UPDATE – Monday, December 6th, 2010
I have good news… I think. I haven’t had a chance to run a full battery of tests yet, but I do know that Malwarebytes is now at least installing, loading, updating, and scanning properly. Granted this was run under Windows XP within a virtual terminal… I will post more as soon as I have time.
I apologize for the delay, work is holding me up! I have had a chance to do some further testing and there seem to be some issues, but nothing that prevents Malwarebytes from being utilized though.
What I’ve noticed so far:
Switching tabs within the main GUI creates rapid flickering within the GUI itself and the only way to get the updates to take is by clicking the Updates tab, clicking back on the Scanner tab, then clicking the Check for Updates button. The GUI then needs to be exited and restarted to begin a scan. Scanning proceeds as it should, deletions seem to work fine as well. As with the previous versions, you will have at least 1 infection claimed within wine itself… I will post details later when I get a chance to put together a complete package… Should be later this evening.
I have uploaded both the ISO (sPCpup-431_wine138.iso) as well as the latest wine build (wine-1.3.8.pet). The directions below still apply… Let me know if you find any issues.
…the wine file c:\windows\system32\winnls32.dll is found to be infected with Trojan.Tracur. This, of course, is a false positive and can be safely ignored.
—————————————
Good day to you all, this is Ted from slighPC’s and I wanted to comment about the drastic increase in harmful malware (malicious software). Recently I have been subjected to an incline of issues pertaining to Windows malware infections and the numerous major issues stemming from them. In this article I plan on portraying a worst-case-scenario and discussing the methods to resurrect a Windows machine from the dead so to speak.
Windows will not boot no matter what is done. All suggested fixes and resolutions have been implemented and the machine is still non-functional. This is becoming more and more prevalent in my experiences and for me personally… I feel defeated if I have to resort to a clean install to rectify any issue.
That said, most computer shops would recommend a reformat and clean install at this point… but what about my Programs and Data, you ask? Most if not all data could theoretically be saved to external media and re-populated after a clean install. This though, has been the case in very few of my experiences. The main problem seems to be following software data backup procedures prior to issue occurrences. For example, Outlook by default saves data in an OST file which cannot be restored without additional resources or 3rd party application(s). This data would need to be saved as a PST file from within Outlook itself, which can be restored. Programs or applications are an entirely different story due to their use of the underlying Windows components such as the registry… sadly I have never found a sure-fire, completely successful path to restoring single applications after a clean OS install. Due to these setbacks I have always made it a point to investigate every avenue to performing a full repair, leaving the reformat as the ultimate last resort. …Enough with the technical jargon, let’s get on with the fixing!
External OS Scan Procedure (Use at your own discretion as these directions are provided without warranty and we cannot be held liable for any damages as a result of using these directions… We are here to help though, so please keep us posted with any success or failure information and we will be more than happy to provide our assistance and expertise.)
Requirements to run an external OS scan
Broken Windows box with:
CD-ROM boot capabilities
392MB RAM minimum (512MB recommended)
First you’ll need to burn our custom Linux liveCD by following the post “How to burn an ISO file to CD from within Windows“.
Boot from your Linux liveCD
Insert the CD in your CD or DVD-ROM and reboot your computer. You may have the option to select your boot device without changing the BIOS (e.g. Dell machine boot device selection is typically tied to the F12 key). As the OS is booting you will be asked to select your keyboard and video settings (keyboard layout is self-explanatory and the video selection should work fine under Xorg… if you have issues choose Xvesa).
Setup the Network connection
Click on Menu (bottom left corner) -> Setup -> Network Wizard
Depending on your interfaces, you selection may vary. For most will select eth0 by clicking the button conveniently labeled eth0; click the Auto DHCP button to acquire an IP address. You will have the option to save the settings to automatically establish a connection on the next boot (so long as your on the same machine). Click Done and if all went well, you now have Internet access.
Download and Install Malwarebytes’ Anti-Malware from within Linux
Use the default browser to download Malwarebytes’ Anti-Malware free version.
Click on Menu -> Internet -> Opera Browser/Mail/Chat
Ok the Opera update pop-up dialog box and replace the URL bar contents:
file://localhost/usr/share/docs/home.htm
with the Malwarebytes’ Anti-Malware site URL below:
http://malwarebytes.org
and then press the Enter key on your keyboard.
Locate and click on the button “Download free version” on the left hand side of the page.
Save the file to the default location (/root) for ease of use with these directions.
Click on Menu -> Utility -> Terminal
In the Terminal window type the following command to begin the Malwarebytes’ Anti-Malware installation:
wine ~/mbam-setup.exe
Follow the prompts and take the defaults as you would in any Windows environment. You will notice a bit of output in the Terminal window as your installation is taking place. This is strictly informational unless of course any issues arise, in which case I would recommend posting your errors to allow us to get you back on track. After the installation is complete and the database is updated you should see the Malwarebytes’ Anti-Malware window appear. Before we begin the scan we will need to mount as well as add our Windows drive to wine. So at this point we will want to close Malwarebytes’ Anti-Malware by clicking on ‘Exit” in the bottom right corner of the window.
Mounting and Adding your Windows partition to Linux
To mount your Windows partition we will first need to locate it. Depending on the make and model of your machine you will most likely have multiple partitions. For example, newer Dell models typically house three separate partitions (a tiny utility partition, a Windows partition, and an image restore partition). The easiest way to locate the correct partition is by mounting each drive labeled sda1, sda2, sda3, etc. (for IDE drives your labels would be represented as hda1, hda2, hda3, etc.) from your desktop and searching for the ‘OS’, ‘Program Files’, and ‘User Profiles’ folders. For Windows XP and Windows Vista installs we would generally be searching for a ‘Windows’ OS (Operating System) folder. For Windows upgrades this may be labeled as Winnt. The ‘Program Files’ directory should be housed in the same location for both XP and Vista. The User Profiles directory should be labeled ‘Documents and Settings’ for XP and ‘Users’ under Vista. Once you have located these three folders you more than likely have the correct partition mounted and ready to go.
From here we will need to add our partition to the wine configuration. First we will need the correct path to the mount. You will need to note the drive label you found the ‘OS’, ‘Program Files’, and “User Profiles’ directories under. In this case we’ll use ‘sda2′.
Click Menu -> Utility -> Wine Config, then click on the ‘Drives’ tab in the Wine Configuration window. You should see the current ‘Drive mappings’ listed as:
C: ../drive_c Z: /Click the button labeled ‘Add…’, leave the default drive letter as ‘D:’ and click OK. Now with ‘D:’ highlighted blue click ‘Browse…’ to the right of ‘Path:’, then click the ‘+’ next to ‘mnt’ in the Browse for Folder window. Click on the the folder we noted from the steps above. In our case we would click on the folder sda2 and click OK. At this point the ‘Path:’ should be populated properly (in our case ‘/mnt/sda2/’). Click ‘Apply’, then ‘OK’ and now we have added our Windows partition to wine.
Running the scan
Open Malwarebytes’ Anti-Malware by clicking Menu -> Other -> Malwarebytes’ Anti-Malware.
Leave the default method ‘Perform quick scan’ and click on the ‘Scan’ button.
Viewing and Removing the infections
After the scan has completed a new dialog box will appear stating The scan completed successfully. Click ‘Show Results’ to display all objects found. Click OK, then click ‘Show Results’ in the bottom right corner. A list of all infections should appear. At this point we are ready to remove all of the infections found by clicking on ‘Remove Selected’ in the bottom left corner and a log file will appear at focus on your desktop.
I would recommend saving the log file to the Windows partition by clicking on ‘File’ -> ‘Save as…’. In the new window click the drop-down arrow to the right of ‘Save in:’ and click on ‘My Computer’. You should now see ‘(C:)’, ‘(D:)’, and ‘(Z:)’ listed, double-click on ‘(D:)’ and give your log a name by filling in the ‘File Name’ text box with ‘mbam-todaysDate’ (Eg. mbam-01-04-10). Then click on the ‘Save’ button and your log file will be located at the root of your Windows partition.
I will assume after you have saved the log file that you will be looking at a Malwarebytes’ dialog window stating ‘All selected item removed successfully… Your computer needs to be restarted to complete the removal process. Would you like to continue?’. From here we want to click on the ‘Yes’ button. If your machine does not initiate a restart automatically you will want to click Menu -> Log Out, and then click on the ‘Restart’ button in the middle of the dialog window. At this point you will be asked if you’d like to Save your Session. For the purpose of simplicity will will select ‘DO NOT SAVE’ by using the right arrow key to select and the enter key to acknowledge. Just after your machine powers down remove the CD-ROM and let Windows (with fingers crossed) boot normally.
Back in Windows (Hopefully…)
Once the machine boots into Windows we should be able to access the Internet to download a copy of Malwarebytes’ Anti-Malware to finish the disinfecting process.
Previous 
Next 
Categories
Tag Cloud
Blog RSS
Comments RSS
Last 50 Posts
Back
Void 
Life 
Earth 
Wind 
Water 
Fire
Hi, interesting post. I have been wondering about this topic,so thanks for posting. I’ll definitely be subscribing to your site. Keep up the good posts
great post, thanks for sharing
Thanks for the comment as it is much appreciated. I know it’s been quite some time since I’ve had a chance to update the site due to time restrictions (work and family), and I apologize for this. On another note, If you, or any one else, have any contributions (good articles, information, success stories, etc…) please feel free to sign up share them with us.
I apologize for leaving you hanging for so long. I have however, been testing the wine developments as they come along without success. It seems that the MalwareBytes team has intentionally modified their software to fail in a pre-install environment (assuming this from multiple readings), and this seems to effect the wine environment as well. To answer your question, I have not been able to get MBAM to run successfully via wine since (I believe) v1.45.
Great post man! I always follow your blog because it is full of compelling information about various things. I like to read this post because I met so many new facts about it actually. It’s really great that I noticed this post. Thank you very much again for sharing this informative article. Many thanks,
wow account
It seems that this does work when using version 1.43 of MalwareBytes, but if I try to install the latest version, 1.46, wine crashes and it will not install. Are you going to be updating the puppy iso so the newer version of MalwareBytes works.
Thanks for your work, I have been looking for something like this for a while. Keep up the good work.
I apologize for the late response… It’s been a long day.
Yes there are quite a few files under Wine that are flagged as infections, but in actuality they are just false-positives. Although this has been noted in the comments, I have yet to update the actual post.
Were you able to complete a full scan? If the answer is no, can you pinpoint the file name that the crash occurs on?
I am using mbam 1.44 database version 3864
those are just files. memory modules were:
c:windows.system32/setupapi.dll
c:windows.system32/advpack.dll
c:windows.system32/spoolss.dll
c:windows.system32/crtdll.dll
c:windows.system32/winealsa.drv
c:windows.system32/msacm32.drv
c:windows.system32/midimap.dll
unable to save logfile from mbam version manually copied by typing what was found in quick scan files were from wine c:
trojan.vundo.h file C:windows/system32/setupapi.dll
trojan.vundo.h file C:windows/system32/winemapi.dll
trojan.vundo.h file C:windows/system32/advpack.dll
trojan.vundo.h file C:windows/system32/spoolss.dll
trojan.vundo.h file C:windows/system32/crtdll.dll
trojan.vundo.h file C:windows/system32/winealsa.drv
trojan.vundo.h file C:windows/system32/msacm32.drv
trojan.vundo.h file C:windows/system32/midimap.dll
trojan.vundo.h file C:windows/system32/acledit.dll
trojan.vundo.h file C:windows/system32/aclui.dll
trojan.vundo.h file C:windows/system32/activeds.dll
trojan.vundo.h file C:windows/system32/actxprxy.dll
trojan.vundo.h file C:windows/system32/authz.dll
trojan.vundo.h file C:windows/system32/avicap32.dll
trojan.vundo.h file C:windows/system32/avrt.dll
trojan.vundo.h file C:windows/system32/capi2032.dll
trojan.vundo.h file C:windows/system32/cfgmgr32.dll
trojan.vundo.h file C:windows/system32/clusapi.dll
trojan.vundo.h file C:windows/system32/compstui.dll
trojan.vundo.h file C:windows/system32/cryptnet.dll
trojan.vundo.h file C:windows/system32/ctapi32.dll
trojan.vundo.h file C:windows/system32/dciman32.dll
trojan.vundo.h file C:windows/system32/ddrawex.dll
trojan.vundo.h file C:windows/system32/dnsapi.dll
trojan.vundo.h file C:windows/system32/dpwsockx.dll
trojan.vundo.h file C:windows/system32/drmclien.dll
trojan.vundo.h file C:windows/system32/dssenh.dll
trojan.vundo.h file C:windows/system32/faultrep.dll
trojan.vundo.h file C:windows/system32/fltlib.dll
trojan.vundo.h file C:windows/system32/fusion.dll
trojan.vundo.h file C:windows/system32/fwpuclnt.dll
trojan.vundo.h file C:windows/system32/gdiplus.dll
trojan.vundo.h file C:windows/system32/glu32.dll
trojan.vundo.h file C:windows/system32/gpkcsp.dll
trojan.vundo.h file C:windows/system32/hlink.dll
trojan.vundo.h file C:windows/system32/hnetcfg.dll
trojan.vundo.h file C:windows/system32/httpapi.dll
trojan.vundo.h file C:windows/system32/icmp.dll
trojan.vundo.h file C:windows/system32/ifsmgr.vxd
trojan.vundo.h file C:windows/system32/imaadp32.acm
trojan.vundo.h file C:windows/system32/imagehlp.dll
trojan.vundo.h file C:windows/system32/inetcomm.dll
trojan.vundo.h file C:windows/system32/inetnib1.dll
trojan.vundo.h file C:windows/system32/infosoft.dll
trojan.vundo.h file C:windows/system32/initpki.dll
trojan.vundo.h file C:windows/system32/inkobj.dll
trojan.vundo.h file C:windows/system32/inseng.dll
trojan.vundo.h file C:windows/system32/itircl.dll
trojan.vundo.h file C:windows/system32/loadperf.dll
trojan.vundo.h file C:windows/system32/mcicda.dll
trojan.vundo.h file C:windows/system32/mciseq.dll
trojan.vundo.h file C:windows/system32/mlang.dll
trojan.vundo.h file C:windows/system32/mmdevapi.dll
trojan.vundo.h file C:windows/system32/mmdevldr.vxd
trojan.vundo.h file C:windows/system32/monodebg.vxd
trojan.vundo.h file C:windows/system32/mprapi.dll
trojan.vundo.h file C:windows/system32/msadp32.acm
trojan.vundo.h file C:windows/system32/mscat32.dll
trojan.vundo.h file C:windows/system32/mscoree.dll
trojan.vundo.h file C:windows/system32/msdaps.dll
trojan.vundo.h file C:windows/system32/msg711.acm
trojan.vundo.h file C:windows/system32/msgsm32.acm
trojan.vundo.h file C:windows/system32/msimg32.dll
trojan.vundo.h file C:windows/system32/msisip.dll
trojan.vundo.h file C:windows/system32/msisy.ocx
trojan.vundo.h file C:windows/system32/msnet32.dll
trojan.vundo.h file C:windows/system32/mssign32.dll
trojan.vundo.h file C:windows/system32/mssip32.dll
trojan.vundo.h file C:windows/system32/msvcr71.dll
trojan.vundo.h file C:windows/system32/msvcrt20.dll
trojan.vundo.h file C:windows/system32/msvcrt40.dll
trojan.vundo.h file C:windows/system32/msccrtd.dll
trojan.vundo.h file C:windows/system32/nddeapi.dll
trojan.vundo.h file C:windows/system32/netapi32.dll
trojan.vundo.h file C:windows/system32/newdev.dll
trojan.vundo.h file C:windows/system32/ntdsapi.dll
trojan.vundo.h file C:windows/system32/odbc32.dll
trojan.vundo.h file C:windows/system32/odbccp32.dll
trojan.vundo.h file C:windows/system32/olecli32.dll
trojan.vundo.h file C:windows/system32/oledb32.dll
trojan.vundo.h file C:windows/system32/olesvr32.dll
trojan.vundo.h file C:windows/system32/pdh.dll
trojan.vundo.h file C:windows/system32/powrprof.dll
trojan.vundo.h file C:windows/system32/propsys.dll
trojan.vundo.h file C:windows/system32/qedit.dll
trojan.vundo.h file C:windows/system32/qmgrprxy.dll
trojan.vundo.h file C:windows/system32/rasipi32.dll
trojan.vundo.h file C:windows/system32/rasdlg.dll
trojan.vundo.h file C:windows/system32/resutils.dll
trojan.vundo.h file C:windows/system32/rtutils.dll
trojan.vundo.h file C:windows/system32/sccbase.dll
trojan.vundo.h file C:windows/system32/secur32.dll
trojan.vundo.h file C:windows/system32/security.dll
trojan.vundo.h file C:windows/system32/sensapi.dll
trojan.vundo.h file C:windows/system32/slc.dll
trojan.vundo.h file C:windows/system32/snmpapi.dll
trojan.vundo.h file C:windows/system32/softpub.dll
trojan.vundo.h file C:windows/system32/sti.dll
trojan.vundo.h file C:windows/system32/sfc.dll
trojan.vundo.h file C:windows/system32/sfc_os.dll
trojan.vundo.h file C:windows/system32/slbcsp.dll
trojan.vundo.h file C:windows/system32/sti.dll
trojan.vundo.h file C:windows/system32/svrapi.dll
trojan.vundo.h file C:windows/system32/sxs.dll
trojan.vundo.h file C:windows/system32/t2embed.dll
trojan.vundo.h file C:windows/system32/tapi32.dll
trojan.vundo.h file C:windows/system32/traffic.dll
trojan.vundo.h file C:windows/system32/unicows.dll
trojan.vundo.h file C:windows/system32/updspapi.dll
trojan.vundo.h file C:windows/system32/userenv.dll
trojan.vundo.h file C:windows/system32/usp10.dll
trojan.vundo.h file C:windows/system32/vdhcp.vxd
trojan.vundo.h file C:windows/system32/vdmdbg.dll
trojan.vundo.h file C:windows/system32/vmm.vxd
trojan.vundo.h file C:windows/system32/vnbt.vxd
trojan.vundo.h file C:windows/system32/vnetbios.vxd
trojan.vundo.h file C:windows/system32/vtdapi.vxd
trojan.vundo.h file C:windows/system32/vwin32.dll
trojan.vundo.h file C:windows/system32/w32skrnl.dll
trojan.vundo.h file C:windows/system32/wbemprox.dll
trojan.vundo.h file C:windows/system32/wineaudioio.drv
trojan.vundo.h file C:windows/system32/winecoreaudio.drv
trojan.vundo.h file C:windows/system32/winedos.dll
trojan.vundo.h file C:windows/system32/wineesd.drv
trojan.vundo.h file C:windows/system32/winejack.drv
trojan.vundo.h file C:windows/system32/winejoysick.drv
trojan.vundo.h file C:windows/system32/winenas.drv
trojan.vundo.h file C:windows/system32/wineoss.drv
trojan.vundo.h file C:windows/system32/wing32.dll
trojan.vundo.h file C:windows/system32/winnls32.dll
trojan.vundo.h file C:windows/system32/wintab32.dll
trojan.vundo.h file C:windows/system32/wmi.dll
trojan.vundo.h file C:windows/system32/wmiutils.dll
trojan.vundo.h file C:windows/system32/wnaspi32.dll
trojan.vundo.h file C:windows/system32/wow32.dll
trojan.vundo.h file C:windows/system32/wtsapi32.dll
trojan.vundo.h file C:windows/system32/wuapi.dll
trojan.vundo.h file C:windows/twain_32.dll
trojan.vundo.h file C:windows/system32/dmusic.32.dll
full scan failed to complete program crashed no error message. only a http to send the fact that it crashed to. will run quick scan to test results.
I have got it running on wine in the puplet on usb flash drive. mounted sda1 my windows drive. the drive has no spyware on it i have scanned it with mbam in that drive from normal and safe mode as well as from a clone harddrive of windows xp pro. so its clean. i am getting false positives on what seems to be windows system 32 .dll files from the emulated mbam on the puplet. aproxamatley 146 of them. i am just trying to get this to work so i can use it in the field. i do not have infection myself. if i did it would be fixed instantly. im running it to get you a log file on these settings wine config drive d: = /mnt/sda1 mbam scan = full scan wine drive d: /mnt/sda1. scan takes long time massive drive. if too large log will do segments.
yeah i got a little anxious and left all three checked, C: D: and Z: where Z: appears to contain my sda2, as I now see its scanning that whole directory now
I skip the wine drive (C:) scan altogether. Although, I believe Malwarebytes’ sees this drive as the primary and runs a quick scan anyway. So you will still have false positives on your list. We’re only really concerned with the Windows drive findings though.
As far as the registry goes, the quickscan of the wine drive includes the wine registry. I believe a Windows registry scan would involve loading the hives previous to the scan, on that note, I’m not sure if Malwarebytes’ would even acknowledge the hives. Don’t quote me on that as I may be dead wrong. Typically the scan is enough to get back to Windows and finish the disinfecting via a full Windows based Malwarebytes’ scan.
OK here is another question, Do you really need to scan the “c:” drive as this is just a fake drive created for wine, correct? So would skipping that drive eliminate the false positives? or does the “c:” drive link to the real windows registry files? This is assuming I used your instructions and did not port the real ones into wine.
Yes, I have noticed that many of the files housed under wine are claiming to be infected. This is nothing to worry about though, as they are false-positives and will not harm your Windows install. …Keep the questions coming, I rather enjoy sharing what I can.
In 4 minutes, it seems to have found 146 objects infected, Am I correct in guessing that if it was not reading the windows drive, it would find nothing, as there should be no malware on the live cd, correct? I’m sorry for punishing you with these perpetual questions.
I tried to mount it via terminal with ln -s /mnt/sda2 d: It seems like that may have worked, but i have been fooled in the past.
No problem. It seems, most likely, to be an issue with the wine configuration. Try this:
Connect to the Internet
Menu -> Setup -> Network WizardOpen a terminal
Menu -> Utility -> Terminaland run the following:
rm -Rf ~/.wine; winetricks vb6run vcrun6 native_oleaut32Follow the prompts for the (2) installations; repeat the wine partition mount (hopefully with success) and let me know if the matter needs more attention.
Thanks for the reply, and the understanding nature. I made a slight mistake as it is sda2, yes i can open it from the desktop, I seem to be able to browse it. I don’t know how to mount it to wine ( i think this is where my problem is) I goto Wineconfig, and when i click on the drives tab, i get failed to connect to the mount manager
No worry’s on the post as I will combine the two in the correct location.
Wine should not start automatically, the
killall -9method is only necessary to rid the system of any defunct wine processes, so I am not surprised by the results. What happens when you double-clickhda2from the desktop. Does the partition mount successfully? If so, can you browse through the directories? If yes, do you receive any error messages when adding the partition to wine?It appears my last post went into the wrong page, so forgive me if this is a double post.
I also have the inability to mnt hda2, it also seems that wineserver is not a process that is running
With this, “typing ps awux |grep wine to verify the running processes” I get some output…., with this “killall -9 wineserver to kill off the entire process tree.” I get no process killed.
I am using the sligh version of your live disc
@tdurbin
Sorry, I’m so late getting back with my reply.
After running a full scan and clean with Malwarebytes in Linux again, I tried loading up windows and doing a scan in there. It found some, but whatever there wasn’t close to the same amount that it found when running in Linux. It seemed to have helped at least. Sadly I have already reformatted this computer just to make sure there was nothing else hanging on in there so I can’t post a log. If I run across the same issue again, I’ll be sure to keep a log and let you know.
Thanks for the help and the great puppy distro
Marc, anytime… I can’t express the joy I get contributing my efforts to the open source revolution. Regarding your issue. It’s possible that wineserver is running in the back ground, possibly hung. You can try opening a Terminal and typing
ps awux |grep wineto verify the running processes, andkillall -9 wineserverto kill off the entire process tree. Then try again to add the drive letter via winecfg.Thanks for your help! I switch to Puppy 43 NOP and all works as advertised. One more question. When mounting the drive using Wine Config I get an error that says “Failed to connect to the Mount Manager, The drive configuration cannot be edited. Did I miss something?
Marc, No problem, glad to hear you found it useful. I am not positive as we use the NOP (Nearly Office Pup) to build and work with. What version of wine are you using? We utilize wine 1.1.35 and winetricks to install vb6run, vcrun6, and native_oleaut32 previous to the install. Feel free to post your mbam installation output and we can try to deduce the issue(s).
If you believe that the install went without issue you can try using the command line to run malwarebytes’ by typing in
wine "/root/.wine/Program Files/Malwarebytes' Anti-Malware/mbam.exe".Thanks for your help on this. I’ve been trying to figure out how to run MBAM from Puppy for about six months now. All when well follwoing your instructions however, After installation I don’t have a Menu\Other option in my distro. It is Puppy 4.3.1. Can you help?
Usul, that does sound odd, by chance would you mind posting your Malwarebytes’ log file?
I don’t think this is working right. I am trying this on a computer and everything seems fine. I can download, install and run Malwarebytes just fine. When it shows me the results of infections it found 146 the first time. I told it to clean the infections and just like normal it said it cleaned some and others will be cleaned on a reboot. The only problem is that it seems like it isn’t actually deleting or quarantining the files. I tried a reboot without saving the puppy settings and then loaded back in to puppy to run another scan. After I get everything set up again and run another scan I get the exact same number and files of infections.
Does anyone have any ideas on why it’s not getting rid of the files? Thanks for the help.
Nils, Glad to hear the good news and thank you for the feedback.
Ted
tdurbin, I used the download you suggested (the one with wine installed), followed your instructions and got MalwareBytes to run. All is now well.
Thanks.
Nils Hokansson
Janina, Try this. Click on Menu -> Network -> Roaring Penguin PPPOE, in the new window click on SETUP and a terminal input window will appear requesting your user name, interface (you can most likely take the defaults), connection (demand or permanent, keep the default here), DNS information (I believe your DNS servers are 1st: 203.115.130.72, 2nd: 203.115.130.74), your password, firewalling (choose 0 – NONE for temporary use), accept the settings by typing “y”. Back at the GUI click on START. Good luck.
i’m having trouble connecting through the internet. i use a PPOE or DSL connection. i already entered the username and the IP address but i can’t enter my password? please help.
i connect through the internet using a PPOE or through DSL with username and password. how do i configure internet connection through linux?
Absolutely, we are here to help. Welcome to the Linux revolution, by the way… everyone has to start out somewhere. Good luck, and keep us posted.
Cheers,
Ted
First, thanks for your very prompt and complete response. You are indeed correct. I downloaded Puppy from the main Puppy site and not the one you link to in your article. I tried to find out how to install wine in the distro I got, as I suspected wine was absent from it, but did not find it to be a trivial task, especially since I am a newbie with Linux. It will be a lot easier with it already in the ISO.
Nils Hokansson
I assume that you are using a puppy distro other than that which is located under the Downloads section (puppy-431-NOP_wine-1.1.35.iso). I highly recommend using our ISO as there were customizations made to Wine, of which I could post if your interested in building your own. Most Puppy distros (Puplets) do not come with Wine pre-installed, and some are tougher to get Wine functioning than others. As well, this is probably irrelevant for the task at hand, but from your comment, it looks like there is a missing space between
wineand~/mbam-setup.exe(e.g.wine ~/mbam-setup.exe), that would display the error you are receiving. You can verify that Wine is installed by typingwine --helpin the terminal, you should see output similar to: “Usage: wine PROGRAM [ARGUMENTS...]” if you have a working application.I have a machine that will not boot, so I find your post very interesting; however, I am having trouble getting MalwareBytes installed and running. I am using Puppy Linux v4.3.1, which loads fine. I downloaded the MalwareBytes set up application and put it in the root folder. Then I tried to execute it with wine. I clicked on Menu, Utility, but did not find Terminal. Instead I found Rxvt Terminal Emulator, which I opened. I was presented with a number sign and typed wine~/mbam-setup.exe per your instructions. The response was: bash: wine~/mbam-setup.exe: No such file or directory. I tried it with a space after wine and got: Bash: wine: command not found.
I am really stuck with a dead machine, so any help you can provided will be greatly appreciated.
Nils Hokansson