maurocattani
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by maurocattani
-
-
Important!All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.I need you to follow the instructions provided herefirst.I also need for you to download this programto your desktop.
- Close all applications and windows so that you have nothing open and are at your Desktop
- Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
- Place a checkmark in the"Scan All Users"checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
- Click the Run Scan button
- NOTE:Please be patient and let the scan run without using the computer
- When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
- Submit your reply and close the Notepad window withOTList.txt
- Also OTListIt'sExtras.txtlog file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
- NOTE:If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.
Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.Here the OTlist
-
Important!All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.I need you to follow the instructions provided herefirst.I also need for you to download this programto your desktop.
- Close all applications and windows so that you have nothing open and are at your Desktop
- Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
- Place a checkmark in the"Scan All Users"checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
- Click the Run Scan button
- NOTE:Please be patient and let the scan run without using the computer
- When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
- Submit your reply and close the Notepad window withOTList.txt
- Also OTListIt'sExtras.txtlog file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
- NOTE:If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.
Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.Here the HiJack report
-
Important!All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.I need you to follow the instructions provided herefirst.I also need for you to download this programto your desktop.
- Close all applications and windows so that you have nothing open and are at your Desktop
- Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
- Place a checkmark in the"Scan All Users"checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
- Click the Run Scan button
- NOTE:Please be patient and let the scan run without using the computer
- When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
- Submit your reply and close the Notepad window withOTList.txt
- Also OTListIt'sExtras.txtlog file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
- NOTE:If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.
Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.Here the Panda scan
-
Important!All of the following instructions must be run on the affected computer. Logs from a different computer will not help me help you. So, if you need to download all of this and then copy it to CD or memory stick and take it to the other computer, please do so. Either way, it's important. The logs have to be made by the computer with the problem.I need you to follow the instructions provided herefirst.I also need for you to download this programto your desktop.
- Close all applications and windows so that you have nothing open and are at your Desktop
- Double-click on the OTListIt.exe file to start OTListIt. OK any warning about running OTListIt.
- Place a checkmark in the"Scan All Users"checkbox (Leave the 'Use Whitelist' checked' and the 'File Age:' at 30 days)
- Click the Run Scan button
- NOTE:Please be patient and let the scan run without using the computer
- When the scan is complete, a text file (OTListIt.Txt) will open in Notepad (if not, it can be found on your Desktop)
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic, click in the topic reply window, and press Ctrl+V to paste the log or Righ click paste.
- Submit your reply and close the Notepad window withOTList.txt
- Also OTListIt'sExtras.txtlog file will be minimized in the Taskbar (and located on your Desktop) - click on this and maximize the window
- In Notepad, clickEdit,Select allthenEdit,Copy
- Reply to this topic again, click in the topic reply window, and press Ctrl+V to paste the extras log or Right click paste.
- NOTE:If the files (OTListIt.txt, Extras.txt) do not appear in your taskbar, just open the files in notepad from your desktop.
Please allow me time to analyze your post. If you don't see a reply from me after 24 hours, feel free to PM me.I'm proceding with the scans as per your suggestions.
Before any scan I've switched of Kasper and Norton.
The scan from Malware is (surprisingly) not reporting any infection! (see the attachment).
Now I proceed with Panda.
I'll let you know.
(thank you)
-
Info only ....
MBAM is detecting your userinit file as infected but whitelisting is preventing the file from being removed and userinit load point correction is also preventing the load point from being destroyed .
So, what should I do?
Thank you.
-
After scanning my computer with Malwarebytes, I got the following report:
Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
If I scan the system again I find no further problems.
After re-booting the system, I get again the same report.
Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.
Is it a false positive of the program or the program is not scanning the author of the modifications of the register?
I've tryed also Kasper with the following results:
C:\WINDOWS\system32\userinit.exe Infected: Exploit.Win32.IMG-WMF.hu 1
Thank you for your support!
Trojan.agent false detection?
in File Detections
Posted
Here the Extr of Otlist
Extras.Txt
Extras.Txt