Jump to content

Raid

Honorary Members
  • Posts

    1,551
  • Joined

  • Last visited

Posts posted by Raid

  1. Hi - mikeyfiddler - Welcome here -

    Don't worry about the Bosses (he he) :) - We all love MBAM and that is why we are here - :)

    If you get other problems now you know where we are and where to get more help - :)

    Don't forget to update every week -

    You should check for updates on a daily basis. A single week can leave your machine far behind in the malware wars. We sometimes release multiple updates in a single day to keep up with various trends in malware.

  2. Does anyone else watch this show?

    I love it :)

    I used to think it was an "old man show" lol, since my dad always watched it, and it began to grow on me, and now I really like it too :)

    I recently bought Season 7 on DVD.

    I watch it on tvland during the evening sometimes. If I happen to be upstairs eating, that's when I'll sit and watch an episode or two.

    I used to watch it and mash with my mom when I was little, so it kind of grew on me.

  3. The site is legit and that IP is not the IP of the site it is blocking. IP 64.202.189.170 belongs to GoDaddy.com all it is is a forwarding IP that GoDaddy uses for it's DNS server. Of the millions of GoDaddy customers who use their forwarding DNS if they install MBAM it will block access to all of those websites. MBAM does not check content of what it blocks it just relies on the truthfulness of the files supplied by hosts-file.net. I am not sure how many other web hosting companies are listed it this list but I am sure there are more then one. GoDaddy is aware of this blocking and I am sure they will be contacting MBAM about this so we will probably be seeing some changes made to MBAM's IP blocking. The concept is good but it does not work correctly.

    Guys... just so everyone understands; this individual I have quoted is indeed, the infamous pcbutts; aka Christopher Butts. How do I know this you might ask? He's the only individual so far to post on usenet alt.privacy.spyware about us using a file. specifically, the wording. I leave the post below as my evidence...

    Seriously; we're being trolled.

    This is not a false positive, it's evidently tied to Christopher; in the sense we block one of his sites.

    Path: s02-b61!num01.iad!npeer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!postnews.google.com!news2.google.com!border1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!backlog2.nntp.dca.giganews.com!news.giganews.com.POSTED!not-for-mail
    NNTP-Posting-Date: Sat, 15 Aug 2009 16:09:23 -0500
    From: "The Real Truth MVP" <trt@void.com>
    Newsgroups: alt.privacy.spyware
    Subject: MBAM contraversal IP blocking
    Date: Sat, 15 Aug 2009 14:09:22 -0700
    MIME-Version: 1.0
    Content-Type: text/plain;
    format=flowed;
    charset="iso-8859-1";
    reply-type=original
    Content-Transfer-Encoding: 7bit
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Newsreader: Microsoft Windows Mail 6.0.6002.18005
    X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6002.18005
    Message-ID: <lLOdnWUTAMqeuRrXnZ2dnUVZ_uadnZ2d@giganews.com>
    Lines: 32
    X-Usenet-Provider: http://www.giganews.com
    X-Trace: sv3-Ybgo/wNPo41AfYt4FhCvOhPVus/7ngZuPH9+D6L3kLp99VEzcFAsj5upFEN43OG1zf07FcBZ7TYYQXn!2PyoDiYvQWeeD7Qwr94IWjx6oOGncmgzbqDKV8SWGaolDi/dkma9oh31HmZPOPsJM/MpUxUGag==
    X-Complaints-To: abuse@giganews.com
    X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
    X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
    X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
    X-Postfilter: 1.3.39
    X-Original-Bytes: 2888
    Xref: Hurricane-Charley alt.privacy.spyware:60884
    X-Received-Date: Sat, 15 Aug 2009 21:09:33 UTC (s02-b61)

    MBAM new IP blocking has major flaws. The idea is good but the way it is
    executed needs work. The database of IP addresses it uses is the major
    problem. MBAM is trusting the source of that list as being accurate without
    testing each and every address listed, as it should do, for validity. They
    use the list from http://hosts-file.net, that list although updated
    regularly is outdated and needs a complete over haul. Currently I estimate
    that MBAM blocks more than 10,000 legitimate websites including business
    websites and emails. The 10,000 is a very conservative low number. For
    example this IP 64.202.189.170 belongs to GoDaddy.com all it is is a
    forwarding IP that GoDaddy uses for it's DNS server. Of the millions of
    GoDaddy customers who use their forwarding DNS if they install MBAM it will
    block access to all of those websites. MBAM does not check content of what
    it blocks it just relies on the truthfulness of the files supplied by
    hosts-file.net. I am not sure how many other web hosting companies are
    listed it this list but I am sure there are more then one. GoDaddy is aware
    of this blocking and I am sure they will be contacting MBAM about this so we
    will probably be seeing some changes made to MBAM's IP blocking. The concept
    is good but it does not work correctly.

    Have a nice day Chris!

  4. I used to get a drink called Dragonfruit at least once a week. I loved it, it was my favorite.

    I haven't seen it in months, probably a year or so now at least.

    Did or does anyone else drink this flavor? And/or noticed its disappearance?

    It makes me sad that they don't have it anymore (if thats the case); it was my favorite and the main flavor that I even liked by them, heh.

    I'm tempted to call the Lizard Line on the bottle and tell them to bring it back if its gone :rolleyes:

    I haven't seen Dragonfruit in a very long time. I dunno if they quit making it, or if the store here just quit carrying it. Of course, I liked the clear pepsi when it was available too.. so it figures.

  5. I have posted about the first issue twice. I really hope that someone responds.

    Sorry.

    My first issue is that I got another warning from my malwarebytes program this am, and when I clicked on it, the quarantine file came up. This file has been on my computer for a few weeks, but last time I posted, I never got a response.

    So, should I remove this file? Do I have a problem? Here is the quarantined file info

    Malware.Trace Folder C:\WINDOWS\system32\2052 14033

    Yes, you can go ahead and remove the folder. It's a residual trace of malware.

    My second and most potentially critical problem is that when I am searching the web, I get this message almost constantly! Is there an infection in my browser or is the malwarebytes picking up on infections in the pages that I open?

    Malwarebytes is actually flagging on potentially malicious websites when you see that message. Your browser isn't becoming infected. We intend to change that from Infected IP to malicious site to avoid confusion in the future. :)

  6. 64.621.81.47

    \

    \

    came up here

    Hi Mark.

    I'll pass this IP along to the person responsible for maintaining them. If you find others which you don't feel should be blocked, Please post them. Apologies in advance for any inconvenience we have caused you by blocking these sites.

    You did mean 64.62.181.47 right?

  7. An update to this......It is now starting to do the restart thing at least one time a day or so now.. Usually its when i first turn the computer on for the day.. It restarts and I pick out the last known good config option and it starts fine then.. restarts are fine it just seems to be the first time during the day. I'm assuming its just hard drive dying slowly as you said above.. anyone else that has any input would be appreciated

    That actually sounds like a failing power supply. If the current drops below a certain level, the computer will do a hard restart. (as if you pressed reset or powered it on). If you have one, I'd put a multimeter on the power supply while starting up the computer. If the voltage drops below 10 volts or so on the 12volt rail, it'll probably make your PC restart.

  8. Excellence is an art won by training and habituation. We do not act rightly because we have virtue or excellence, but we rather have those because we have acted rightly. We are what we repeatedly do. Excellence, then, is not an act but a habit.

    -Aristotle-

    That's an impressive quotation.

  9. Raid:

    :D Do you have a favorite episode? I'm having a hard time deciding myself.

    No... It would be too hard to pick one. His sarcastic wit is just amazing.

  10. "...and there is no portable version in the works yet, but they are working on a special technician version (not portable).

    I'll let him announce the details when he's ready, because I get the impression that it's not even ready for beta testing yet".

    I understood that the technician's version is, in a sense. portable in that you install it on a cd or usb Key and use that on the infected computer. If you then want or need to unistall whatever files MBAM had installed on the target computer post infection clean-up then that is not difficult to do. Or am I mistaken here?

    You are correct sir. And as I'm sure you've also been told, the technicians version really isn't for end users. :P For those who have interest in that version, we have a dept that can answer any questions they might have. Ok? This area is really for the version normal folk have access to and typically use. Thanks!

  11. Raid:

    :) Do you have a favorite episode? I'm having a hard time deciding myself.

    No, I must admit I do not. I enjoy almost all of them so far. I have found a couple to be a bit slow to get going, but I usually get into it before the credits roll.

  12. Hi Bruce Hi Marcin Hi All,

    I've just updated Winpatrol Plus to the very latest build (v16.0 2009.6)

    and ESET Smart Security 4.0 to the very latest test build 4.0.417.0.

    When I restarted my Vista Home PREMIUM SP1 32 bit MBAM protection module started to detect Rootkit. Goldun in a lot of files belonging to Winpatrol and OS in registry autorun entries.

    I think it's a f.p.

    I had to disable MBAM self protection.

    I performed a quick scan with MBAM which found nothing.

    PREVX 3.0 could't detect nothing

    Windows Defender detected nothing

    SUPERAntispyware FREE detected no malware

    MalwareBytes'Antimalware 1.37 full

    database version 2216

    italian language

    Malwarebytes' Anti-Malware 1.37

    Versione del database: 2216

    Windows 6.0.6001 Service Pack 1

    02/06/2009 22.26.18

    mbam-log-2009-06-02 (22-26-18).txt

    Tipo di scansione: Scansione rapida

    Elementi scansionati: 71766

    Tempo trascorso: 2 minute(s), 7 second(s)

    Processi delle memoria infetti: 0

    Moduli della memoria infetti: 0

    Chiavi di registro infette: 0

    Valori di registro infetti: 0

    Elementi dato del registro infetti: 0

    Cartelle infette: 0

    File infetti: 0

    Please help

    I could't create any snapshot, if I enable MBAM protection module my OS freeze

    Thank you in advance

    Hi There.

    Do you remember any of the filenames the PM module flagged as being infected by Goldun?

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.