Is MBAM is a 100% safe application?

[FromTheRafters]

"~BD~" <BoaterDave@hot.mail.co.uk> wrote in message
news:RbSdnY3dLah7CUfWnZ2dnUVZ8nSdnZ2d@bt.com...
> FromTheRafters wrote:
>
>>
>> Maybe, but I believe he is not stupid
>
> That's good to know!
>
>> - just annoying as all hell. D
>
> Name two things which I do which you find annoying - if necessary,
> please explain why so. I *may* change what I do!

1) Introducing your personal vendetta against PF whenever it suits you.
2) Needlessly crossposting your posts, even when from within another's
thread and transplanting posts from other places and posting off topic
and getting too obsessed with having other people's personal information
and practically *demanding* that others assuage any personal "hinky
feeling" you may have and ... well ... that's enough for number two.

> Now .......
>
> Here's an item for you to get your teeth into, FTR!
>
> It's an extract from a thread I once started here:-
>
> http://forum.kaspersky.com/index.php...ic=50275&st=40
>
> (this is post No 46)

> Performing a standard Disk Format and Reinstall of the Operating
> System
> will render common infections incompatible,

Incompatible with what?

> but not all Rootkits and its accompanying payload of malware.....

???

Had this person posted here, there would have been opposing viewpoints
voiced, I haven't visited that forum, so I don't know what went on
there.

> Rootkits work from outside the Operating System

There are user mode and kernel mode rootkits - how is that considered
"outside" the OS?

I might agree with *some* rootkits work from outside the OS (VM or
hypervisor based perhaps?)

> and can hide in Bad Sectors of the Hard Disk thus have places to hide
> on the Hard Disk that are essentially outside the Operating Systems
> environment, untouchable by it, yet still at hand.

There are many places to hide stuff, that doesn't mean it is code that
can be invoked or otherwise executed.

> Most wiping, erasing, formatting, and partitioning tools will not
> overwrite logical bad sectors on the Disk, leaving the Rootkits and
> their accompanying payload of malware behind and still active.

Usually, such tactics render the malware "headless" and as such it is
not *active*.

[...]

> Rootkits reside in the Root of things, thus the name 'Root' that
> service as an protective container for the accompanying payload of
> malware, or on the bright side, the accompanying payload of Software
> Code with productive, safe intentions, together they are a
> 'KIT'.....thus the name 'ROOTKIT'.....and Rootkits are not a joke.

Rootkit's used to be a collection of programs that an attacker could use
to replace tools with trojanized versions - once having obtained root
privileges. Now they are mostly just filter drivers to filter out
information that is being made available to such tools.

> Once the Computer is compromised by an Rootkit with its accompanying
> payload of malware, all files in the System can not be trusted and are
> likely infected.....

Why infect programs when you can install malware in a stealthed
(filtered) condition?

When you have the system as host, there is little reason to also use a
program to host code.

[...]

> Rootkits can also hide in the Firmware of Hardware Components, in the
> BIOS, Motherboard, Video-card EEPROM or Alternate Data Streams.....

There is room for "bad code" in those places. There may even be enough
room for enough code to actually function as a starting point for the
implementation of a rootkit (or other malicious functions). Having
*only* a starting point is not enough to qualify it as a rootkit.

> Rootkits hide their processes, files, and folders by using
> sophisticated hooking and filtering techniques. As a result,
> traditional methods of viewing the system state typically return no
> indication of foul play.....the Rootkit makes sure of that.

A rootkit might also cease doing the cloaking if it detects that a
rootkit detector is executing.

[...]

> *************
>
> I'd be most interested to discuss these comments of drdos further -
> you will note that the thread was closed by the moderator shortly
> after we reached this stage!

I'll just accept that as a fact, no need to go there.

> In particular, do you agree that "Rootkits can also hide in the
> Firmware of Hardware Components, in the BIOS, Motherboard, Video-card
> EEPROM or Alternate Data Streams....." ?

I'll agree that subversive code could hide in there, but that's a long
way from saying a rootkit or virus could launch from there.

[...]

[~BD~]

FromTheRafters wrote:
> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
> news:RbSdnY3dLah7CUfWnZ2dnUVZ8nSdnZ2d@bt.com...
>> FromTheRafters wrote:
>>
>>>
>>> Maybe, but I believe he is not stupid
>>
>> That's good to know!
>>
>>> - just annoying as all hell. D
>>
>> Name two things which I do which you find annoying - if necessary,
>> please explain why so. I *may* change what I do!

Let's deal with this part of your response first.

> 1) Introducing your personal vendetta against PF whenever it suits you.

I have no personal vendetta against anyone.

The posting persona known as Peter Foldes (or is it Derek Feldman?) is
not honest and truthful. I don't approve of that.

> 2) Needlessly crossposting your posts, even when from within another's
> thread and transplanting posts from other places and posting off topic
> and getting too obsessed with having other people's personal information
> and practically *demanding* that others assuage any personal "hinky
> feeling" you may have and ... well ... that's enough for number two.

Isn't Usenet great?

If folk choose not to substantiate their standing in the real world then
AFAIC they are simply fantasy figures of the Internet.

Remember this thread, FTR

http://groups.google.com/group/micro...dilema&lnk=ol&

Not much has changed!

--
Dave

[David H. Lipman]

From: "~BD~" <BoaterDave@hot.mail.co.uk>

| FromTheRafters wrote:
>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>> news:RbSdnY3dLah7CUfWnZ2dnUVZ8nSdnZ2d@bt.com...
>>> FromTheRafters wrote:


>>>> Maybe, but I believe he is not stupid

>>> That's good to know!

>>>> - just annoying as all hell. D

>>> Name two things which I do which you find annoying - if necessary,
>>> please explain why so. I *may* change what I do!

| Let's deal with this part of your response first.

>> 1) Introducing your personal vendetta against PF whenever it suits you.

| I have no personal vendetta against anyone.

Person -- Robear Dyer
Place -- aumha.net and its members like Robera and Randy.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[~BD~]

David H. Lipman wrote:
> From: "~BD~"<BoaterDave@hot.mail.co.uk>
>
> | FromTheRafters wrote:
>>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>>> news:RbSdnY3dLah7CUfWnZ2dnUVZ8nSdnZ2d@bt.com...
>>>> FromTheRafters wrote:
>
>
>>>>> Maybe, but I believe he is not stupid
>
>>>> That's good to know!
>
>>>>> - just annoying as all hell. D
>
>>>> Name two things which I do which you find annoying - if necessary,
>>>> please explain why so. I *may* change what I do!
>
> | Let's deal with this part of your response first.
>
>>> 1) Introducing your personal vendetta against PF whenever it suits you.
>
> | I have no personal vendetta against anyone.
>
> Person -- Robear Dyer
> Place -- aumha.net and its members like Robera and Randy.
>


May I refer you to this post?

http://groups.google.com/group/alt.p...09131018?hl=en

Where I said .......

"My use of Norton AV is what prompted my exclusion from Aumha, which as
you well know, is the *real* 'home' of PA Bear (aka Robear Dyer). I
found that 'interesting', especially as subsequently he lied saying
that I had been banned by an ISP, when this is false) and then he
refuses to communicate further. Such behaviour is irrational!"

That is the truth as far as I am aware. If this is disputed, let us
discuss further. I have *never* been banned by /any/ ISP - *ever*!

BD

[Dustin Cook]

~BD~ <BoaterDave@hot.mail.co.uk> wrote in
news:zM-dnaWNkNOrI0HWnZ2dnUVZ8jidnZ2d@bt.com:

> David H. Lipman wrote:
>> From: "~BD~"<BoaterDave@hot.mail.co.uk>
>>
>> | FromTheRafters wrote:
>>>> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
>>>> news:RbSdnY3dLah7CUfWnZ2dnUVZ8nSdnZ2d@bt.com...
>>>>> FromTheRafters wrote:
>>
>>
>>>>>> Maybe, but I believe he is not stupid
>>
>>>>> That's good to know!
>>
>>>>>> - just annoying as all hell. D
>>
>>>>> Name two things which I do which you find annoying - if necessary,
>>>>> please explain why so. I *may* change what I do!
>>
>> | Let's deal with this part of your response first.
>>
>>>> 1) Introducing your personal vendetta against PF whenever it suits
>>>> you.
>>
>> | I have no personal vendetta against anyone.
>>
>> Person -- Robear Dyer
>> Place -- aumha.net and its members like Robera and Randy.
>>
>
>
> May I refer you to this post?
>
> http://groups.google.com/group/alt.p...h/msg/ca3b5b67
> 09131018?hl=en
>
> Where I said .......
>
> "My use of Norton AV is what prompted my exclusion from Aumha, which
> as you well know, is the *real* 'home' of PA Bear (aka Robear Dyer). I
> found that 'interesting', especially as subsequently he lied saying
> that I had been banned by an ISP, when this is false) and then he
> refuses to communicate further. Such behaviour is irrational!"
>
> That is the truth as far as I am aware. If this is disputed, let us
> discuss further. I have *never* been banned by /any/ ISP - *ever*!

Wouldn't this be more appropriate in another newsgroup? This one, and the
ones I see you've set as followup don't really apply...


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior

[~BD~]

Dustin Cook wrote:

>
> Wouldn't this be more appropriate in another newsgroup? This one, and the
> ones I see you've set as followup don't really apply...
>

You are probably right, Dustin

Which group(s) do you suggest?

BD

[Max Wachtel]

On Sun, 02 May 2010 04:23:31 -0400, ~BD~ <BoaterDave@hot.mail.co.uk> wrote:

> Which group do you suggest?

alt.usenet.kooks -you'll find some real charmers in there.
--
This post was created using Opera@USB: http://www.opera-usb.com
Virus Removal Instructions
http://sites.google.com/site/keepingwindowsclean/home
Max's Favorite Freeware
http://sites.google.com/site/keeping...clean/freeware

[FromTheRafters]

"~BD~" <BoaterDave@hot.mail.co.uk> wrote in message
news:-OudnesECt2h0UHWnZ2dnUVZ8oidnZ2d@bt.com...

> Isn't Usenet great?

Yes! D

> If folk choose not to substantiate their standing in the real world
> then AFAIC they are simply fantasy figures of the Internet.
>
> Remember this thread, FTR
>
> http://groups.google.com/group/micro...dilema&lnk=ol&
>
> Not much has changed!

Did you really expect it to?

[~BD~]

FromTheRafters wrote:
> "~BD~"<BoaterDave@hot.mail.co.uk> wrote in message
> news:-OudnesECt2h0UHWnZ2dnUVZ8oidnZ2d@bt.com...
>
>> Isn't Usenet great?
>
> Yes! D
>
>> If folk choose not to substantiate their standing in the real world
>> then AFAIC they are simply fantasy figures of the Internet.
>>
>> Remember this thread, FTR
>>
>> http://groups.google.com/group/micro...dilema&lnk=ol&
>>
>> Not much has changed!
>
> Did you really expect it to?
>
>

No. I'd hoped that Dustin might re-read the thread if it came to his
attention again and he wasn't too busy! ;-)

Trolli is still monitoring posts being made on Scorched-Earth.

*Why*?

Proof positive?

Yup! (anyone know why MISMATCH appears in the first line of 'Path'?

Path:
border1.nntp.ams.giganews.com!feeder2-2.proxad.net!proxad.net!feeder1-2.proxad.net!74.125.46.134.MISMATCH!postnews.googl e.com!news2.google.com!npeer01.iad.highwinds-media.com!news.highwinds-media.com!feed-me.highwinds-media.com!border1.nntp.dca.giganews.com!nntp.gigan ews.com!local2.nntp.dca.giganews.com!nntp.ohio.net !news.ohio.net.POSTED!not-for-mail
NNTP-Posting-Date: Wed, 28 Apr 2010 20:47:26 -0500
From: "Li" <li@invalid.spam.com>
Newsgroups: alt.politics.scorched-earth
References: <hr1u04$48h$2@news.eternal-september.org>
<R_udnUFk1cWfXUnWnZ2dnUVZ8t5i4p2d@bt.com>
<Xns9D665D7A8152HHI2948AJD832@69.16.185.250>
<jJqdnW62Qe3y4kjWnZ2dnUVZ8uWdnZ2d@bt.com>
<Xns9D667CC5B4916HHI2948AJD832@69.16.185.250>
<qsydndeOBshEVUjWnZ2dnUVZ7tydnZ2d@bt.com>
<hr4nq0$jqj$1@speranza.aioe.org>
<-LCdnY19rfHuikvWnZ2dnUVZ8nmdnZ2d@bt.com>
<Xns9D66C9C594A6BHHI2948AJD832@69.16.185.250>
<WNydnYv03PrTEkvWnZ2dnUVZ8u2dnZ2d@bt.com>
<Xns9D676F83D183DHHI2948AJD832@69.16.185.250>
<XKadneU4RY9500rWnZ2dnUVZ7tydnZ2d@bt.com>
<Xns9D67AFEC4E454HHI2948AJD832@69.16.185.250>
<TJednfE8rbImL0XWnZ2dnUVZ8uKdnZ2d@bt.com>
In-Reply-To: <TJednfE8rbImL0XWnZ2dnUVZ8uKdnZ2d@bt.com>
Subject: Re: The truth *will* out!
Date: Wed, 28 Apr 2010 21:47:27 -0400
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=response
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Newsreader: Microsoft Windows Live Mail 14.0.8089.726
X-MimeOLE: Produced By Microsoft MimeOLE V14.0.8089.726
Message-ID: <meednRTKybqzeEXWnZ2dnUVZ_g6dnZ2d@ohio.net>
Lines: 47
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 66.219.181.60
X-Trace:
sv3-F7mwcZFQWLFFl7DAqiT6He2opE/ChGv6NIJCEXTLC0zoNZCcICDviF0k/d1PfrVgnGvvJ1n7xDuPujJ!FPUVYQJHz86OD/EHktM/RjErK/5/vPRfTPxFZG4HHdbrgH48BGtlfAaUmLz2jvfDfYiZjM63OvNN!3 WGaHqjf
X-Complaints-To: abuse@ohio.net
X-DMCA-Complaints-To: abuse@ohio.net
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your
complaint properly
X-Postfilter: 1.3.40
Bytes: 3615
Xref: number.nntp.dca.giganews.com alt.politics.scorched-earth:30454


<SIGH>

[Dustin Cook]

~BD~ <BoaterDave@hot.mail.co.uk> wrote in
news:rYydneWshpxkXUHWnZ2dnUVZ8sidnZ2d@bt.com:

> No. I'd hoped that Dustin might re-read the thread if it came to his
> attention again and he wasn't too busy! ;-)

I started to read the link posted. when I saw the dates and your comments
concerning pcbutts, I stopped.

I know that mbam isn't 100% safe anymore so than my hand sanitizer kills
100% of all germs. (it claims 99.?% instead). It's proven math on these.

Not by fault of either product, it's just not a mathematically correct
(nor legally really) thing to say.

> Trolli is still monitoring posts being made on Scorched-Earth.

BD, it's usenet.. You can even set google to monitor posts and phrases
for you, and email when it sees something. Technology for you.

I lurked for a few days myself before I actually posted the first time. I
have read most of the threads I found on the server here (I use the
server provided by my ISP; old habits die hard) but haven't posted to
many of them.

> *Why*?

Could be any number of reasons. Not everything is a conspiracy, ya
know...




--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge
this boulder right down a cliff." - Goblin Warrior