Please download
Malwarebytes Anti-Malware (v1.34) and save it to your desktop. Print out and follow the instructions
here for performaning a
Quick Scan in normal mode and check all items found for removal. When done, click the
Logs tab and copy/paste the contents of the new report in your next reply.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with disinfection. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Temporarily disable such programs or permit them to allow the changes. Click this link to see a list of programs that should be disabled.If you cannot use the Internet or download any programs to the infected machine, you are going to need access to another computer (family member, friend, etc) with an Internet connection. Save
mbam-setup.exe to a flash (usb, pen, thumb, jump) drive or CD, transfer it to the infected machine, then install and run the program. If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on
mbam-setup.exe so it will install on the hard drive.
You will also need to manually
download the updates from another computer, save and transfer them to the infected machine. After installing MBAM, just double-click on
mbam-rules.exe to install the update.
Mbam-rules.exe is not updated daily. Another way to get the most current definitions is to update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.