Hello / mbam.exe file infected

View previous topic View next topic Go down

Hello / mbam.exe file infected

Post by BS1973 on Thu 29 Jul 2010, 10:37 am

Hello everyone,

I found information on this forum on the Internet and I am hoping you can help me with a problem I am having with my laptop. Everytime I open Internet Explorer I get a screen which says 'visiting this site may harm your computer!' I am unable to go on to any other websites. I also get an Antivirus Software Alert telling me to activate antivirus software.

I have tried to run Malwarebytes Anti-Malware scan but it tells me: 'Application cannot be executed. The file mbab.exe is infected.'

In the meantime, after a few minutes Internet Explorer starts up of its own accord and goes on to various dodgy websites.

Any assistance will be greatly appreciated. Many thanks in advance,




Posts : 1
Joined : 2010-07-29
Operating System : XP

View user profile

Back to top Go down

Re: Hello / mbam.exe file infected

Post by DragonMaster Jay on Fri 30 Jul 2010, 4:55 pm

Hello, and welcome to GeekPolice.

Please note the following information about the malware forum:
  • Only Tech Officers, Global Moderators, Administrators, and Malware Advisors are allowed to give advice on removing malware from your computer.
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, do one of two things:

    Reply to this topic with the word BUMP, or
    see [You must be registered and logged in to see this link.].

  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

We need to do some diagnostics to get started.

1. Please download and run RKill.

Download mirror 1 - Download mirror 2 - Download mirror 3

  • Save it to your Desktop.
  • Double click the RKill desktop icon.
  • It will quickly run and launch a log. If it does not launch a log, try another download link until it does.
  • Please post its log in your next reply.
  • After it has run successfully, delete RKill.

Note: This tool only kills the active infection, the actual infection will not be gone. Once you reboot the infection will be active again! Please do not reboot until instructed further to do so.

2. Download MBRCheck to your desktop.
  • Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
  • It will show a black screen with some data on it.
  • A report called MBRcheckxxxx.txt will be on your desktop
  • Open this report and post its content in your next reply.

3. Please download [You must be registered and logged in to see this link.] by me, and save to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.zip, and extract the file to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.cmd to start.
  • It will finish quickly and launch a log.
  • Post the contents of it in your next reply.

4. In your next reply, please post the following logs for my review:
  • MBRCheck log (2)
  • Cheetah log (3)


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

GeekPolice Academy Manager


DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

View previous topic View next topic Back to top

Permissions in this forum:
You cannot reply to topics in this forum