Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

can't update Malwarebytes in Safe Mode to kill Security Suite virus


  • Please log in to reply
7 replies to this topic

#1 london1o1

london1o1

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 12 August 2010 - 04:37 PM

I apparently contracted the Security Suite virus on my laptop. I downloaded Piriform's CCleaner, rkill.com, and Malwarebyte's AntiMalware on my desktop, burned them to a CD, copied them to my laptop (in Safe Mode w/ Networking enabled), and ran them in the order that I just listed them. When I ran Malwarebytes, it installed, but would not allow me to download the updates. I tried to update it in regular (not Safe) mode, but the Security Suite virus wouldn't let me open the Malwarebytes app. I tried renaming the MB app, but that didn't help. I copied SUPERAntiSpyware to my laptop but it would not let me update that either. I tried connecting my laptop to the ethernet via cable instead of wireless as it normally is, and that didn't make a difference. I ran MB un-updated, hoping it might somehow find the Security Suite virus despite not being updated. A 35 minute, complete scan later, and it took issue with an svchost.exe file and a couple of pieces of Registry Data. I "Quarantined" those threats, not sure if it would be a problem if I actually deleted those files. Not sure what to do now.
Please help.

Edited by london1o1, 12 August 2010 - 04:53 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:46 PM

Posted 12 August 2010 - 08:52 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at Step 6.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Stor-A11

Stor-A11

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 12 August 2010 - 09:43 PM

Download a copy of the current (8/12/2010) rules.ref file. Copy rules.ref to "%appdata%\Malwarebytes\Malwarebytes' Anti-Malware" and re-run MBAM.

#4 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:46 PM

Posted 15 August 2010 - 04:31 AM

Please follow Orange Blossom's instructions above. If the infection is preventing MBAM from opening in Safe Mode then MBAM will be unable to target all of the malware due to active components of the infection in Normal Mode. Simply updating the rules.ref file will not change this.

~Blade

Edited by Blade Zephon, 15 August 2010 - 04:31 AM.

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#5 Stor-A11

Stor-A11

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 15 August 2010 - 03:57 PM

If the infection is preventing MBAM from opening in Safe Mode then MBAM will be unable to target all of the malware due to active components of the infection in Normal Mode.


Reread london1o1's post. MBAM opened in safe mode.

#6 london1o1

london1o1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 15 August 2010 - 11:08 PM

Download a copy of the current (8/12/2010) rules.ref file. Copy rules.ref to "%appdata%\Malwarebytes\Malwarebytes' Anti-Malware" and re-run MBAM.


Worked perfectly. Thank you all for your help.

#7 london1o1

london1o1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 15 August 2010 - 11:14 PM

Crap. Except now when I open Firefox, it tell me that "The proxy server is refusing connections." My laptop claims to be connected to my network (though IE and other software that require an internet connection are also not able to connect), and my internet is working fine on my desktop, which is connected to the same network. Did I change a setting in this process that blocks my laptop from the internet?


Scratch that. Everything seems to be working fine now. Thanks again.

Edited by london1o1, 16 August 2010 - 12:27 AM.


#8 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:46 PM

Posted 16 August 2010 - 02:04 AM

@ Stor-A11: You're right, I misread. Sorry about that.

@london1o1: Glad to hear everything appears to be working. Let us know of any further difficulties.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users