From: FromTheRafters on 20 May 2010 18:07
"David Kaye" <sfdavidkaye2(a)yahoo.com> wrote in message
> "FromTheRafters" <erratic(a)nomail.afraid.org> wrote:
>>Some of the detection algorithms might involve having active malware
>>look at. Safe mode might not have loaded some aspects of the malware,
>>there would be no activity to observe. I *have* seen recommendations
>>run it in safe mode and *then* in normal mode.
> My impression is that MBAM does not look at activity but at pieces of
> code. I
> have a CD with a bunch of hacking tools on it which I use in my
> business. If
> I happen to have the CD in a machine when I'm doing a MBAM scan, it'll
> those tools as malware, even though they're not active.
I didn't say it was *only* context scanning, I'm sure it has content
scanning as well.
>>....and no, I'm not employed by Malwarebytes and am looking forward to
>>you getting your response from a representative. Please share with us
>>whatever information they allow you to.
> Will do.
From: dwn on 20 May 2010 21:50
On Wed, 19 May 2010 20:52:46 -0400, "FromTheRafters" <erratic(a)nomail.afraid.org>
>The reason I asked is because spamming from your IP address is not the
>same thing as spamming from your computer. Someone could possibly have
>been using your wireless access point to send spam from *their* computer
>using your IP address. Your detections seem to be for inactive malware -
>someones post of a script snippet. To get un-banned you will have to
>contact the entities that banned you. Usually, their web pages tell you
>how to do this.
>That said, it is *still* a good idea to run some antimalware scanners to
>be more confident that your machine is clean.
Ran the following anti virus:
Avest full scan - about 2 hrs.
MS Essential full scan - more than 4 hrs
Stinger 1001896 - (I stopped it after 45 minute)
The next day: (with both Avest and MS Essential off).
First Malwarebytes - about 45 minutes.
Follow by, SuperAntiSpyware - about 29 minutes
Found nothing. Earlier, I received so many undelivered mails,
I did not take the time to find out who is blocking my email.
I will read each one carefully and contact them. I contact Surewest,
(paid email server) and wildblueworld administrator neither replied.
BTW, I am in a different time zone.
From: dwn on 20 May 2010 21:57
On Thu, 20 May 2010 11:09:02 GMT, sfdavidkaye2(a)yahoo.com (David Kaye) wrote:
>"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote:
>>If you use Wireless and it is NOT secured and you are the victim of WarDriving,
>> you really
>>are not that innocent as you are responsible for any/all activity on your
>> subscribed IP.
>I'm not convinced of that line of reasoning at all. If it were the case,
>companies such as McDonald's and Starbucks wouldn't have open wi-fi hotspots
>as part of their regular business plan.
It is not likely someone hijack my wireless ADSL. There are no wireless network
within range from my computer, none since I moved into the neighborhood and it
took more than thee weeks for my ISP to find a "PORT" for me.
From: dwn on 20 May 2010 22:03
On Wed, 19 May 2010 23:04:06 GMT, sfdavidkaye2(a)yahoo.com (David Kaye) wrote:
>>Finally I had it up and running smoothly. All of a sudden, AOL and Comcast
>>"Block" my email. A week or so later AOL, lifted the blocking. I disregard it
>>but took precaution and "CC" email to my other Email.
>This usually means that your system is being used as a zombie. Get a tool
>that checks all your outgoing ports and see where it's connecting. But you
>need to do a thorough malware sweep. Malwarebytes can probably do it for you.
>Download Malwarebytes, get the latest update, and run it in safe mode, which
>I've found helps it find things better and faster.
What do you mean "a zombie"? I am pretty sure I cleaned my computer other than
clean installing XP PRO after format the HD. I called my ISP and I waiting for
From: Dustin Cook on 20 May 2010 22:06
sfdavidkaye2(a)yahoo.com (David Kaye) wrote in
> Dustin Cook <bughunter.dustin(a)gmail.com> wrote:
>>It's really not designed to run in safe mode; You should be using it
>>in normal mode windows; so that windows loads all the drivers and
>>provides all of the registry keys which are not necessarily online
>>while in safe mode.
> I have followed the Malwarebytes forums for quite some time and have
> never seen anything from anyone at Malwarebytes telling people not to
> use it in safe mode. I welcome anybody who works for MBAM to write me
> and tell me that what I'm doing in ineffective or violates any
> intended purpose of the software.
When I posted actively on the mbam forums, I routinely told people not to
run it in safe mode, but to please use it in normal mode. It may have
been under the portable version threads; as at the time, a portable
version wouldn't work well.
> What makes you think that MBAM will scan differently in safe mode than
> in normal mode? The files that make up the registry haven't changed.
> The drivers haven't changed.
*shrug*. I was one of the researchers employed by MBAM. That's all. I
know various things about the engine that you wouldn't be privy too.
Hence, why I said what I said.
> Meanwhile, I have found that MBAM works much better and faster in safe
> mode when particularly nasty malware has taken over a machine simply
> because Windows is not loading the extra drivers, etc., nor is bogged
> down by excessive CPU use.
Well, as I said, I just worked for them. What would I know.. right?
Feel free to steal this tagline!