Jump to content

Blocking of updates and URL's


Recommended Posts

I am fairly new to Malwarebytes Antimalware and have become a fan.

After referencing the following in the forum;

http://www.malwarebytes.org/forums/index.php?showtopic=7191

http://www.malwarebytes.org/forums/index.php?showtopic=7079

http://www.malwarebytes.org/forums/index.php?showtopic=7266

(there are others but these are recent)

I want to say the following, that is IMHO not being CLEARLY specified.

It is clear that certain Malware is designed to target products. The more popular the product, the more likely it is to make the list. MBWAM is one of these.

I have been fighting with worm.pabug.ck aka worm.pabug.co aka dropper/QQpass.48436 aka Trojan-PSW.win32.QQpass.jh which MBWAM incorrectly identifies as Trojan.Fakealert.H.

No worries there as there are so many variants and MBWAM catches MOST of the nasty. The rest I have had to manually remove. Among other things this parasite changes your date, blocks AV updates and sites and disables services like regedit, msconfig and the ability to view hidden files.

Point1:

MANY HOURS of reading various forums and scans by the most reputable AV and AM scanners did not help me neutralize this bug. You have to first identify it accurately to kill it.

Point2:

This bug deliberately infects removable media. I got it from a flash disk. It infected only my desktop, my laptop has much better security and stayed clean. Also the desktop has SP2 on and the Laptop SP3 so this may be one reason. Keep your updates up-to-date people

Point3:

I am not a Malware "expert", but in my neck of the woods I'm as close as you'll get, and this bug worked my case. Thanks to MBWAM for pointing the way, BUT without the little skill I have I would still be infected!

In the other threads, it is clear that a) these viruses can reinfect and b)they can block MBWAM updates. I have yet to see a clear solution given here. Even though I have cleaned the infection and dug for rootkits and checked various and assorted things, I STILL cannot update my MBWAM although I CAN update A-sqaured. Can you offer me any advice? And for the other plaintiff ones that have the same problem. I will try reinstall, a new user account and SP3 update. Do you think these are valuable?

Link to post
Share on other sites

Hi and welcome. Yes malware will target programs and sites to block functions, and access. Yes they must be identified to be removed. Those threads you point out are not related to each other and are not the same in any respect from a quick glance. If your still having trouble you should read and follow the instructions here then post a log here . Someone will be happy to help you.

Link to post
Share on other sites

  • Root Admin

You can also try this. But getting help with your log might be the better solution.

You can download the Malwarebytes program from here

Launch Malwarebytes' Anti-Malware and run a manual update

If you encounter any problems while downloading the updates, manually download them from here

and just double-click on mbam-rules.exe to install. Make sure ALL applications including MBAM are closed first.

Link to post
Share on other sites

Hello again and thanks Mods for the advice.

I did not include a log because the log shows nothing. I will do a manual update to se efi that makes a difference, but since I downloaded MBAM the day got the parasite it sould have been failrly current. The issue was that somehow the updater is still being blocked and I wanted to know if you had an insight into why. The "hosts" file was infected but now clean and I find no reg entries for the parasite. By now I have run various cleaners on in Normal and Safe mode and with the drive plugged to another PC's. The list is (in no particular order) AVG8, MBAW, MS Malicious Software Scanner, ClamwinAV, Win defender, Spybot, A-sqaured free, Comodo AV, Rising AV, NOD32, Spyware Doctor, Adware2007 - all current and updated versions - and as far as I can see the PC is clean.

Since it was not an Internet PC, the MS updates had been ignored, but that is also remedied now with SP3 installed and all current updates (I set up the Internet on the PC AFTER I was sure the infection was gone SO THAT I could update MBAW).

Despite all this MBAM, Comodo AV and Comodo BOClean will no update. Win updates, AVG, Clamwin and A-sqaured do. I also seem unable to download from COMODO. Maybe there is an excludelist somewhere I can't find *shrug*. I did not do any online scans as the PC was not originally connected (I mentioned) and I have doubts to the efficiency of these scans (not to mention that where I live we still have capped limits to downloads and slow connections).

I note these things and the references above because in all cases the questioners was left hanging for a final solution (or didn't bother posting if they did get one.)

I will continue to pursue a final insight. I see too many problems where the solution is "reload the PC" or "our product will sort it out" without an actual solution being pursued so forgive any argumentativeness that may cause offense. It is not good enough just to have a clean machine or everyhing sorted without also knowing why certain problems persist or occurred.

Link to post
Share on other sites

First MBAM download and installed the version will be current only. Second, your not giving any info we need to help. You don't know the machine is clean. There are no solutions you think are needed vary by each machine. Those that you link to are either still in progress or as you noticed, the user didn't follow through. I'm betting since you can't update your not clean. But since your not willing to cooperate, this will remain one more unsolved.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.