imersion

Mbam won't update in safe mode

24 posts in this topic

My free copy of Mbam found 6 infections of the security virus and removed them but it is still there popping up its infction notices.

I removed them in safe mode because mbam wouldn't run in regular mode because teh virus was preventing all .exe and .com files;

so FixExe.reg wouldn't load. Undere safe mode Mbam ran nicely nd found the virus, but because there is no network connection, Mbam could not update. I figure that is the problem, but of course somethng else may be. Anyway I cold only load the Dec.20, 2009 version of Mbam.

If i buy the supported version, does it come as a more recent version? is there someay to update the freeware version and move it from an uninfected machine to the infrected machine so that I could run it in safe mode?

Share this post


Link to post
Share on other sites

Hello imersion, and welcome to the forums here at Malwarebytes.org :unsure:

Please don't purchase anything from this machine quite yet until you are sure its clean! :lol:

Do you have access to another machine that is clean?

If not, please see Issue #4 here:

http://forums.malwarebytes.org/index.php?showtopic=10138

Edit: Please try Buttons's idea below mine, otherwise proceed with my instructions.

Share this post


Link to post
Share on other sites

Hi imersion and welcome to malwarebytes'!

Actually it should be able to update in safe mode, if you selected the proper safe mode operation. When you boot into safe mode and wish to have internet access you need to select safe mode with networking.

Share this post


Link to post
Share on other sites
Hello imersion, and welcome to the forums here at Malwarebytes.org :unsure:

Please don't purchase anything from this machine quite yet until you are sure its clean! :lol:

Do you have access to another machine that is clean?

If not, please see Issue #4 here:

http://forums.malwarebytes.org/index.php?showtopic=10138

Yes i have other machines, bt htis one is quarantined because I am concerned it will infect the others over the wireless net.

Obviously there is a hole soewhere to le the XP security virus in ...

I'll check out your URL

Thanks!

Share this post


Link to post
Share on other sites
Yes i have other machines, bt htis one is quarantined because I am concerned it will infect the others over the wireless net.

Obviously there is a hole soewhere to le the XP security virus in ...

I'll check out your URL

Thanks!

Super - Just what I wnated to knw:

ISSUE: I need to get the latest database onto a computer that cannot access the Internet.

SOLUTION: You can manually copy the database from a working computer using a flash drive or CD onto the infected PC. Our database file is stored in the following locations.

◦Windows XP and 2000

◦C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref

Share this post


Link to post
Share on other sites

Awesome!

Also, if you are able to purchase Malwarebytes, it would have prevented this nasty from getting in in the first place :unsure: Malwarebytes is a one-time purchase of $24.95 for home users, and offers EXCELLENT protection along with your antivirus program.

If you still need help after that, please read the following to finish get yourself cleaned up:

Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help.

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.

Also, when replying, please use the "ADD REPLY" button or erase what the person you are replying to said, as this makes the forum easier to read.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Thank you :lol:

Share this post


Link to post
Share on other sites
Hi imersion and welcome to malwarebytes'!

Actually it should be able to update in safe mode, if you selected the proper safe mode operation. When you boot into safe mode and wish to have internet access you need to select safe mode with networking.

Tanks for the comment - but I must be doing something wrong when I boot safe mode with networking it doesn't find its way out

and I am loathe to leaave it connected to the network for too long so I didn't explore why it didn't connect to my wireless network ...

anyway I am too much of a newbie using safe mode to understand why at this point ..

Share this post


Link to post
Share on other sites

Please update Malwarebytes to its latest definitions on another machine that you have access to and pull off rules.ref as outlined in the link I gave you, and lets see if that works so that you can update Malwarebytes :unsure:

Share this post


Link to post
Share on other sites

Yes - i am very impressed with Mbam - it found this nasty xp security virus when both Macafee and symantic blithely ignored it.

I'm gonna buy it just to say thanks!

and sorry for messing up the thread by not using addreply!

Share this post


Link to post
Share on other sites

Please follow the directions adove fron mountaintree16 in Post #6 or the post below -- - You are obviously infected and no normal Quick Fix that we offer will help - This is a job for our experts only -

Thank You - :unsure:

Share this post


Link to post
Share on other sites

It's no huge deal about not using add reply, it just makes the forum much easier for everyone to read, it can get very confusing if everyone quotes everyone else.

Well thank you for purchasing!

Prior to doing so, though, I recommend that you do this first, just to ensure that you are clean, then proceed with purchasing Malwarebytes once you are confirmed to be clean :unsure:

Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

Please note that it may take 48 hours or more for you to receive a response in the malware removal forum, as it is often busy at times. Please do not reply to your own post asking for help unless its been more than 48 hours since you originally posted, as this can make it appear as though you are being helped and take longer for you to get help.

If you are unable to do all or any of the steps in the link to the directions above, just post your problem into the forum I gave you a link to anyway and someone will be able to assist you.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Thank you :lol:

Share this post


Link to post
Share on other sites

Worry not - I already removed it from another machine on the network - running win 7

so I know how to instal and use Mbam; but the procedures I used on it din't work on the XP machine

and so I had to resort to Safe Mode and that rasied this problem which you have resolved - and so i now hope it will work tomorrow.

Share this post


Link to post
Share on other sites

Alrighty.

I was just suggesting that you visit the Malware Removal Forum prior to purchasing anything from the machine in question, as this would be in your best interest not to purchase anything from an infected machine. Or you could just purchase it from a non-infected machine too.

At any rate, Malwarebytes is a great choice to add to your security setup along with your antivirus.

What are you currently using for an Antivirus by the way? I didn't see it in the thread here, but perhaps I missed it.

And I'm glad that I was able to be of help :unsure:

Share this post


Link to post
Share on other sites

And just to add, I was also recommending that you go there to ensure that your machine is totally clean, but if you are confident it is then visit the Malware Removal Forum if you want to be sure... :unsure:

Share this post


Link to post
Share on other sites
I'm gonna buy it just to say thanks!
Also, if you are able to purchase Malwarebytes, it would have prevented this nasty from getting in in the first place wink.gif Malwarebytes is a one-time purchase of $24.95 for home users, and offers EXCELLENT protection along with your antivirus program.

Bait and Sinker Set. The net is ready, I think we got him. :unsure:

Share this post


Link to post
Share on other sites

Macafee and symantic -- why do they not see this XP security virus. It is as bad as anything I have seen!

Share this post


Link to post
Share on other sites

Unfortunately, some AV's are unable to catch infections such as this one, which is why using an antivirus and an antimalware product together is recommended.

Do you have BOTH McAfee and Symantec/Norton antivirus programs installed on your computer? This is not recommend, as they can cause conflicts and actually lower your security.

Share this post


Link to post
Share on other sites

No - of course not both on the same machine - I have - my gosh - 7 machines now running vrious OSes adn AVs and now at last Mbam too;

so i will probably hae to look at the forums on how these things interact and freeze each other out :unsure:

Share this post


Link to post
Share on other sites

Ah.

Are these all home machines or?

Malwarebytes should not conflict with any AV program if it does, you just need to add the necessary exclusions:

Step 3: Exclude Malwarebytes' Anti-Malware's Files and Folders From Other Active Security Programs:

For Windows XP:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
  • C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys

For Windows Vista or Windows 7:

  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files\Malwarebytes' Anti-Malware\zlib.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
  • C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\System32\drivers\mbamswissarmy.sys

For 64 bit versions of Windows Vista or Windows 7:

  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\zlib.dll
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
  • C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
  • C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
  • C:\Windows\System32\drivers\mbam.sys
  • C:\Windows\SysWoW64\drivers\mbamswissarmy.sys

Note: If using a software firewall besides the built in Windows Firewall you'll need to exclude them from it as well

The FAQ contains examples of setting file exclusions for some known AV products.

Share this post


Link to post
Share on other sites

Yup - big family and I tend to hang on to old machines - like running an old car, I guess.

Thanks for the pointers; I knew I wold have to get down and dirty ...

Share this post


Link to post
Share on other sites

imersion,

Ah gotcha!

We have the one PC and then an old Windows 98 is in our closet... heh. And I have an old XP Laptop that I have been meaning to reformat... but I haven't gotten around to it yet :unsure:

Im just curious, what are the different OS's?

Let us know if you have any further questions!

Share this post


Link to post
Share on other sites
XP Security Tool 2010, XP Defender Pro, Vista Security Tool 2010, and Vista Defender Pro are all new rogues that are exactly the same program. They are just shown with different names and interfaces depending on the version of Windows that it is run on.

As you can see there are many "related" infections that you can get but they only use a slightly altered name - There is actually a list of about 15 items that are related - They only slightly "mutate" depending on your Operating System -

Thank you -

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.