Scope (?):  All Topics
2 4 6
10 8 2
Hot or Not?

Stop Malware By Changing Security App File Extensions

submitted on April 30, 2010 by pablos17 in "Member's Lounge"

One thing I've found with a number of the malware infections that come across my workbench is that they do their best to make it difficult to run cleanup tools like MalwareBytes and SmitFraudFix.

In typical malware author fashion, however, their application-blocking abilities are lazily programmed and pretty easy to sidestep. Here's what I do when an infection won't let me run my favorite tools: find the tool I need to run and change its extension from .EXE to .COM.

Windows still knows how to execute .COM files, but most malware isn't smart enough to intercept this less-used extension. Make the change, and you've got an easy workaround to let you run Malwarebytes and some of the other tools you need to clean even a heavily-infected system.

To change a file's extension, open any folder on your computer and go to tools -> folder options (you can also find Folder Options in the Control Panel). Click the view tab and remove the check mark next to hide extensions for known file types. You can now click on the file (mbam.exe above), replace the exe with com, and launch your app despite the malware's best efforts to stop you!

This won't work with every infection, of course, but it has helped me out of a jam on several occasions.


Leave a Comment (members Sign in to comment)


E-Mail (will not be published)

2 x 3 = ?


'Mr Green''Neutral''Twisted''Arrow''Eek''Smile''Confused''Cool''Evil''Big Grin''Idea''Red Face'



Browse by tags