If you cannot use the Internet or download any programs to the infected machine, try downloading them from another computer (family member, friend, library, etc) with an Internet connection. Save to a flash (usb, pen, thumb, jump) drive or CD, transfer to the infected machine, then install and run the program(s). If you cannot copy files to your usb drive, make sure it is not "
Write Protected".
Also download
Malwarebytes Anti-Malware (v1.44) and save it to your desktop.
alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.- Make sure you are connected to the Internet.
- Double-click on mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- When installation has finished, make sure you leave both of these checked:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware
- Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
- If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
- If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
- Make sure the "Perform Quick Scan" option is selected.
- Then click on the Scan button.
- If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
- The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
- When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
- Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
- Click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad.
- The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
- Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.-- Some types of malware will disable Malwarebytes Anti-Malware and other security tools to keep them from running properly. If MBAM will not install, try
renaming it first.
- Right-click on the mbam-setup.exe file file and rename it to mysetup.exe. If that did not work, rename it explorer.exe.
- Double-click on the renamed file to start the installation.
- If that still did not work, then try changing the file extension. <- click this link if you do not see the file extension
If using Windows Vista, refer to these instructions. - Right-click on explorer.exe and change the .exe extension to .scr, .com, .pif, or .bat.
- Then double-click on explorer.com (or whatever extension you renamed it) to begin installation.
If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files.
- Right-click on mbam.exe and rename it to wuauclt.exe.
- Double-click on wuauclt.exe to launch the program.
- If that did not work, then change the .exe extension in the same way as noted above.
- Double-click on wuauclt.com (or whatever extension you renamed it) to launch the program.
-- Other types of malware may
delete the main
mbam.exe executable file during installation or when attempting to perform a scan which results in various errors. One way to resolve this is to:
- Download and install Malwarebytes Anti-Malware on a non-infected computer.
- After installation, open Windows Explorer and navigate to the C:\Program Files\Malwarebytes' Anti-Malware\ folder where mbam.exe is located.
- Copy the mbam.exe file to the Desktop and rename it to wuauclt.exe or explorer.exe.
- Save the renamed file to a usb flash drive or CD and transfer to the infected computer.
- Place it in the C:\Program Files\Malwarebytes' Anti-Malware folder, and then double-click on it to run.
Alternatively, you can download a randomized renamed mbam.exe version (i.e. jdRjuT7Hk.exe) from
here and use that.
Note: If installation coninues to fail in normal mode, try installing and performing a Quick Scan in "safe mode". Doing this is usually not advised as MBAM is designed to be at full power when running in normal mode and loses some effectiveness for detection & removal when used in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Therefore, after completing a safe mode scan, reboot normally, uninstall MBAM, then reinstall it and perform another Quick Scan.