As you may have noticed, MalwareBytes or MBAM, is used in a lot of our removal guides. We do this for no reason other than the fact that the program simply works well and that we can count on it to remove what it says it can. It is updated constantly throughout the day and has excellent protection on all the new malware that comes out. With that said, I feel that MalwareBytes is an important tool to have as part of your computer's security arsenal.
One of the program's nicest features is that it is free and easy to use. For those, who may want more advanced features you can purchase the commercial full version to get real-time protection that will protect you from being infected in the first place. The guide below will walk you through installing, configuring, and scanning your computer with Malwarebytes Anti-Malware.
How to use Malwarebytes Anti-Malware
- Print out these instructions as we will need to close every window that
is open later in the fix.
- Download Malwarebytes Anti-Malware, or MBAM, from the following location
and save it to your desktop:
Malwarebytes' Anti-Malware Download Link (Download page will open in a new window)
- Once downloaded, close all programs and Windows on your computer, including
this one.
- Double-click on the icon named mbam-setup.exe that should be located on your desktop.
This will start the installation of MBAM onto your computer.
- When the installation begins, keep following the prompts in order to continue
with the installation process. Do not make any changes to default settings
and when the program has finished installing, make sure you leave Launch
Malwarebytes Anti-Malware checked. Then click on the Finish button. If MalwareBytes prompts you to reboot, please do not do so.
- MBAM will now start and you will be at the main screen as shown below.
Please click on the Scan Now button to start the scan.
- If there is an update available for Malwarebytes, the program will prompt you as shown in the image below.
Please click on the Update Now button to update the programs definitions before you perform a scan. When the update has finished, Malwarebytes will automatically start to scan your computer.
- MBAM will now start scanning your computer for malware. This
process can
take quite a while, so we suggest you go and do something else and
periodically
check on the status of the scan. While the program is scanning, it
will display the amount of malware or other undesirables that it has
found. An example screen showing the scanning process can be found
below.
If you wish to see what infections were detected while it is performing the scan, you can click on the Review Detected Items link.
- When MBAM is finished scanning it will display a screen that
displays any malware that it has detected. Please note that the
infections found may be different
than what is shown in the image below.
You should now click on the Apply Actions button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the program's quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, as shown below, please click on the Yes button to allow it to do so.
- Once your computer has rebooted you can start Malwarebytes again and click on the History button to see a list of the malware that was removed and quarantined.
- You can now exit the MBAM program.
Troubleshoot Malwarebytes Anti-Malware
Below are some common errors you may run into when attempting to use Malwarebytes' Anti-Malware.
Malwarebytes' setup program closes when you attempt to install it.
If you attempt to install Malwarebytes' and the setup program automatically closes then there is a good chance that you have an infection that is trying to stop the program from installing. To get around this, try renaming mbam-setup.exe to other names like:
- mbam-setup.com
- iexplore.exe
- explorer.exe
- userinit.exe
- winlogon.exe
Malwarebytes' wont start
If you attempt to run Malwarebytes' and it does not start then there is a good chance that you have an infection that is trying to stop the program from running. To get around this, try renaming C:\program files\Malwarebytes Anti-Malware\mbam.exe to other names like:
- mbam.com
- iexplore.exe
- explorer.exe
- userinit.exe
- winlogon.exe
Error 732 when trying to update Malwarebytes' Anti-Malware
If you receive an Error 732 when trying to update MBAM it could be because you do not currently have an Internet connection or a malware has changed your connection settings so that you are using a proxy server. To make sure your connection has not been set to use a proxy server, please do the following steps:
- Please start Internet Explorer, and when the program is open, click on the
Tools menu and then select Internet Options
as shown in the image below.
- You should now be in the Internet Options screen as shown in the image below.
Now click on the Connections tab as designated by the blue arrow above.
- You will now be at the Connections tab as shown by the image below.
Now click on the Lan Settings button as designated by the blue arrow above.
- You will now be at the Local Area Network (LAN) settings screen as shown
by the image below.
Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN. Then press the OK button to close this screen. Then press the OK button to close the Internet Options screen. Now that you have disabled the proxy server you will be able to browse the web again with Internet Explorer.
How to manually update Malwarebytes' Malware Definitions
Malware may sometimes block Malwarebytes from updating its definitions in order to protect itself. If you are having issues updating and have already tried disabling any proxy servers, you can instead update the definitions manually. To do this simply copy the following files onto a USB key from a working computer that has MBAM installed and transfer them to the infected one.
Windows XP and 2000:Once the above files are copied onto a USB key, please copy them to the same folders on the infected computer.
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\rules.ref
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\actions.ref
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\swissarmy.ref
C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Configuration\database.conf
Windows Vista and Windows 7:
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\actions.ref
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\swissarmy.ref
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\database.conf
If you do not have another computer available, then you can download a self-installing rules file from the following URL. Please note that this method will install definitions that are older than the latest ones:
http://data-cdn.mbamupdates.com/tools/mbam-rules.exe
Error Code 2 when installing MBAM
If you receive an Error 2 when installing MBAM then a core executable was deleted by a malware running on your computer. To fix this we will first need to download a randomized version of mbam.exe and save it to the C:\program files\Malwarebytes' Anti-Malware\ folder. We can then run that random named executable to start Malwarebytes' and scan your computer. To do this follow these steps:
- If you receive a code 2 error while installing Malwarebytes's, please press
the OK button to close these errors as we will resolve them
in future steps. The code 2 error will look similar to the image below.
- As this infection deletes a core executable of Malwarebytes' we will need
to download a new copy of it and put it in the C:\program files\Malwarebytes'
Anti-Malware\ folder. To download the file please click on the following
link:
Malwarebytes' EXE Download
When your browser prompts you where to save it to, please save it to the C:\program files\Malwarebytes Anti-Malware\ folder. When downloading the file, it will have a random filename. Please leave the filename the way it is as it is important that it is not changed. You may want to write down the name of the file as you will need to know the name in the next step.
- Once the file has been downloaded, open the C:\program files\Malwarebytes'
Anti-Malware\ folder and double-click on the file you downloaded
in step 2.
Using Rkill to terminate infection processes that may be stopping MBAM from running
If all of these steps do not work, then you can download, or copy from a clean computer, the Rkill program and run it on the infected computer. Rkill will then try and terminate the infections that may be stopping you from installing MalwareBytes'.
When downloading Rkill, I suggest you download and try the iExplore.exe version first. Once Rkill runs, it will create a log of what applications were terminated. You can then attempt to start the installation of MalwareBytes or start the program again.
For more detailed troubleshooting information, please see this topic at the Malwarebytes' site.
By FireRat
Request more tutorials.
Email: c.m.c.firerat@gmail.com
0 comments:
Post a Comment