam on my system, it wasnt the the 27kb history file that downloaded but the new 0kb file, and now the warnings have stopped.
  9. So some background information, ive been using MSE for aslong as ive had this system. Never had a malware/virus problem, I am always concerned about security, so im always careful. I get my games from steam, a reputable and very popular drm platform. I usually installed mbam in the past for the occasional manual scan but after id remove it. In the last week, ive kept it installed. Ive never attempted to play games when mbam has been installed in the past. So, firstly, malwarebytes detected a malicious outbound connection with the game mount and blade, it was a f/p and was resolved by the mbam team. Next, for those not familiar with steam, its developed by Valve. Valve publishes their own games on steam. There is a built in multiplayer game server browser accesible from the steam client. It lists game servers from at least 20 games, not just Valves. Valves own games use the same server browser within their games. So we have 3 different executables related with the server browser. 1. Steam itsself 2 the games 3 the steam game overlay (it seems to be related with the game process It appears to me, that when you start either the game, or steam, it will ping/refresh the last opened server browser tab. Remember both the game and client use the same browser system. Internet Favourites History Lan Friends Spectate In the history tab, there were servers I played years/months ago. When I accessed this tab, mbam gave warnings, of outbound ip connections. If I quit the game it would give warnings straight away, since the it seems to ping the last opened server browser tab. Same for when starting steam. So if I switched it show lan it stopped. The games I have which use this browser aswell as steam were Garrys mod Counter strike source When I deleted the server history by right clicking and selecting the list, it had stopped altogether. I did this with all the related games. There were 5 ips, and were confirmed malicious. Now here come my questions. 1. Do these blocks indicate any malware on my PC? I wouldn't think so my self since ive seen others with this issue:https://forums.malwarebytes.org/index.php?/topic/143679-multiple-issues/ 2. I understand the game servers themselves may not be malicious, however other domains on that address may be. If I didnt have mbam installed and pinged/refreshed these servers, would I be open to infection? Or as people ive asked said it qould require you to connect with the ip in a traditional method e.g a browser google chrome? Rather than a video game client?
  10. So malware on my system didnt cause those IPs to show up?*(like I dont have malware that caused it?)
  11. So malware didnt cause those IPs to show up? And what wpuld happen if I didnt have malwarebytes turned on? Would I have gotten hit by Malware if I didnt have ot on? It wasnt just steam.exe but some games that shared the same browser, and the steam overlay (why would the overlay be involved if you would know?)
  12. I updated to the latest patch of mbam and cleared the server history. Is there anyway my pc got infected by pinging bad servers? And can MysteryFCM explain what was the reason to block those IPs? When I looked up those ips they seemed to be normal game servers.
  13. So what does this mean?I deleted the server history and it has now stopped, e.g it has stopped pinging? And the ip 185.24.234.66? Does this mean im infected or steam was just pinging a bad server?
  14. Sorry for bothering, but is there an eta when the IPs will be finished being checked?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.