Malwarebytes' exe wont install : Code 2 error

In a lot of cases, while you are installing malwarebytes, when you are almost finished, you get the following errors: "Unable to execute file: C:\Program Files\Malwarebytes' Anti-Maleware\mbam.exe" "CreateProcess failed; code 2. The system cannot find the file specified."



Here's a pic of the error...



This means the mbam.exe was deleted by the malware you are dealing with.

Easy workaround is, download a randomized renamed mbam.exe version from here... http://mbam.malwarebytes.org/program/random.php

Place the renamed mbam.exe in the Program Files\Malwarebytes' Anti-Malware folder on the infected PC and launch the renamed file.
Then malwarebytes should run.

In some cases, it will be needed to rename the random named mbam.exe to explorer.exe (this for example when you are also dealing with "Security Tool" or another fake scanner - you can actually bypass whatever it blocks by renaming the program/ exe file you want to run, to explorer.exe).

Once the renamed mbam.exe runs,
First step is to click the update tab in order to download the latest updates.

Then run a quick scan and let Malwarebytes quarantine what it found.
Reboot afterwards.

After reboot, it could be possible that you'll get some "bad image errors" after reboot, similar like:

To fix this, if you have Hijackthis installed, start a scan, and look under the O20 line where it says O20 - AppInit_DLLs .
It should look similar like this:

O20 - AppInit_DLLs: wisahiri.dll <== filename that was appearing in the bad images error.

Select that entry in Hijackthis and click the "Fix checked" button below.

The "posting links on google" and/or "the Google money system" scam

I'm seeing the "posting links on google" and "the Google money system" scam popping up everywhere including on twitter. I haven't read the "e-book" but I know that it's a bunch of crap. First of all it is not possible to "post links to Google or on Google". You have to write good content and then wait for google bots to scan it and add it to their search.

Where the scam comes in is when you post the ad on google you have to pay google. The people who post those ads you see are trying to get you to use your money and they simply take a cut of any money you turn over (turn over, not profit, turn over). So you can lose big but they won't because it's your money at risk. If posting links on google makes so much money would not be telling you about it, they would be doing it themselves, and doing everything they could to stop you from finding out about it and taking a cut of the money.

I've looked at some different sites about "posting links on google" or "the Google money system" (many are on Facebook) The sites are usually almost exactly the same. The "posting links on google" and "the Google money system" sites are scams! Do not fall for it. They'll charge you...

The ad says it's "free".
The signup page says it's $1.95.
The fine print says it's $47 *monthly*.

OUCH!

Bypass firewall and OpenDns at school or work

Freegate is our new favorite way to bypass firewalls and Open DNS. Not too long ago, I came across Ultrasurf. It was easiest way to access blocked sites and services at the dorms. Recently IT has figured out how to block it and they've also blocked ultrareach.com. Grrrrr!

Things looked grim at the beginning but then we discovered Freegate! This program helps millions of Internet users in China to access the Internet faster and more stably. Many users report that Freegate makes visiting overseas websites as fast as visiting local ones. Now it is available to users outside China as shareware. Without license, user may be able to use it for a few minutes. Licensed user will be able to use it up to the subscribed amount of data transfer that comes with that license. A unique encryption and compression algorithm is implemented to secure and optimize users online activities.

Version 6.80 supports simplified Chinese, traditional Chinese, English, Spanish and Farsi interfaces. If your selected language does not display correctly, please 1) download the dynamic link library (.dll) file from the Dynaweb download page, 2) place it in the same directory as Freegate's executable (.exe) file, and 3) restart Freegate.

Why Sophos Antivirus is not going to be on my PC.

Recently, I received Sophos Anti Virus from work. I just had a chance to test it; using it on a severely infected PC. The 1st problem I came across was when I allowed Sophos to uninstall 3rd party anti-virus, anti-spyware & anti-malware software. I honestly just wanted to see what Sophos Anti-virus would do on it's own.

After doing a scan with Sophos (which quarantined 6 files), I realized that it wasn't going to do much against spyware or malware. After the reboot Sophos kept throwing up messages telling me that such and such file was part of a spyware program and it wasn't able to do anything to Spyware Guard 2009.



I decided it was time to install my trusty sidekicks so I tried to install malwarebytes. Sophos didn't like that and for some reason (I think because I had allowed Sophos permission to uninstall 3rd party software). I then tried Spybot search & destroy and was not allowed to install it either. At that point I ripped out Sophos>

After ripping Sophos out I was then allowed to install 3rd party software. So, I installed malwarebytes, spybot search & destroy and Sophos (again). I wanted to give Sophos a chance so I then went ahead, as I usually do with these kind of infections, and did my patented 3 software scan with malwarebytes, spybot search & destroy and Sophos (usually I use AVG instead of Sophos).

My patented 3 software scans, in which Sophos quarantined 10 files (spybot & malwarebytes also found their share of bugs too), went as usual. Then, I waited. Usually in this same scenario, with AVG, I don't have to do much more to clean up the infected system. AVG, spybot & malwarebytes run well in tandem and spybot's "tea timer" real time feature usually catches new bugs attempting to re-infect the PC.

Within a couple of days, the same user called me back. The PC was still infected or re-infected. At that point I decided to uninstall Sophos for good. I felt that I had given it a chance on that PC. I installed AVG in the place of Sophos and AVG found several problems that Sophos did not.






Crazy enough, the 2nd scan with malwarebytes had more items (131) than the 1st scan. So, in theory while Sophos was in charge the computer had been reinfected with malware.

How to kill Spyware Guard 2008

Wow! This is a tough one to destroy. A little harder than Anti-virus 2008 because it highjacks the dns and is able to throw up some crazy sites including the message from Google telling the user that...

Google has detected unregistered Antivirus 2009 copy on your computer. Google recommends you to activate Antivirus 2009 to protect your PC from malicious intrusions from the internet.

When you click on the Google search bar you will most likely get the patented Spyware Guard "Best antiviral protection ever" window to pop up....



To get rid of Spyware Guard 2008 (or 2009) follow these steps...

1. Add opendns #'s to your local area connection... http://www.opendns.com/
2. Overwrite the host file at C:\WINDOWS\system32\drivers\etc\hosts with the host file from here... http://www.mvps.org/winhelp2002/hosts.htm Here's a direct link... http://www.mvps.org/winhelp2002/hosts.zip
3. Install and run malwarebytes from... http://www.malwarebytes.org/ here's a direct link to malwarebytes at download.com
4. Install and run Spybot search and destroy from... http://www.safer-networking.org here's a direct link to Spybot S&D at http://projects.securitywonks.net/
5. Install and run AVG free antivirus from http://free.avg.com/download?prd=afe here's a direct link to AVG free antivirus at download.com
6. Reboot and let all your antivius, antispyware & antimalware do their boot scans
7. Congratulations! You should be clean! (if not please leave a comment and I'll help you).

You many notice that in my screen shots that I'm actually using Sophos anti-virus. I recently received this software through my work. I have not formed an opinion about it yet. It's a pain to install because it takes a long time to download updates and also if you check uninstall 3rd party software; you can't install the much needed malwarebytes and spybot search & destroy.

Bypass OpenDNS & access blocked sites

Recently the I.T. staff at my College started using openDNS to block DIGG and many other sites and features (like chat software, myspace, facebook, twitter & a lot more). UltraSurf was the easiest way to access the blocked sites and services.

I downloaded the software from ultrareach.com, unzipped it, clicked on the exe and then clicked on "home". Internet Explorer popped up and I was able to go to all the sites that were blocked by our I.T. dept.

Now, I'm just wondering if it's completely safe. I searched google for others talking bad about UltraSurf but I didn't see anything that made me think it is unsafe to use. If anyone knows or thinks otherwise, please post a comment.

We used to access blocked sites with a vpn client running on an outside computer. My old roommate lived nearby and so we hijacked one of his family PCs so that we could surf through a VPN. I prefer to use realvnc.com's free vpn client. It's easy to use and best of all, it's free! If it doesn't work try a free logmein.com account. Gotomypc.com also has a great product but you'll end up paying for that.

There are some old tricks that used to work on some sites but I don't think they do anymore. This method did not work on our end on our most recent attempt. Maybe it will on yours...

If you know myspace's ip address you can type that in and it may work. If not, try this. Search on google.com.mx (mexico's google) and choose to translate myspace "Traducir esta página". Once the page has loaded into spanish you can reverse it back into English by swapping spanish (es) and english (en). This is how it will work...

http://translate.google.com.mx/translate?hl=en&sl=es&u=http://www.myspace.com/&sa=X&oi=translate&resnum=1&ct=result&prev=/search%3Fq%3Dmyspace%26hl%3Des%26sa%3DG