To remove Spyware.AzorUlt using Malwarebytes business products, follow the instructions below.
How to remove Spyware.AzorUlt with Malwarebytes Endpoint Protection
- Go to the Malwarebytes Cloud console.
- To allow you to invoke a scan while the machine is off the network, go to Settings > Policies > your policy > General.
- Under Endpoint Interface Options, turn ON:
- Show Malwarebytes icon in notification area
- Allow users to run a Threat Scan (all threats will be quarantined automatically)
- Temporarily enable Anti-Rootkit scanning for all invoked threat scans.
Go to Settings > Policies > your policy > Endpoint Protection > Scan Options
- Set Scan Rootkits to ON.
- Once the endpoint has been updated with the latest policy changes:
- Take the client off the network
- From the system tray icon, run an Anti-Rootkit threat scan.
If you have infected machines that are not registered endpoints in Malwarebytes Endpoint Protection, you can remove Spyware.AzorUlt with our Breach Remediation tool (MBBR).
- Log into your My Account page and copy your license key. The key is needed to activate MBBR tool.
- Open your Cloud console.
- From a clean and safe machine, go to Endpoints > Add > Malwarebytes Breach Remediation. This will download the MBBR zip package.
- Unzip the package.
- Access a Windows command line prompt and issue the following commands:
mbbr register –key:<prodkey>
Note: You must substitute your license key for <prodkey>.
- Copy the MBBR folder to a flash drive.
- From an infected, offline machine, copy the MBBR folder from the flash drive.
- Start a scan using the following command:
mbbr scan –full –ark –remove –noreboot
- Refer to the Malwarebytes Breach Remediation Windows Administrator Guide for all supported scanning commands.
How to remove Spyware.AzorUlt with Malwarebytes Endpoint Security
You can use Malwarebytes Anti-Malware v1.80, which is included in your Malwarebytes Endpoint Security deployment to scan and remove Spyware.AzorUlt.
- Remove the infected endpoint from the network.
- On the infected machine, right click the system tray icon and click on Start Scanner.
- Select Perform full scan.
- Click on Scan button.
- Open CMD
- CD to C:\Program Files (x86)\Malwarebytes’ Anti-Malware
- Run mbamapi /scan –full –remove -reboot
It is recommended to follow the MBAM scan with an Anti-Rootkit (MBAR) tool scan.
- From a safe computer, download the Anti-Rootkit tool.
For detailed instructions, refer to the KB article How do I use Malwarebytes Anti-Rookit?
- Once Anti-Rootkit is updated (steps 1 – 4), copy it to a flash drive.
- Go to an infected machine that has been scanned/cleaned with Anti-Malware and is still off the network.
- Copy the Anti-Rootkit files from the flash drive to the machine.
- Turn off Anti-Malware. Right click the Anti-Malware system tray icon and select Exit.
- Run the Anti-Rootkit program to scan for threats. Refer to How do I use Malwarebytes Anti-Rookit? steps 5 – 12 for instructions.