Jump to content
Nathalieyuna

66.220.17.126

Recommended Posts

Dear Malwarebytes staff,

What a thread! Congratulations MysteryFCM.

My choice of security software and combination take into account pros and cons from internal and external information (user experiences, tests, etc.). As an end user of MBAM Pro, detection of any malware is main focus.

Apart from the technical side, the interest to read this exchange was about behavior; good from management (Nathalie) to show her company concern and technicality (Menthix) who better identified how the malware is incorporated to their product. On the other hand, someone waited until now in 2010 after being well caught to consider a change in their business plan! Therefore, they deserve to remain at least on an unofficial brown list.

Okay, no official mention about it... As far as well informed user Chrono is concerned, who focuses wrongly on the chronometer for irrelevancy (trying to disrupt the case of a solid detection), his or her logic isn't an attraction for MSG Plus Live!

Just an opinion,

CyberJake4D

Share this post


Link to post
Share on other sites

Apologies for taking so long to reply. The results will be finalized within the next 12 hours (I've had a few other things that needed testing and re-testing first).

Share this post


Link to post
Share on other sites

I've re-tested the latest release and Swizzor is indeed, no longer installed. Definately good to see this change (pity it took so long + blacklisting their IP range, for them to make this change though). As long as the old installers aren't present (will be checking once posted this), they'll be unblocked.

Share this post


Link to post
Share on other sites
Okay, no official mention about it... As far as well informed user Chrono is concerned, who focuses wrongly on the chronometer for irrelevancy (trying to disrupt the case of a solid detection), his or her logic isn't an attraction for MSG Plus Live!

i was certainly not focusing on the main matter of this thread, i'll give you that one, but do you really think that HOW they test things is irrelevant? Why trust a program like this a 100% when you know that anyone can make a mistake? Someone has to keep an eye on them too, i think it's good for everyone that someone gives his opinion about how the testing is done. I dunno if MysteryFCM will take note of anything i said, but an observation/criticism should always be well received. i was certainly not "disrupting the case of a solid detection" :(

Regards

Share this post


Link to post
Share on other sites

Dear Chrono,

I'll answer you, just one last post. Of course, you could post back if you wish.

Simply, it seems you look at the other side of the medal (seemingly of a good product) whereas Malwarebytes checks if anyhow a website (here, through a possible product download) could be associated to a piece of malware.

Because it's not a comparison or performance test, just a detection test (there's a malware or not), equipment quality and software updates is not important here. So, from the flip side of the medal, it appears your position elongated this thread needlessly.

When alerted by IP protection, MBAM end users can be more careful (investigate better). A good reason to use this security software.

MSG Plus! Live would be more attractive to security aware individuals when dissociated from any malware.

Best wishes of PC security,

CyberJake4D

Share this post


Link to post
Share on other sites

Just to put an end to this, I've confirmed the old installer no longer comes with Swizzor, and as such, removed the block on this IP.

Share this post


Link to post
Share on other sites
Just to put an end to this, I've confirmed the old installer no longer comes with Swizzor, and as such, removed the block on this IP.

66.220.17.126 is indeed unblocked. But MalwareBytes is still blocking every other IP address in this range, together with another IP range which is associated with Messenger Plus! too. The ranges are 66.220.17.1 through 66.220.17.255 and 72.51.11.1 through 72.51.11.35. I assume these ranges were blocked for the same reason as 66.220.17.126, so they should be unblocked for the same reason too.

See the attached screenshot for which Messenger Plus! sites are affected by this.

Also, MalwareBytes is still detecting Messenger Plus! 3.63.1.148 as "Adware.Agent". This is the re-released version which was compiled August 9 2010, without CiD or any other adware package. So a false positive, please confirm: http://mirror3.msgpluslive.net/MsgPlus3-Setup.exe (http://www.virustotal.com/file-scan/report.html?id=6a084e57e994558357d2ecb8e7f21d26a4f922f0013d1743f9a4a649c3310b2a-1281983839).

post-48475-1281982930_thumb.png

Share this post


Link to post
Share on other sites

Some of the other IPs were actually blocked due to other sites housed on them (i.e. host127-0-0-1.com, host-domain-lookup.com and host192-168-1-2.com etc).

I'll get the block removed for 72.51.11.0/24 however (thought* I already had).

Share this post


Link to post
Share on other sites
Some of the other IPs were actually blocked due to other sites housed on them (i.e. host127-0-0-1.com, host-domain-lookup.com and host192-168-1-2.com etc).

I see, is it possible to unblock the individual 66.220.17.x addresses shown in the screenshot without unblocking the offending sites? The sound hosts are only used from inside Messenger Plus! for a feature which allows users to send sounds (shot MP3s) to each other. The mirrors are used to download the Messenger Plus! installer files from.

If you could take a look at http://mirror3.msgpluslive.net/MsgPlus3-Setup.exe too that would very much be appreciated.

Thank you.

Share this post


Link to post
Share on other sites

I don't actually deal with the detection def's, so I'll get one of the guys that does, to deal with that for you.

I've already published an update unblocking the other one, but will take a look at the individual IPs and get them unblocked as necessary.

Share this post


Link to post
Share on other sites

Hi all,

Detection of Patchou's installer will be removed as of the next database update :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.