15 replies to this topic

[TheJoker]

How to run a scan with Malwarebytes' Anti-Malware


Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

• Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
• If MBAM fails to open, refer to the MBAM FAQ for alternate ways to start the program.
• Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
• Click the Settings tab at the top, and then in the left column, select Detections and Protections.
• Place a checkmark in the selection box for Scan for rootkits if not already checked.
• Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
• If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
• The scan may take some time to finish,so please be patient.
• If potential threats are detected, click the Quarantine All button.
• While still on the Scan tab, click the Export Log button, select Text file (*.txt), and save the log to your Desktop.
• The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
• Note:
  If asked to restart the computer, please do so immediately.
  
  
  Troubleshooting MBAM Problems
  
  Some malware targets Malwarebytes' Anti-Malware and other cleaning tools to prevent you from using them to clean your system.
  
  Unable to Run MBAM
  
  If you attempt to run the installer for MBAM and it won't run, or starts and closes, using Windows Explorer go to the folder you saved the install program and try renaming it to one of the following file names:
  • iexplore.exe
  • explorer.exe
  • userinit.exe
  • winlogon.exe
  • mbam.scr
  Then double-click on the renamed file to try to run it. If that doesn't work, try one of the other file names above. If you are still unable to run the MBAM installer, then download and run this program to try to kill the malware process:
  
  Please download Rkill by Grinler from one of these links:
  
  Rkill.exe
  Rkill.com
  Rkill.scr
  Rkill.pif
  
  Save rkill.exe to your Desktop.
  Double-click on rkill.exe to run it.
  If the first one does not run successfully, try the other copies and see if one of them will run.
  
  Once the Rkill program has completed, then try again to run the MBAM installer.
  
  Once you have installed MBAM, if you try to run the program and it won't start, it may still be targeted by malware. Try the same steps that you may have had to try to run the installer program. Using Windows Explorer, go to the folder that you installed MBAM and rename mbam.exe to one of the following file names:
  • mbam.scr
  • mbam.com
  • iexplore.exe
  • explorer.exe
  • userinit.exe
  • winlogon.exe
  If you are still unable to run MBAM, Follow the same instructions in the box above to download and run Rkill, and after running it, see if you can run MBAM.
  
  Unable to Update MBAM
  
  Once you are able to start MBAM, if you receive an Error 732 when trying to update the program it could be because malware has changed your connection settings so that you are using a proxy server. To make sure your connection has not been set to use a proxy server, please do the following:
  Go to Start > Settings > Control Panel > Internet Options > Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
  In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection.
  
  If you are still unable to update MBAM, there are two other ways to update the program.
  
  1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.
  
  2. The other way to update the program is more complicated, but will result in the very latest update (mbam-rules.exe isn't updated as often as the online updater). Download and install MBAM on an uninfected system, start the program, and update it. Then you can copy the database file (rules.ref) from the folder below and transfer it manually to the infected system. I would recommend burning the file to CD to transfer to the infected system. If you use a flash drive, it could potentially become infected when you insert it into the infected system and then infect any other system it's inserted into. Please see this topic - USB/Flash Drive Safety/

The database file (rules.ref) is found in the following folder:

• Windows XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
• Windows Vista/Windows 7: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware

If you are unable to see the folder, you may need to reconfigure windows to allow you to see hidden files and folders:
XP: https://www.microsof...s.mspx?mfr=true
Vista: http://windows.micro...s=windows-vista
Windows 7: http://windows.micro...e#1TC=windows-7
Windows 8: http://answers.micro...94-8aeecac0f3b5


More Detailed Troubleshooting Information

For more detailed information on troubleshooting MBAM, please see this topic at their website:
http://forums.malwar...showtopic=10138

Edited by Rocket Grannie, 18 May 2014 - 06:17 PM.
updated links

[minky]

Thank You! so very much I followed the advice you had given to someone else and managed to get rid of a rather nasty trojan, sbmntr.exe ....... hxxp://internetsearchservice.com.

I hasten to add that neither SpyBot Search & Control or NOD32 AntiVirus could actually get rid of it they managed to find it all right and remove it but it kept coming back & spybot even tried at a restart/windows login before anything acually loaded up but like a bad penny there it was again.

I have spent all day trying various things safe mode and a host of other programs & various methods that said they could get rid of it but none worked only yours.

I was just about to give up and format when I googled for internetseachservice and thank god I found you! just in time lol.......

I have just donated $10 as a thank you for the valuable help/time you and the others give in helping the misfortunates like myself........

My hubby who downloaded the trojan, also thanks you as well as he is no longer getting earache from me lol

kind regards

minky

Edited by TheJoker, 09 May 2008 - 05:04 PM.
Active link disabled

[livenlife]

Thanks for another good tutorial Joker
I love all the help you guys provide and I can't wait until I can start helping
I have been studying daily for hours...
There is an amazing amount of tricks to the trade of bug killing

[Stoner81]

Thanks buddy I wont be so quick to get rid of the logs in future

[Killer_Klient]

Thanks buddy I wont be so quick to get rid of the logs in future

It's worked great and managed to reomve the files but after one day they manged to get back in my pc and it's the same process again, any Ideas?.

[Budfred]

This isn't a help topic or a Malware Removal forum... MBAM is not able to handle every infection out there, so it is important to post in Malware Removal when it doesn't... Since you have already done that, the next step is to post the HijackThis log that was requested so that our helpers have enough information to help you...

[higherflier]

Saw this thread and the date of the post, couldn't find any other posts that related to my problem. My Malwarebyte program was evidently hijacked, so I changed the name to data.exe. Ran scan and it picked up alot of infections. How do I now restore it to it's normal mode?


EDIT:
You have opened a topic in Malware Removal, and received an answer. Please follow the advice given there.
Thank you.

Edited by Rocket Grannie, 06 June 2010 - 11:49 PM.
Request answer to topic.

[Koops]

Thanks for the good advice!

[happygolucky]

thanks great tips here

[studiotwo]

1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.

Hello,

The "Rules Link" (mbam-rules.exe) doesn't seem to be working.

Regards,
Stephen

[Rocket Grannie]

1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.

Hello,

The "Rules Link" (mbam-rules.exe) doesn't seem to be working.

Regards,
Stephen

Thank you Stephen. The link has been fixed.

[cnm]

techmachine02 - Post was moved to its own topic Cleanall virus

[parihar7]

Hello,

thanks for this tutorial. it is realy helpful.

[Luke Clayhill]

I have been using Malwarebytes for a few years now and it is a great program, I use it with CC cleaner, and AVG free, and never get any serious problems. (So far)

[adambrown]

Hi all,

 

Thanks for nice post.

The shared information is very uesful.

[jude24]

I am using malwarebytes and never thought there are more great task that can be done. Thanks

Edited by jude24, 05 March 2014 - 09:55 AM.