Jump to content

PUP.Optional.BubbleDock.A


Recommended Posts

Hello there,
This is a problem we can not solve .. MBAM reports a ... PUP.Optional.BubbleDock.A quarantine and deleted

 

MBAM Report 14-07:
     Malwarebytes Anti-Malware
     www.malwarebytes.org

     Date of Examination: 14.07.2014
     Time of Examination: 11:46:56 p.m.
     Log file: MBAM_14-07.txt
     Administrator: No

     Version: 2.00.2.1012
     Malicious data base: v2014.07.14.11
     Database Rootkits: v2014.07.09.01
     License: Free
     Protection against malware: Disabled (e)
     Protection against malicious websites: Disabled (e)
     Self-protection: Disabled (e)

     Operating System: Windows 7 Service Pack 1
     Processor: x64
     File system: NTFS
     User: Michelle

     Exam Type: Exam "Threats"
     Result: Completed
     Objects scanned: 236067
     Elapsed time: 6 min 58 sec

     Memory: On (e)
     Start: On (e)
     File System: On (e)
     Archives: Active (e)
     Rootkits: Active (e)
     Heuristics: On (e)
     PUP: Active (e)
     PUM: Active (e)

     Process: 0
     (No malicious items detected)

     Modules: 0
     (No malicious items detected)

     Registry keys: 1
     PUP.Optional.BubbleDock.A, HKLM \ SOFTWARE \ Wow6432Node \ GOOGLE \ CHROME \ EXTENSIONS \ kbjlipmgfoamgjaogmbihaffnpkpjajp, Deleted-au-restart [72015d427a0156e03f6b9825679b05fb]

     Registry values​​: 0
     (No malicious items detected)

     Registry data: 0
     (No malicious items detected)

     Records: 0
     (No malicious items detected)

     Files: 0
     (No malicious items detected)

     Physical sectors: 0
     (No malicious items detected)


     (end)

 

But ... even after reboot .. if you check the registry key that is removed ... the answer is NO ... MBAM did not remove the key and a new scan with MBAM resignale the same PuP. Optional.BubbleDock.A

 

MMFA of 16-07:
     Process: 0
     (No malicious items detected)

     Modules: 0
     (No malicious items detected)

     Registry keys: 1
     PUP.Optional.BubbleDock.A, HKLM \ SOFTWARE \ Wow6432Node \ GOOGLE \ CHROME \ EXTENSIONS \ kbjlipmgfoamgjaogmbihaffnpkpjajp, [7db5663a0f6cdd59ec455c63b74bd62a]

     Registry values​​: 0
     (No malicious items detected)

     Registry data: 0
     (No malicious items detected)

     Records: 0
     (No malicious items detected)

     Files: 0
     (No malicious items detected)

     Physical sectors: 0
     (No malicious items detected)

     (end)

 

**************
What does it take for MMFA actually delete this key as the announcement?

Thank you in advance for your response.

Link to post
Share on other sites

Hello:
 
Some PUPs/adware/malware require the use of multiple different tools for complete removal; or it could be that something on your computer is regenerating the detection.  This is explained in more detail here: The complexity of finding, preventing, and cleanup from malware

In particular, this detection (a Chrome extension) may possibly be regenerated from your preference by Chrome sync -- you might need to disable sync or clear your Chrome settings online in order to complete the removal process?

 

Open up Chrome
Then in Chrome go to Settings > Under Sign In as....., go to Google Dashboard > Click on Settings > Click on Stop and Clear left bottom of the page.

 

Having said all that, we do not work on malware-related in this particular area of the forum.
There is free, one-on-one help available in another section of the forum and at the help desk.

I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will guide you through the scanning and cleanup process.

Thanks,

Link to post
Share on other sites

Hello,

Malwarebytes' continued to report this key and that he had removed ... but it was still there ... MMFA did not suppress anything!
Suddenly .. we Sopte to manually delete this key
HKLM \ SOFTWARE \ Wow6432Node \ GOOGLE \ CHROME \ EXTENSIONS \ kbjlipmgfoamgjaogmbihaffnpkpjajp,
[7db5663a0f6cdd59ec455c63b74bd62a]

And scan Malwarebytes' is now Clean! ..

But why ... Malwarebytes reported that he had deleted. Then restart .. after turning in the register;. Key was still there ... and was resignalée a new scan?

thank you for keeping me informed about more ..

@ Soon!

Link to post
Share on other sites

Hello jcl59:

 

Effectively, you are describing a persistent threat, from other origins, that your Anti-Virus and/or MBAM can not yet mitigate and malware removal actions are not permitted in this sub-forum.

I recommend following the advice from the topic: Available Assistance for Possibly Infected Computers and have one of the Malware Removal Experts assist you with your issue.

If, as recommended, you do open a topic in Malware Removal Help, please make reference to this thread.

Thank you. :)

Link to post
Share on other sites

Hello,

I understand that you advise me to post your item analyzes / disinfection to one of your helpers take care of the cases I have reported you ..
Let me explain .. I am on a small forum Moderator French malwarebytes .. the problem with respect to the PC of one of our members on this forum .. and we also have a team of helpers who all graduates ... tried ... no logs usually used by helpers have reported quoque it ... alone ... Malwarebytes reported that key and delete ... but said the key was still there ... what we looks like a problem with the focntionnement of malwarebytes ... where my reporting on this forum ...
Thank you for taking the trouble to look at this question ...
@ Soon!

Link to post
Share on other sites

Hello:

 

No one program -- not even MBAM -- can possibly detect and remove 100% of all variants of all types of live malware.

This is explained in detail here: The complexity of finding, preventing, and cleanup from malware

 

Having said that, we are not permitted to work on malware-related issues in this particular area of the forum.

Trained malware experts perform that work, one-on-one, for free, in a dedicated area of the forum.

So, if you have a user with a possibly infected computer, then we respectfully suggest that this user please create a forum account and that he/she might start with the advice in this pinned topic: Available Assistance for Possibly Infected Computers

 

Alternatively, if you have a file that you think might be malware or a PUP that is not already detected by MBAM, then I suggest the following:
1) Please read the instructions in this pinned topic: Purpose of this forum and this pinned topic: Malware hunters please read
2) Then, please submit the file to the Research Team in the dedicated area of the forum here: Newest Malware Threats
They will evaluate it for possible inclusion in the PUP or malware database.

 

Thank you,

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.