Have you performed a full scan with your anti-virus? If so, what did if find? If not, you need to do that first.
Then continue as follows:If you cannot use the Internet or download any required programs
to the infected machine, you are going to need access to another computer (family member, friend, library etc) with an Internet connection.
Please download Malwarebytes Anti-Malware
, save it to a flash (usb, pen, thumb, jump) drive or CD, transfer it to the infected machine, then install and run the program. If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on mbam-setup.exe
so it will install on the hard drive. If you cannot copy files to your usb drive, make sure it is not "Write Protected
". Some flash drives have a switch on the side which could have accidentally been moved to write protect.
You will also need to, manually download the database updates
, save and transfer them as well. After installing MBAM, just double-click on mbam-rules.exe
to install and update.
Mbam-rules.exe is not
updated daily. Another way to get the most current database definitions if you're having problems updating, is to install MBAM on a clean computer, launch the program, update through MBAM's interface, copy the definitions (rules.ref
) to a USB stick or CD and transfer that file to the infected machine. Copy rules.ref to the location indicated for your operating system.
- XP: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
- Vista: C:\Documents and Settings\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware
If you cannot see the folder, then you may have to Reconfigure Windows
to show it.
After transferring MBAM to the infected computer, follow these instructions:MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
- Double-click on mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- Double-click the MBAM icon on your desktop and on the Scanner tab.
- Make sure the "Perform Quick Scan" option is selected.
- Then click on the Scan button.
- If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
- The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
- When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
- Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
- Click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the contents of that report in your next reply and exit MBAM.