Tuesday Tech Bench:: Malwarebytes is not the sole answer to spyware

The Tech Bench is an article series targeting the IT professionals who fix the everyday problems we all see. There may be information here that confuses the typical computer user. Consider yourself warned.

For IT professionals, Malwarebytes Anti-Malware is one of the best tools available for defeating spyware and other nasty things on a computer. However, there's some occasions where this solution is not able to be done.

Many posts about Antivirus 2009, for example, explain they have this fake antivirus program installed on their computers. The IT consultant quickly explains "Get Malwarebytes!". The great part about Antivirus 2009, and other newer spyware applications, is that they block Malwarebytes, or other files from being run.

New-age spyware modifies the \Windows\SYSTEM32\Drivers\Etc\Hosts file to give redirects to ensure you can't download Malwarebytes. The currently running processes check the filenames and version information of all files run against a list. If Malwarebytes is the name of the application, or "mbam.exe", the file won't run.

I was able to get around the limitation by editing the Malwarebytes installer to be by Maaaaaaaaaaa or whatever other 12-character word of your choice. XVI32 is the weapon of choice. By renaming all of the file specifics, I was able to install Malwarebytes and run it on an infected machine.