WOW... Highly impressed!

[flamewalker]

I just wanted to stop by and say thank you to Malwarebytes.

I am a PC technician, and I have fought the worst of the worst spyware and viruses (usually spyware than viruses nowadays). Until today. I have seen the Braviax rootkit before, but this PC I am working on today was so thoroughly infected, it is honestly the worst I have ever seen in 7 years.

It had probably well over 100 or more trojans, viruses, spyware, and rootkits. Other removal tools (the ones I could run like combofix and sdfix), and the tools i ran by taking the harddrive to another pc to scan (superantispyware, avg), removed over 1500 files and registry settings. Maybe closer to 2000. However, the pc naturally wouldn't boot afterwards. So I ran a repair install of XP, and the same red circle with a white x was still there, and popups et al. So In doing some more research on braviax, I came accross a forum where an admin (forget the board name) recommended malwarebytes tool.

So I downloaded and installed in safe mode with networking, did the update. Malwarebyte found and removed 583 additional files and settings. Some which had to be removed on reboot (the ickiest ones). I was skeptical, but upon reboot into safe mode with networking again, I was finally able to install my other tools for removal!

While it didn't remove everything, as spybot etc are finding more, it removed the worst of the worst that were preventing me from being able to progress in the removal process.

A hearty thanks from Sunny California!

[GT500]

It's good to hear that Malwarebytes helped you out. Most of those who work on it dedicate a lot of their free time to make it as good as they can, and they do their best to find as much junk as they can to not only remove, but for the Pro version to protect against. Everyone involved appreciates hearing good comments.

BTW: When you find something that Malwarebytes doesn't detect, you can always upload a sample. The guys who maintain the database won't add anything that's old, and no longer "in the wild", but if you find something they haven't heard about, then they will get it added to the database.

While it didn't remove everything, as spybot etc are finding more, it removed the worst of the worst that were preventing me from being able to progress in the removal process.

Do you know how to run Spybot from a BartPE disk?

[JeanInMontana]

Hi flamewalker and welcome to Malwarebytes. Thanks for the compliment on MBAM. We are all proud as punch of our baby.

MBAM doesn't go after tracking cookies and SBS&D does; is that what is being found? As GT500 says if it's something new and undetected please do upload a sample.

[Tarun]

MBAM is one very awesome utility. I plan to use it to replace Ad-Aware in my cleaning suggestions. I'd love to know what forum you found the recommendation on.

[flamewalker]

It was a thread on techguy.org that led me here.

There was so much crap on that pc it wasn't even funny. SuperAntispyware found probably about a dozen other things and Spybot found quite a bit more spyware after MBAM, but I couldn't even run those before I ran MBAM. Unfortunately the other programs don't keep good logs (AFAIK) to see what all it was they found afterwards.

I have always found that every Spyware busting program finds different stuff than the others. I will start running MBAM first from now on and when the others find stuff not found by yours, I will make copies/write down the settings and submit them.

I can't say I have successfully run Spybot from a BartPE disk. I have an "ultimate" boot disc that I use that I can run some stuff from though.

Thanks again!

[GT500]

I can't say I have successfully run Spybot from a BartPE disk. I have an "ultimate" boot disc that I use that I can run some stuff from though.

A BartPE disk is basically a bootable Windows Live CD with the desktop and most of the other stuff stripped out. Spybot can run from this disk, and load the registry from each hard drive or partition that it detects an installation of Windows on. This allows Spybot to run a spyware scan without the possibility of the infections interfering with it. The only major downfall to this is that even after you run the Spybot scan and remove all detections from BartPE, you must install Spybot on the computer, and then log in to each user profile and run a full scan under each user profile to ensure that Spybot has actually caught everything (which is currently my biggest complaint with Spybot, as that makes it a pain in the neck for techs like me).

With luck, Marcin will eventually add this capability to MBAM as well, so I can add it to my BartPE disk.

Anyway, to learn more about making a BartPE disk, you can navigate here.