Avast WEBforum
Other => General Topics => Topic started by: polonus on December 24, 2009, 07:45:24 PM
-
Hi malware fighters,
If you have the above situation, you are in a predicament. It is not good when we have to depend only on one program to eliminate for instance Combo-script, and if that is retracted?
Some of these infections will as you mentioned not allow you to run MBAM. However, renaming MBAM usually will resolve that issue.
If you're still having issues even after renaming it, then I have had success with the following method:
NOTE: You need a clean machine to preform the following task. Download, install, and update Malwarebytes' Anti-Malware: http://www.besttechie.net/mbam/mbam-setup.exe
1. Create a folder on your desktop called Fix and put the mbam-setup.exe file in there
2. Open notepad and copy the following text into it exactly as written, then save the file as prep.bat in the Fix folder (make sure you select the drop downbox when saving the file that says "Save as type" and select "All Files"): copy "%AllUsersProfile%\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref" "%cd%" ren "%cd%\mbam-setup.exe" 12setup.exe
3. Double click the prep.bat file you just created, the setup file should now be renamed and you should now have a file called rules.ref in the folder with it.
4. Create another batch file called install.bat and save it in the same folder:
copy rules.ref "%AllUsersProfile%\Application Data\Malwarebytes\Malwarebytes' Anti-Malware"
ren "%systemdrive%\Program Files\Malwarebytes' Anti-Malware\mbam.exe" mscan.exe
"%systemdrive%\Program Files\Malwarebytes' Anti-Malware\mscan.exe" /quickscan DO NOT EXECUTE INSTALL.BAT YET - IT WILL BE USED ON THE INFECTED MACHINE LATER
5. Copy the folder you created containing the setup file, the rules.ref file and the 2 batch files to a flash drive or writable CD and copy the folder to the desktop of the infected computer. Once it's there, run 12setup.exe and after the installation is complete, double click on the second batch file you made called install.bat. Malwarebytes' should now run and scan your computer for infections. Once the scan completes, remove any infections it finds and reboot if necessary.
This should work pretty flawlessly according to the source of this work-around BT admin
Let us know how it works,
polonus
-
Thank you polonus!
I sure wish there was a forum category for things like this so they could be sticky'd.
Merry Christmas.
-
yes alan I too think the same way..
sir pol, why don't put all these work arounds, tutorials, tips(what ever you wanna call them..) into one thread? they will be easily accessible. I would love to see them in one thread.
thoughts?
nmb
-
***
Good idea, nmb. :)
What do you think about doing that, Polonus?
( Well, at least think about doing that from now on as it would be a tough search finding some of your older tutorials & tips. )
***
-
Hi CharleyO, nmb and Alan !Cvette,
Well, my good forum friends, I have put the link here: http://forum.avast.com/index.php?topic=37542.15
More to follow there, I think it is an appropriate place..
Hi Charley, your threat thread should also be given sticky status, I vote for that else people will not find it easy...but the issues there should also be put independently so the forum users will notice what they think is interesting...and they're is also the weird forum animal ;D that does not like stickies like foo-bars,
polonus
-
I think that false positive sticky can be removed now.. what say friends?
nmb
-
Thank you polonus!
I sure wish there was a forum category for things like this so they could be sticky'd.
Merry Christmas.
Hi...
Yes, and this post by Polonus should definately be included! :)
May God bless you :)
-
When I see valuable tips like this, I've started keeping them using notepad or wordpad in a folder titled "how to".
I've also started keeping screenshots that are often used in this folder.
Makes helping out a bit more streamlined, and saves the sometimes legthy process of trying to find a thread that might be pretty old by the time I need to use it, even if remembered.
Going to start pinning the URL of where I found it to the top of each notepad file.
Seems to work.
-
Stickies aren't needed if you make frequent entries into one post.
When something new is added, it rises back to the top right under the current stickies. :)
If you have to many stickies, you'll eventually wind up starting new things on page 2 or 3 depending
on how many items you tag as stickies.
-
Hi bob3160,
I considered that and used an existing one and changed the description accordingly,
Damian
-
That'll work. :)
-
Thnx polonus :)
Greetz, Red.
-
I think this problem has been fixed in Version: 1.42
I am not sure but I think so
-
I think this problem has been fixed in Version: 1.42
I am not sure but I think so
Why would you think that?
I believe the issue is more to do what settings the malware has made to the computer, rather than any deficiency in MBAM.
-
Recent Changes
(FIXED) Minor issue during reboot after malware cleanup.
(FIXED) Various errors during scan.
(FIXED) Improved multiple heuristics.
(FIXED) Minor issue while removing items from ignore list.
(ADDED) Internet Explorer version included in scan logs.
(ADDED) Protection logs now show on Logs tab.
(ADDED) Ability to ignore blocked IP addresses permanently.
(ADDED) 64-bit compatibility for context menu.
-
Saw that.
I don't think that "minor issue" relates to this thread.
This thread is about the situation where the malware actually blocks the user from attempting to install or run MBAM.
This happens quite a lot, depending on the malware.
-
There was a frequent start up problem whenever Malwarebytes removed a rootkit. I though this topic referred to it.
Thanks for the clarification
-
There are many instances where MBAM does not start.
Example:
http://www.malwarebytes.org/forums/index.php?showtopic=34481
ISSUE: #6
http://www.malwarebytes.org/forums/index.php?showtopic=10138