Sounds like you downloaded a rogue security program
which infect machines by using social engineering and scams to trick a user into spending money to buy a an application which claims to remove malware and is often seen with a Vundo
infection. Vundo is a Trojan that infects a system with malicious Browser Helper Objects
(Dynamic Link Library) modules attached to system files like Winlogon and Explorer.exe. The infection is responsible for launching unwanted pop ups, advertising for rogue antispyware programs, and downloading more malicious files which hampers system performance. Newer variants of Vundo typically use bogus warning messages
and alerts to indicate that your computer is infected with spyware or has critical errors
as a scare tactic to goad you into downloading a malicious security application to fix it. The messages can mimic system messages so they appear as if they are generated by the Windows Operating System. The problem with these types of infections is that they can download other malicious files so the extent of the infection can vary
to include backdoor Trojans
and rootkit components
which make it more difficult to remove.
Some types of malware will disable Malwarebytes Anti-Malware and other security tools. If MBAM will not install, try renaming
- Right-click on the mbam-setup.exe file file and rename it to mysetup.exe.
- Double-click on mysetup.exe to start the installation.
- If that did not work, then try renaming and changing the file extension. <- click this link if you do not see the file extension
- Right-click on the mbam-setup.exe file, rename it to mysetup and change the .exe extension to .scr, .com, .pif, or .bat.
- Then double-click on mysetup.scr (or whatever extension you renamed it) to begin installation.
If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.
If using Windows Vista, refer to How to Change a File Extension in Windows Vista.
- Right-click on mbam.exe, rename it to myscan.exe.
- Double-click on myscan.exe to launch the program.
- If that did not work, then try renaming and change the .exe extension in the same way as noted above.
- Double-click on myscan.scr (or whatever extension you renamed it) to launch the program.
Be sure to update MBAM through the program's interface (preferable method
) or manually download the definition updates
and just double-click on mbam-rules.exe
to install. Then perform a Quick Scan
in normal mode and check all items found for removal. Don't forgot to reboot afterwards. Failure to reboot normally
(not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs
tab and copy/paste the contents of the report in your next reply.Note: MBAM uses Inno Setup instead of the Windows Installer Service to install the program. If installation fails in normal mode, try installing in safe mode. Doing this is usually not advised as MBAM is designed to be at full power when running in normal mode and loses some effectiveness for detection & removal when used in safe mode. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Therefore, after completing a scan it is recommended to uninstall MBAM, then reinstall it in normal mode and perform another Quick Scan.