Jump to content

Troyano 76236osm1.ru

Go to solution Solved by Maurice Naggar,

Recommended Posts

Hola    :welcome:

Please use the Google Translator at https://translate.google.com

to see what I reply to you in English.   You can have it translated to Spanish.

You said   


Hi, I'm using malwarebytes and every once in a while I get a message saying '' Website blocked due to Trojan ''

The file is 😄 \ Windows \ SysWOW64 \ msiec.exe, the website is 76236osm1.ru, how could I eliminate this virus since malwarebytes does not detect it? thanks.


Pleae know that the block message notice from Malwarebytes for Windows means that it is keeping your machine safe from harm.

The message does not mean that there is some infection on your machine.  No, the message is about some thing external.  The trojan is NOT on your machine.

It is at the address with the .RU  domain link.


I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!


Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.


Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.


You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".


allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications


You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.


That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Thanks.  Keep me advised.


  • Thanks 1
Link to post
Share on other sites

Buenos días. Gracias por el informe de Adwcleaner.

Agradecería obtener detalles importantes adicionales / más completos de esta máquina para ayudarlo a avanzar.
 NOTA: Las herramientas y la información obtenida son seguras y no dañan su privacidad o su computadora, por favor permita que los programas se ejecuten si están bloqueados por su sistema.

Tenga paciencia mientras se ejecuta la herramienta de informes. Puede tomar varios minutos. Déjalo correr y tómate su tiempo. Es posible que desee cerrar las otras ventanas abiertas para que haya un campo de visión despejado.
Descargar la herramienta de soporte de Malwarebytes
    Una vez que se descargue el archivo, abra su carpeta de Descargas / ubicación del archivo descargado
    Haga doble clic en mb-support-1.80.848.exe para ejecutar el informe

Una vez que se inicia, verá una primera pantalla con 2 botones. Haga clic en el de la izquierda marcado "No tengo un ticket de soporte abierto".

        Es posible que el Control de cuentas de usuario (UAC) le solicite que permita que se realicen cambios en su computadora. Haga clic en Sí para dar su consentimiento.
    Coloque una marca de verificación junto a Aceptar acuerdo de licencia y haga clic en Siguiente
Ahora haga clic en el panel lateral izquierdo "No tengo un ticket de soporte abierto"

    Se le presentará una página que dice: "¡Empiece!"
    ¡NO utilice el botón "Iniciar reparación"! Pero mire en cambio la lista de opciones del extremo izquierdo en negro.

    Haga clic en la pestaña Avanzado en la columna de la izquierda
    Haga clic en el botón Recopilar registros
    Aparecerá una barra de progreso y el programa procederá a obtener los registros de su computadora. Por favor ten paciencia. Tarda varios minutos en reunirse.
    Al finalizar, haga clic en un archivo llamado mbst-grab-results.zip que se guardará en su escritorio. Haga clic en Aceptar. Luego salga de la herramienta.

    Adjunte el archivo ZIP en su próxima respuesta.

Por favor, sepan que ayudo aquí como voluntario. y que no estoy en 24 x 7.
La ayuda en este foro es personalizada.



  • Thanks 1
Link to post
Share on other sites

Thank you for the report file.  First, a remark and advice. This computer is running on Windows 7.  That operating system is no longer supported by Microsoft.  So it no longer gets security updates.  Have you considered a free upgrade to Windows 10  from Microsoft ?   Let me know.


I notice that this system has no installed antivirus program.  That makes it more exposed to potential infection.

I am going to guide you to doing a few different scans to see if there are actual viruses.

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft



Please select "FULL"  scan option.

Let me know the result of this.

The log is named MSERT.log 

the log will be at  C:\Windows\debug\msert.log

Please attach that log with your reply.


  • Thanks 1
Link to post
Share on other sites

The report file from the Microsoft Safety Scanner did flag a few files from some games.  We should do another scan.  As to upgradding to Windows 10 from Microsoft, I will provide you some tips at the end of this case.

For now, the following new scan.

I would suggest that you do a scan with a scan tool from ESET  to just only scan the C drive.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe


It will start a download of "esetonlinescanner_enu.exe"

Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes


When prompted for scan type, Click on Custom scan    ( the choice on far-right side)

We want just the C drive to be scanned.


In the display "Select custom scan targets"  keep the top 3 lines ticked,  plus the one for the C drive   ( which should be your Windows drive)

UN-tick the other drives   ( D, E, F,   etc...)


Then click on the blue button "Save and continue"

Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.  


Have patience.  The entire process may take an hour or more. There is an initial update download.

There is a progress window display.

You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.  Look for it on the bottom left, in blue.


If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).

Press Continue when all done.  You should click to off the offer for “periodic scanning”.

The goal here is to see if there are suspicious or actual threats on the C drive.   Attach the log with your next reply.

  • Thanks 1
Link to post
Share on other sites

That is a good cleanup by the ESET tool.  It removed 2 items.  One of those was a trojan with the file-name  eeHLTXejnh.exe

How is the system at this point ?   Let me know that for sure.

Also do this next new scan with Malwarebytes for Windows.

In Malwarebytes for Windows program, we want to do a special scan.

Click Settings ( gear icon)   at the top right of Malwarebytes window.   We want to see the SETTINGS window.

Then click the Security tab.   

Scroll down and lets be sure the line in SCAN OPTIONs for "Scan for rootkits" is ON        👈

Click it to get it ON  if it does not show a blue-color


Next, click the small x on the Settings line   to go to the main Malwarebytes Window.


Next click the blue button marked Scan.

When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

You can actually click  ( tick )   the topmost left  check-box  on the very top line to get ALL lines  ticked   ( all selected).    👈





Then click on Quarantine selected.



Then, locate the Scan run report;  export out a copy;  & then attach in with your  reply.

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4



  • Thanks 1
Link to post
Share on other sites

  • Solution

That is an excellent result.  No malicious items detected.

I  have 3 suggestions for you to do, and then one new report.

[    1    ]

For the Google Chrome web browser.   A suggestion to better protect Chrome.

To get & install the Malwarebytes Browser Guard extension for Chrome,


Open this link in your Chrome   browser: 



Then proceed with the setup.

[     2      ]

Uninstall one program that is very much out of date & not secure.  Uninstall Java 8 Update 45 


[       3      ]

Adobe Flash Player  PPAPI   version is also out of date.  You shoud get and then install the very latest release from Adobe.

Go to this link with your Chrome browser.  Download, and save, and then run the update


[      4      ]

I would like you to run a tool named SecurityCheck to inquire on the current-security-update  status  of some applications.

  • Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • and save the tool on the desktop.
  • If Windows's  SmartScreen block that with a message-window, then
  • Click on the MORE INFO spot and over-ride that and allow it to proceed.
  • This tool is safe.   Smartscreen is overly sensitive.
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt


  • Thanks 1
Link to post
Share on other sites

Hello.    Java is not required.  Unless you run a program that actually needs it.

The SeecurityCheck has highlighted these things for your attention & action.

HotFix KB3177467 Warning! Download Update
HotFix KB3125574 Warning! Download Update
HotFix KB4012212 Warning! Download Update
HotFix KB4499175 Warning! Download Update
HotFix KB4539602 Warning! Download Update


NVIDIA GeForce Experience v. Warning! Download Update

WinRAR 5.90 (64-bit) v.5.90.0 Warning! Download Update


  • Thanks 1
Link to post
Share on other sites

Hello.  On the video driver, you should check with the support site for your computer manufacturer.  Check to see if they have a newer driver for the video card.

Also, you may run a report-tool to see other detail about the computer hardware.

Speccy is a tool that provides detailed information about the hardware components and operating system of the computer it is run on. 
You can download it from here. Once installed and run, it will collect system info (no personal data) and create a report.

Click File on the top left, then Publish Snapshot. Provide  the URL link   it gives you.

As to upgrading this machine to Windows 10, I can provide some tips later.



  • Thanks 1
Link to post
Share on other sites

  • 2 weeks later...


To remove the FRST  tool & its work files, do this.  Go to your Downloads folder.  Do a RIGHT-click on FRSTENGLISH.exe & select RENAME & then change it to UNINSTALL.exe .
Then run that ( double click on it)  to begin the cleanup process.


Delete mbst-grab-results.zip   on the Desktop

Delete mb-support-1.80.848.exe

Delete msert.exe

Delete the file downloaded from ESET     esetonlinescanner_enu.exe

Adwcleaner you may keep  and use as needed.

Any other download file I had you download, you may delete.

I wish you all the best.  Stay safe.



Edited by Maurice Naggar
Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you



Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.