My name is MalwareMutilator
for short). Welcome to Bleeping Computer.
When infections return after a MBAM
scan and repair have been performed, it usually indicates that a more serious (or stubborn) infection is present. I will offer you as much help as is possible in this forum, but I first I need to point out a few facts:
Now, please follow these steps:Step 1:
- MBAM works best when run in normal mode . . . not in safe mode.
- Prior to running MBAM you should first disable TeaTimer:
TeaTimer works by preventing ANY
changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.
In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
- Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
- If prompted with a legal dialog, accept the warning.
- Click and then on "Advanced Mode"
- You may be presented with a warning dialog. If so, press
- Click on
- Click on
- Uncheck this checkbox:
- Close/Exit Spybot Search and Destroy
Please download Malwarebytes Anti-Malware
(v1.38) and save it to your desktop.alternate download link 1alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs
and download a fresh copy.
- Make sure you are connected to the Internet.
- Double-click on mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
will automatically start and you will be asked to update the program before performing a scan.
On the Scanner tab:
- If an update is found, the program will automatically update itself.
- Press the OK button to close that box and continue.
- If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
Back at the main Scanner screen:
- Make sure the "Perform Quick Scan" option is selected.
- Then click on the Scan button.
- If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
- The scan will begin and Scan in progress will show at the top. It may take some time to complete so please be patient.
- When the scan is finished, a message box will say The scan completed successfully. Click 'Show Results' to display all objects found.
- Click OK to close the message box and continue with the removal process.
- Click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Please save the contents of that report as it will needed with your next reply. Now, exit MBAM.
- Reboot your computer normally.
- Run another Quick Scan of your system using MBAM. Do NOT allow it to fix any problems that it finds.
- Save that log using a different name.
After you have complete all of the above steps, please furnish both
of the MBAM
logs along with your next reply.