My name is MalwareMutilator
for short). Welcome to Bleeping Computer.
In order for me to better understand the possible malware issues on your computer, I am going to ask you to perform a scan which will require you to download a specialized program. Even if you have already run this program at an earlier time, please proceed as follows:Step #1Download and run MBAM:
Because some types of malware can be easily removed, I recommend Malwarebytes Anti-Malware
be run. MBAM
is an advanced piece of software which may possibly resolve a number of the issues on your machine. It's important to let me know, however, if you experience any trouble accessing the site, downloading from it, or actually opening the program to run. Some rootkits specifically target MBAM, thus, the inability to run the program may possibly indicate a more serious problem.
Please download Malwarebytes Anti-Malware
(v1.38) and save it to your desktop.alternate download link 1alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs
and download a fresh copy.
- Make sure you are connected to the Internet.
- Double-click on mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
will automatically start and you will be asked to update the program before performing a scan.
On the Scanner tab:
- If an update is found, the program will automatically update itself.
- Press the OK button to close that box and continue.
- If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
Back at the main Scanner screen:
- Make sure the "Perform Quick Scan" option is selected.
- Then click on the Scan button.
- If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
- The scan will begin and Scan in progress will show at the top. It may take some time to complete so please be patient.
- When the scan is finished, a message box will say The scan completed successfully. Click 'Show Results' to display all objects found.
- Click OK to close the message box and continue with the removal process.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.Step #2Download and run ATF Cleaner:
- Click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Please save the contents of that report as it will needed with your next reply. Now, exit MBAM.
- Using this link, please download ATF Cleaner and save it to your desktop.
- Double-click ATF-Cleaner.exe to run the program.
- Next, please place check marks in the following boxes:
- Windows Temp
- Current User Temp
- All User Temp
- If you would like to keep your saved passwords, please click No at the Cookies prompt.
- Temporary Internet Files
- Java Cache
- Click the [Empty Selected] button.
- Click Exit.
After completing the above steps, pleae post the contents of the MBAM
log with your next reply.
After reviewing your log I will furnish you with additional instructions.