Prev: USB-Stick autorun virus
Next: Is axel.dav a virus?
From: Virus Guy on 1 Dec 2009 18:31
ASCII wrote:

> > I would suggest that MBAM examine the permissions of the hosts
> > file (...) Maybe go further and test for any re-directions for
> > google.com as part of the system analysis.
>
> Doesn't HJT address these concerns?

What's wrong with MBAM adding a few useful features to make it an even
better simple-to-use malware detector and remover/fixer?

Wierd permissions for the hosts file, or any IP address other than
127.0.0.1 in a hosts file should be a red flag.
From: FromTheRafters on 1 Dec 2009 21:10

"Virus Guy" <Virus(a)Guy.com> wrote in message
news:4B15A739.99F0D8C3(a)Guy.com...
> ASCII wrote:
>
>> > I would suggest that MBAM examine the permissions of the hosts
>> > file (...) Maybe go further and test for any re-directions for
>> > google.com as part of the system analysis.
>>
>> Doesn't HJT address these concerns?
>
> What's wrong with MBAM adding a few useful features to make it an even
> better simple-to-use malware detector and remover/fixer?
>
> Wierd permissions for the hosts file, or any IP address other than
> 127.0.0.1 in a hosts file should be a red flag.

Now *that's* funny.


From: Dustin Cook on 7 Dec 2009 16:44
ASCII <me(a)privacy.net> wrote in news:4b1622f3.746734(a)EBCDIC:

> Virus Guy wrote:
>>ASCII wrote:
>>
>>> > I would suggest that MBAM examine the permissions of the hosts
>>> > file (...) Maybe go further and test for any re-directions for
>>> > google.com as part of the system analysis.
>>>
>>> Doesn't HJT address these concerns?
>>
>>What's wrong with MBAM adding a few useful features to make it an even
>>better simple-to-use malware detector and remover/fixer?
>
> Depends on what features are considered useful, and to whom.
> If they get too ambitious, next thing it will be another hunk of bloat
> ware, that doesn't always address whatever concerns someone has, yet
> carries a lot of useless ballast.
>
>>Wierd permissions for the hosts file, or any IP address other than
>>127.0.0.1 in a hosts file should be a red flag.
>
> HJT doesn't alter the hosts file but displays its changes and offers
> to open it in notepad for any corrections deemed necessary, whereas
> the person who registers and pays to upgrade MBAM for 'professional'
> level assistance, will receive a replacement hosts file full of extra
> addys, with some inserted for what seems to be petty political
> reasons.
>

What are you talking about? We don't touch the hosts file, either in the
free version or the pro version. Do you have a copy of this hosts file
your talking about? I just installed the v1.42 version available to all,
and the developers version that we run... we're not creating/replacing or
doing anything with/too the hosts. file.

So what sites is it were blocking for ... petty? political reasons? (We
don't have politics in malwarebytes...)


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk
 | 
Pages: 1
Prev: USB-Stick autorun virus
Next: Is axel.dav a virus?