M.L. <me@privacy.invalid> wrote in
news6tjk41bbfuljaookfkosko830la5r8jlv@4ax.com:

>>>>> By the way, certain variants of the AV2008/AV2009 bug are now
>>>>> blocking MalwareBytes from being installed on infected machines.
>>>>> Normal workarounds (changing the name of the installation file,
>>>>> trying to install in Safe Mode, etc) seem ineffective. I'm sure
>>>>> you're aware of this already, but thought I'd mention it.
>>>>
>>>>We are aware of this. It's actually a TDSS rootkit variant that
>>>>typically gets installed along with AV2008/2009 that is blocking us.
>>>>Once the driver is disabled however, we own it pretty quick.
>>>
>>> How would one disable the rootkit driver?
>>
>>There are several methods of disabling it. It's a system level driver,
>>so depending on the version, you can ask windows to unload it. I'm
>>sorry about the evasive answering, but I really can't go into details.
>>
>>A handy cd that can usually disable the rootkit for you:
>>
>>http://www.free-av.com/en/tools/12/a...ue_system.html
>>
>>Use that cd first, then you can take advantage of MBAM and various
>>other utilities of it's nature.
>
> Thanks for your prompt reply. I already have that CD, so know I know
> when to use it to its advantage.

They update it constantly. It's most advised to use the newest you
possibly can.


--
Regards,
Dustin Cook
Malware Researcher
MalwareBytes - http://www.malwarebytes.org