• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      UPDATE on Upgrade   02/07/2017

      We were somewhat delayed on getting the upgrade done, but it looks like it will now be done in the next few days or possibly even later today.   There is one change coming with the new upgrade that may affect people when they log in. There will no longer be separate Usernames and Display Names. Your Display Name will now be the only name you have for the forum and, if you used your Username to log in, you will now need to use your Display Name. It is likely that everyone who visits after the upgrade will need to log in again, so please keep this in mind.   Update again - Feb 7 - We have completed the main part of the upgrade and we are working to tweak settings for the site.  It will probably take us a while, but we will eventually settle down to the way we want it.  In the meanwhile, your posts should be secure, but the look of the forum and some functions may change over time.
    • cnm

      We backup daily at 9:00 PM Pacific Time   02/13/2017

      You may notice the forum being unresponsive for a few minutes around 9:00 PM PST (11:00 PM CST, 5:00 AM GMT) while we back up the database.
    • cnm

      Notifications blocked by Outlook.com, Hotmail, Live, etc   02/14/2017

      Our notifications are blocked by those mail servers. If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole.
TheJoker

Removal Tools: "Malwarebytes' Anti-Malware"

16 posts in this topic

How to run a scan with Malwarebytes' Anti-Malware


Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • If MBAM fails to open, refer to the MBAM FAQ for alternate ways to start the program.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections.
  • Place a checkmark in the selection box for Scan for rootkits if not already checked.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, click the Quarantine All button.
  • While still on the Scan tab, click the Export Log button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.
  • Note:
    If asked to restart the computer, please do so immediately.


    Troubleshooting MBAM Problems

    Some malware targets Malwarebytes' Anti-Malware and other cleaning tools to prevent you from using them to clean your system.

    Unable to Run MBAM

    If you attempt to run the installer for MBAM and it won't run, or starts and closes, using Windows Explorer go to the folder you saved the install program and try renaming it to one of the following file names:
    • iexplore.exe
    • explorer.exe
    • userinit.exe
    • winlogon.exe
    • mbam.scr
    Then double-click on the renamed file to try to run it. If that doesn't work, try one of the other file names above. If you are still unable to run the MBAM installer, then download and run this program to try to kill the malware process:

    Please download Rkill by Grinler from one of these links:

    Rkill.exe
    Rkill.com
    Rkill.scr
    Rkill.pif

    Save rkill.exe to your Desktop.
    Double-click on rkill.exe to run it.
    If the first one does not run successfully, try the other copies and see if one of them will run.

    Once the Rkill program has completed, then try again to run the MBAM installer.

    Once you have installed MBAM, if you try to run the program and it won't start, it may still be targeted by malware. Try the same steps that you may have had to try to run the installer program. Using Windows Explorer, go to the folder that you installed MBAM and rename mbam.exe to one of the following file names:
    • mbam.scr
    • mbam.com
    • iexplore.exe
    • explorer.exe
    • userinit.exe
    • winlogon.exe
    If you are still unable to run MBAM, Follow the same instructions in the box above to download and run Rkill, and after running it, see if you can run MBAM.

    Unable to Update MBAM

    Once you are able to start MBAM, if you receive an Error 732 when trying to update the program it could be because malware has changed your connection settings so that you are using a proxy server. To make sure your connection has not been set to use a proxy server, please do the following:
    Go to Start > Settings > Control Panel > Internet Options > Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
    In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection.

    If you are still unable to update MBAM, there are two other ways to update the program.

    1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.

    2. The other way to update the program is more complicated, but will result in the very latest update (mbam-rules.exe isn't updated as often as the online updater). Download and install MBAM on an uninfected system, start the program, and update it. Then you can copy the database file (rules.ref) from the folder below and transfer it manually to the infected system. I would recommend burning the file to CD to transfer to the infected system. If you use a flash drive, it could potentially become infected when you insert it into the infected system and then infect any other system it's inserted into. Please see this topic - USB/Flash Drive Safety/

The database file (rules.ref) is found in the following folder:

  • Windows XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
  • Windows Vista/Windows 7: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware

If you are unable to see the folder, you may need to reconfigure windows to allow you to see hidden files and folders:
XP: https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/win_fcab_show_file_extensions.mspx?mfr=true
Vista: http://windows.microsoft.com/en-us/windows/show-hidden-files#show-hidden-files=windows-vista
Windows 7: http://windows.microsoft.com/en-us/windows/what-is-hidden-file#1TC=windows-7
Windows 8: http://answers.microsoft.com/en-us/windows/forum/windows_8-files/how-do-i-find-hidden-files-in-windows-8/3923aa5f-8376-4e53-9d94-8aeecac0f3b5


More Detailed Troubleshooting Information

For more detailed information on troubleshooting MBAM, please see this topic at their website:
http://forums.malwarebytes.org/index.php?showtopic=10138

Edited by Rocket Grannie
updated links

Share this post


Link to post
Share on other sites

Thank You! so very much I followed the advice you had given to someone else and managed to get rid of a rather nasty trojan, sbmntr.exe ....... hxxp://internetsearchservice.com.

 

I hasten to add that neither SpyBot Search & Control or NOD32 AntiVirus could actually get rid of it they managed to find it all right and remove it but it kept coming back & spybot even tried at a restart/windows login before anything acually loaded up but like a bad penny there it was again.

 

I have spent all day trying various things safe mode and a host of other programs & various methods that said they could get rid of it but none worked only yours.

 

I was just about to give up and format when I googled for internetseachservice and thank god I found you! just in time lol.......

 

I have just donated $10 as a thank you for the valuable help/time you and the others give in helping the misfortunates like myself........

 

My hubby who downloaded the trojan, also thanks you as well as he is no longer getting earache from me lol

 

kind regards

 

minky

Edited by TheJoker
Active link disabled

Share this post


Link to post
Share on other sites

Thanks for another good tutorial Joker

I love all the help you guys provide and I can't wait until I can start helping :)

I have been studying daily for hours...

There is an amazing amount of tricks to the trade of bug killing :bangbang:

Share this post


Link to post
Share on other sites
Thanks buddy I wont be so quick to get rid of the logs in future ;)

 

It's worked great and managed to reomve the files but after one day they manged to get back in my pc and it's the same process again, any Ideas?.

Share this post


Link to post
Share on other sites

This isn't a help topic or a Malware Removal forum... MBAM is not able to handle every infection out there, so it is important to post in Malware Removal when it doesn't... Since you have already done that, the next step is to post the HijackThis log that was requested so that our helpers have enough information to help you...

Share this post


Link to post
Share on other sites

Saw this thread and the date of the post, couldn't find any other posts that related to my problem. My Malwarebyte program was evidently hijacked, so I changed the name to data.exe. Ran scan and it picked up alot of infections. How do I now restore it to it's normal mode?

 

 

EDIT:

You have opened a topic in Malware Removal, and received an answer. Please follow the advice given there.

Thank you.

Edited by Rocket Grannie
Request answer to topic.

Share this post


Link to post
Share on other sites
1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.

 

Hello,

 

The "Rules Link" (mbam-rules.exe) doesn't seem to be working.

 

Regards,

Stephen

Share this post


Link to post
Share on other sites
1. Download the updated rules as an installable file - download mbam-rules.exe and save it to a convenient location such as your Desktop and double-click on the program to run it, It will install an updated database for MBAM. After updating MBAM with mbam-rules.exe, run MBAM again, scan your system, and clean anything found.

 

Hello,

 

The "Rules Link" (mbam-rules.exe) doesn't seem to be working.

 

Regards,

Stephen

 

Thank you Stephen. The link has been fixed.

Share this post


Link to post
Share on other sites

I have been using Malwarebytes for a few years now and it is a great program, I use it with CC cleaner, and AVG free, and never get any serious problems. (So far)

Share this post


Link to post
Share on other sites

Hi all,

 

Thanks for nice post.

The shared information is very uesful.

Share this post


Link to post
Share on other sites

I am using malwarebytes and never thought there are more great task that can be done. Thanks

Edited by jude24

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now