Jump to content

Nasty stuff mwb is not detecting...how to report it properly?


Recommended Posts

I saw the other forums for reporting new threats...but I am unsure what I am supposed to do really. I read we are supposed to check it against virustotal or other similar sites and upload it and a report zipped. But how do I get these bad files to do so in the first place? The only time I seem able to see them is when I have them quarantined after mwb or mse or another program finds them for fixing.

Last night I got hit again with a password changing pos...managed to get back in via another user acct (this is on a vps) and run malwarebytes on the whole drive..it didnt find anything, neither did mse. Doc web did though and it was the same horrid crap that hit me a few weeks ago and caused me a lot of problems. dubrute.exe

why is this still slipping thru? I have mwb paid pro active real time version going along with micro sec essentials

I dont know if it is starting on my desktop and then hacking into my vps pass via the remote access login section or if it is originating on my vps itself somehow and changing the password on me and messing stuff up from there.

Do I need to get an active mwb and mse going on each user acct on my vps? What else can I add? Can mwb be set to block this dubrute crap?

I still dont understand its purpose either...I can at least understand why a virus would make it look like files are deleted so I buy a fake recovery program...but I cant buy something if I am locked out of my accts and dont even see them? Unless this is something that is fishing for sensitive credit card or similar information? If that's the case, why did it delete my files before?

I truly hate these wankers that make these awful things and hope someday I somehow meet one in person.

Thanks

Link to post
Share on other sites

I truly hate these wankers that make these awful things and hope someday I somehow meet one in person.

You are not the only one in this boat that hates these people -

Hello -

I am sorry that you are infected' date=' here are the steps needed to get your computer cleaned....

[b']Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - This can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support

OPTION 1

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the

Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions here, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.


    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
      Or
    • You may send a Private Message to a Moderator asking for assistance.
    • OPTION 2
      Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or here.
      OPTION 3
      If you would like to use our Malwarebytes Premium Services, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our Malwarebytes Premium Services support site.

    [*]Thank You for reporting this to us -

Link to post
Share on other sites

Thanks for a speedy response and the advice.

I will read it more thouroughly tomorrow after I get some sleep as it is very late here.

With respect, this is the same thing that got thru before despite having mwb paid pro real time activated and running. The guy from mwb paid support that helped me last time did help me get it cleaned out but unable to recover the 'deleted' files...and he did the cleaning by telling me to use doc web which found the dubture where mwb did not.

I dunno if it wasnt cleaned totally the first time or if it just hit me again separately

Very discouraging as I thought I had all my stuff tightened up since then

Link to post
Share on other sites

When trying to reverse engineer how this is happening to better protect myself I found this link explaining what people are doing...scraping for ip addies being used by vps and then using dubrute to crack the password

http://raditya-w.blogspot.com/2011/12/tuthow-to-hack-rdpstools.html

Free speech at its finest there I guess, bunch of scumbags.

Is there anything mwb or anything else you are aware of protect against the first ip scanner software? If not can the dubrute stuff be blocked effectively? It looks like perhaps they get the ip and crack the password and then go in manually and leave a virus or start messing around themselves.

Link to post
Share on other sites

yes i was not going to start a fresh thread for help here, i was more posting to try and get this horrible dubrute thing added to mwb..im sick of dealing with this thing and having to restore backups or lose files etc. especially while having paid programs running

i appreciate your time and advice, dont mean to be bitchy, just real aggravated that there are people out there that purposeful do this to their fellow man

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.