lordpake

When I try to update databases for software called AVZ Antiviral Toolkit, from z-oleg.com, the IP Protection blocks access and prevents the db update. This is a Kaspersky Labs product. 89.108.66.156 / www(dot)z-oleg(dot)com

At the present time, you have no other option but to disable the IP Protection. You should be fine with regular protection module, as that'd still stop known malware. I am in similar situation myself, I myself ended up turning off protection module altogether, as the IP Protection is back after every boot. And boy does it interfere with my IRC(/P2P) use.

Your english is just fine

Not entirely sure of this but I recall reading here somewhere that normal mode is the preferred way for scanning, as not everything is loaded under safe mode. This would include some part(s) of MBAM too. So this is not a new issue, but something of design issue If you can only boot to safe mode, then I think you need to scan first there, and then in normal mode once that's possible (someone correct me if I'm wrong).

Not exactly AFAIK. MBAM targets malware ranges, not anti-P2P-companies.

Perhaps it's associated with the blogfrog domain somehow? When I access your site, and enable the blogfrog scripts in noscript Firefox add-on, I get that warning from MBAM.

Basically, MBAM is intended to complement antivirus software. What exactly they cover nowadays, perhaps some staff member will tell Last time I heard of it, it was malware not that well detected by AV software. This would cover adware/spyware and so on.

f/p or not? I have to say this being the final straw that leads me to disable the prot module altogether. That site is not in anyway malicious ...

See the topic I can confirm the issue by pinging irc.wyldryde.org

Right-click in the tray iocn, and deselect the IP Protection. In my system, it took few seconds for it to turn off

Sadly this option is not an option to any real P2P user, who keeps the client running, for whatever reason, sharing whatever content. Which I'm afraid renders part of MBAM useless.

I posted a reply to that user, if he could for example provide screenshots from these events.

Regardless of any malware association, they can not seriously present a threat to uTorrent user. The user is after all downloading exactly what he/she intended (or so I hope), and the chances of uTorrent as a network client being used as a conduit for exploits is as far as I know non-existent. I certainly hope the IP Protection feature is smart enough to distinguish connections from browsers and other clients. I certainly would be annoyet by this feature, as I tend to use P2P, and for example eMule with KAD (DHT) tend sto connect to wide range of IP addresses. It'd be silly to see warning for each connection to a client that resides in malware range as it presents no threat ...

A user in Finnish forum posted question regarding adjusting the IP Protection, which according to that poster sometimes interferes with legit sites. Don't ask for details here:) Is it possible for that to user exclude sites, or somehow adjust that protection?

Hi, restore the file from Quarantine, then do a scan following these instructions and post the results to the False positives subforum for faster processing HTH

It's a known quirk of later Kaspersky products which incorporate behavioural detection. Upgrading/installing MBAM version gives "generic behaves like a trojan" warning. Which in itself is correct when you think about it

WD does offer some useful system monitoring capabilities, especially if you join SpyNet as contributing member (can't remember the name of the user level). This has the effect of turning WD to lightweight HIPS. Besides that it does offer background protection, something very few free antispyware offer. Besides that, its load on modern system should be negligible.

Just wait patiently, I'm sure someone will be around soon to help you out You shouldn't try fixes directed to other users.

AV software typically have a SYSTEM service running that does all the work. This ensures they also function under limited user account.

Sounds like OP is having Kaspersky software doing stuff automatically. This is always a big no-no, be it whatever AV. Deselect the 'Select action automatically' in Kaspersky settings. This allows you to tell what to do with detected threats. Edit: Kaspersky forum is not the place to report issues like these. Mostly the folks there are volunteers, not Kaspersky reps. Issues like this should be reported to their support. While the forum volunteers do indeed do wonderful work solving your usual issues, they can't change detections, or how the program performs its behavioural analysis.

I am not a company rep but I think I can answer. People behind MBAM focus on the malware not yet detected by majority of AV companies. They don't add threats already well-known. Besides that, Bruce and others seem to be able to put together some nice heuristics that identify newer variants of known threats In effect, MBAM is intended to complement your existing security software (AV), not to replace it.

MBAM is a supplement to, not a replacement for, AV. Of course it will miss possible generic widespread malware already identified by AV software.

This is the situation with many security apps. I myself use Kaspersky product(s), and they only release smaller hotfixes to builds. Newer builds usually require installing whole package again (preferably the older one uninstalled first). Fortunately, they don't release new builds that often I speculate the reason is to avoid situations where pushing newer version of software to customers would actually cause unexpected issues, bugs or even break something. When user does the installing, he/she is aware of the newer version and its possible issues before installing. In case you want to make sure you have software up-to-date in your PC, which helps to avoid some infections, consider using for example Secunia's services. They offer software to scan your PC for vulnerable (or out-of-date) applications. This can be done either using online scan, or using a more thorough scan done by installed application. http://secunia.com/vulnerability_scanning/online/ <-- online version http://secunia.com/vulnerability_scanning/personal/ <-- software

There is no harm in using newsgroups, just be careful what you download What comes to Google search ( and ads), yes they can be dangerous. Many security, filesharing and system maintenance oriented searches (and sites) especially seem to attract links (and ads) promoting rogue (fake) software. Now with Fx you are safer. For one, no more ActiveX. This alone should make it safer for you to follow links.

Windows Defender does monitor locations that MBAM is not watching. This includes places like Hosts file, autostart locations and such.