Jump to content

Is my laptop finally clean?

Recommended Posts


First off I will appoligise for my lack of technical language haha! Also if you respond please be very clear and specific with your answer :)

I'll start from the begining. 4 days ago I started getting notifications from my security program (MSE) that it was quarintining things and saying not to worry as the threat was being cleaned/dealt with. I didn't think much of this until Firefox kept running in safemode and it started not opening. I did a full system scan with MSE and it found a few trojans/ramnit. I cleaned the laptop and reset it but the notifications from MSE kept appearing, I did scan after scan but it didn't seem to be working. That is until 2 days ago when after scanning I removed what seemed to be only one ramnit that was detected. I reset my computer and voila! No more notifications and MSE wasn't detecting anything. I thought I should use a second program just to make sure. I downloaded Malwarebytes and did a full scan, it picked up a few things that MSE had already quaritntined that I knew about - nothing serious. No trojans or ramnit were detected. I was relieved and thought that it was all over and I had got away safely. I have done 2 or 3 more scans with Malware Bytes and all have comeback clean however I know that ramnit are very dangerous and severe things and had heard that they were incurable. So this is why I took to this forum, I just want to make sure my laptop is completely safe and clean as I do a lot of online shopping etc. on it and have a huge music collection.

If someone could help me out I wouldn't be able to thank you enough!

Regards, Joca

Link to post
Share on other sites

Usually with that type of infection we just tell the person the best course of action is to format the drive and start over.

Some links to read:





Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.


Tick the box next to YES, I accept the Terms of Use.

Click Start

When asked, allow the ActiveX control to install

Click Start

Make sure that the options Remove found threats and the option Scan unwanted applications is checked

Click Advanced settings and select the following:

  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

Click Start

Wait for the scan to finish

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic


Link to post
Share on other sites


Thank you for your reply, sorry for the late reply from me, I have been extremely busy, here is the log.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)

# OnlineScanner.ocx=

# api_version=3.0.2

# EOSSerial=

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2012-07-25 03:54:37

# local_time=2012-07-25 04:54:37 (+0000, GMT Daylight Time)

# country="United Kingdom"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=5893 16776574 66 85 95580174 95595091 0 0

# compatibility_mode=8192 67108863 100 0 259 259 0 0

# scanned=207791

# found=6

# cleaned=6

# scan_time=15234

C:\Program Files (x86)\Cheat Engine 6.1\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Joe\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\72072600-6ce4107f a variant of Java/Exploit.Blacole.AF trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Joe\Downloads\avc-free.exe Win32/OpenCandy application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Joe\Downloads\CheatEngine61.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Joe\Downloads\Korn__The_Path_of_Totality_(2011)_320kbs.exe Win32/Adware.1ClickDownload.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Nigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V58TI585\19[1].htm HTML/Iframe.B.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C

Link to post
Share on other sites


Nothing was detected, and my computer is running ok I suppose, Firefox has been working as normal, maybe a little on the slow side. Here is the log anyway:

Malwarebytes Anti-Malware (Trial)


Database version: v2012.07.26.14

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Joe :: JOE-PC [administrator]

Protection: Enabled

26/07/2012 19:33:14

mbam-log-2012-07-26 (19-33-14).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 233161

Time elapsed: 16 minute(s), 41 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.