Jump to content

Trojan Help


Flazz

Recommended Posts

Hello!

Found my way here through a series of searches, looking for help removing some stubborn files I've found. I started doing a series of scans and checks when my computer started having issues, frequent explorer crashes etc, and found some threads on these forums that loooked helpful, but most of the details seemed very specific to each individual computer, so thught it best to make a new thread.

Of course, these files may be completly unrelated to the issues, but its a good place to start!

Running Vista 64bit, as of a few hours ago I'm all upto date on updates as far as I know.

NOD32 is picking up some threats during a scan, but is saying its unable to delete/clean/fix them.

threats.jpg

Running MBAM on my system does NOT pick up anything suspcious, which I thought was strange.

If I have NOD running in the background with its "real-time file system protection" enabled while MBAM does its scan, NOD pops up a warning saying MBAM tried to access those files. If I turn off the real-time protection, Malware still doesn't find them. I don't have Spybot SnD TeaTimer enabled at the moment, if it makes a difference.

Not sure what other information I should post at this point, or what log/summaries I need. Any guidance would be greatly appreciated!

Cheers.

Link to post
Share on other sites

Here is the extra information I should have included in the original post. I think I followed all the instructions correctly.

When running the GMER, some of the options to the right were shaded out, so I couldn't check/uncheck them, but the ones that the guide said that needed to be unchecked looked like they were anyway, so I just went ahead.

DDS (Ver_10-03-17.01) - NTFSX64

Run by user at 1:59:40.72 on Tue 14/09/2010

Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_20

Microsoft

Attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    wininit.exe
    explorer.exe


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Thanks for taking the time to post!

Output is below.

SystemLook 27.08.10 by jpshortstuff

Log created at 16:37 on 15/09/2010 by user

Administrator - Elevation successful

========== filefind ==========

Searching for "wininit.exe"

C:\Windows\System32\wininit.exe --a---- 123904 bytes [05:14 01/06/2008] [08:00 19/01/2008] 117EA87DF785CA1B9D821F6F213DCE07

C:\Windows\SysWOW64\wininit.exe --a---- 96768 bytes [05:15 01/06/2008] [07:33 19/01/2008] (Unable to calculate MD5)

C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_8ada9256bfc30704\wininit.exe --a---- 122368 bytes [09:27 02/11/2006] [11:16 02/11/2006] 6F92CE5B50283B0C0A7A539ED552039A

C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe --a---- 123904 bytes [05:14 01/06/2008] [08:00 19/01/2008] 117EA87DF785CA1B9D821F6F213DCE07

C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe --a---- 95744 bytes [12:24 02/11/2006] [09:45 02/11/2006] D4385B03E8CCCEE6F0EE249F827C1F3E

C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe --a---- 96768 bytes [05:15 01/06/2008] [07:33 19/01/2008] 101BA3EA053480BB5D957EF37C06B5ED

Searching for "explorer.exe"

C:\Windows\explorer.exe --a---- 3079168 bytes [05:14 17/06/2009] [07:10 11/04/2009] 6F89C6E6303F8701A3DD7E931C59EE19

C:\Windows\SysWOW64\explorer.exe --a---- 2926592 bytes [05:14 17/06/2009] [06:27 11/04/2009] D07D4C3038F3578FFCE1C0237F2A1253

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe --a---- 3086848 bytes [09:31 02/11/2006] [11:15 02/11/2006] 5D768BEB711FF67ADC8FAD4E2F6ABB02

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe --a---- 3087360 bytes [01:14 23/01/2008] [01:14 23/01/2008] FCBF8AC1855EF986CDEC2387760F71C6

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe --a---- 3087360 bytes [22:32 09/12/2008] [06:15 29/10/2008] 50514057C28A74BAC2BD04B7B990D615

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe --a---- 3086848 bytes [01:14 23/01/2008] [01:14 23/01/2008] 819D88EC82C2C44B556DC32ED22044DE

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe --a---- 3086848 bytes [22:32 09/12/2008] [02:30 28/10/2008] 72B9990E45C25AA3C75C4FB50A9D6CE0

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe --a---- 3080704 bytes [05:12 01/06/2008] [08:00 19/01/2008] F6D765FB6B457542D954682F50C26E4F

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe --a---- 3080704 bytes [22:32 09/12/2008] [06:49 29/10/2008] BBD8E74F23D7605CB0CDB57A1B25D826

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe --a---- 3081216 bytes [22:32 09/12/2008] [05:30 30/10/2008] E404A65EF890140410E9F3D405841C95

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe --a---- 3079168 bytes [05:14 17/06/2009] [07:10 11/04/2009] 6B08E54A451B3F95E4109DBA7E594270

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe --a---- 2923520 bytes [12:12 02/11/2006] [09:45 02/11/2006] FD8C53FB002217F6F888BCF6F5D7084D

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe --a---- 2923520 bytes [01:14 23/01/2008] [01:14 23/01/2008] 6D06CD98D954FE87FB2DB8108793B399

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe --a---- 2923520 bytes [22:32 09/12/2008] [06:20 29/10/2008] 37440D09DEAE0B672A04DCCF7ABF06BE

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe --a---- 2923520 bytes [01:14 23/01/2008] [01:14 23/01/2008] BD06F0BF753BC704B653C3A50F89D362

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe --a---- 2923520 bytes [22:32 09/12/2008] [02:15 28/10/2008] E7156B0B74762D9DE0E66BDCDE06E5FB

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe --a---- 2927104 bytes [05:14 01/06/2008] [07:33 19/01/2008] FFA764631CB70A30065C12EF8E174F9F

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe --a---- 2927104 bytes [22:32 09/12/2008] [06:29 29/10/2008] 4F554999D7D5F05DAAEBBA7B5BA1089D

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe --a---- 2927616 bytes [22:32 09/12/2008] [03:59 30/10/2008] 50BA5850147410CDE89C523AD3BC606E

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe --a---- 2926592 bytes [05:14 17/06/2009] [06:27 11/04/2009] D07D4C3038F3578FFCE1C0237F2A1253

-= EOF =-

Link to post
Share on other sites

It appears I've manged to fix my problem. Explorer is no longer crashing and all scans I run are coming up clean.

When I was searching around for win32/bamital.dx and how to remove it on a 64 system, a few things just seemed to say the wininit.exe files (specifically the one located at C:\Windows\SysWOW64\wininit.exe) needed to be replaced with uncorrupted versions. I ran SFC /SCANNOW in command, and a quick check of the output that produced showed that it detected anomalies and would attempt to fix them. After a reboot when prompted, everything seemed to be back to normal!

If an expert wants to see any scan logs or such to double check I can post them, but otherwise I think everything is working as it should again!

Link to post
Share on other sites

No worries!

Heres the output:

SystemLook 27.08.10 by jpshortstuff

Log created at 16:55 on 18/09/2010 by user

Administrator - Elevation successful

========== filefind ==========

Searching for "wininit.exe"

C:\Windows\System32\wininit.exe --a---- 123904 bytes [05:14 01/06/2008] [08:00 19/01/2008] 117EA87DF785CA1B9D821F6F213DCE07

C:\Windows\SysWOW64\wininit.exe --a---- 96768 bytes [05:15 01/06/2008] [07:33 19/01/2008] 101BA3EA053480BB5D957EF37C06B5ED

C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_8ada9256bfc30704\wininit.exe --a---- 122368 bytes [09:27 02/11/2006] [11:16 02/11/2006] 6F92CE5B50283B0C0A7A539ED552039A

C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe --a---- 123904 bytes [05:14 01/06/2008] [08:00 19/01/2008] 117EA87DF785CA1B9D821F6F213DCE07

C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe --a---- 95744 bytes [12:24 02/11/2006] [09:45 02/11/2006] D4385B03E8CCCEE6F0EE249F827C1F3E

C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe --a---- 96768 bytes [05:15 01/06/2008] [07:33 19/01/2008] 101BA3EA053480BB5D957EF37C06B5ED

Searching for "explorer.exe"

C:\Windows\explorer.exe --a---- 3079168 bytes [05:14 17/06/2009] [07:10 11/04/2009] 6B08E54A451B3F95E4109DBA7E594270

C:\Windows\SysWOW64\explorer.exe --a---- 2926592 bytes [05:14 17/06/2009] [06:27 11/04/2009] D07D4C3038F3578FFCE1C0237F2A1253

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe --a---- 3086848 bytes [09:31 02/11/2006] [11:15 02/11/2006] 5D768BEB711FF67ADC8FAD4E2F6ABB02

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe --a---- 3087360 bytes [01:14 23/01/2008] [01:14 23/01/2008] FCBF8AC1855EF986CDEC2387760F71C6

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe --a---- 3087360 bytes [22:32 09/12/2008] [06:15 29/10/2008] 50514057C28A74BAC2BD04B7B990D615

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe --a---- 3086848 bytes [01:14 23/01/2008] [01:14 23/01/2008] 819D88EC82C2C44B556DC32ED22044DE

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe --a---- 3086848 bytes [22:32 09/12/2008] [02:30 28/10/2008] 72B9990E45C25AA3C75C4FB50A9D6CE0

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe --a---- 3080704 bytes [05:12 01/06/2008] [08:00 19/01/2008] F6D765FB6B457542D954682F50C26E4F

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe --a---- 3080704 bytes [22:32 09/12/2008] [06:49 29/10/2008] BBD8E74F23D7605CB0CDB57A1B25D826

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe --a---- 3081216 bytes [22:32 09/12/2008] [05:30 30/10/2008] E404A65EF890140410E9F3D405841C95

C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe --a---- 3079168 bytes [05:14 17/06/2009] [07:10 11/04/2009] 6B08E54A451B3F95E4109DBA7E594270

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe --a---- 2923520 bytes [12:12 02/11/2006] [09:45 02/11/2006] FD8C53FB002217F6F888BCF6F5D7084D

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe --a---- 2923520 bytes [01:14 23/01/2008] [01:14 23/01/2008] 6D06CD98D954FE87FB2DB8108793B399

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe --a---- 2923520 bytes [22:32 09/12/2008] [06:20 29/10/2008] 37440D09DEAE0B672A04DCCF7ABF06BE

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe --a---- 2923520 bytes [01:14 23/01/2008] [01:14 23/01/2008] BD06F0BF753BC704B653C3A50F89D362

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe --a---- 2923520 bytes [22:32 09/12/2008] [02:15 28/10/2008] E7156B0B74762D9DE0E66BDCDE06E5FB

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe --a---- 2927104 bytes [05:14 01/06/2008] [07:33 19/01/2008] FFA764631CB70A30065C12EF8E174F9F

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe --a---- 2927104 bytes [22:32 09/12/2008] [06:29 29/10/2008] 4F554999D7D5F05DAAEBBA7B5BA1089D

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe --a---- 2927616 bytes [22:32 09/12/2008] [03:59 30/10/2008] 50BA5850147410CDE89C523AD3BC606E

C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe --a---- 2926592 bytes [05:14 17/06/2009] [06:27 11/04/2009] D07D4C3038F3578FFCE1C0237F2A1253

-= EOF =-

Link to post
Share on other sites

File name:

explorer.exe

Submission date:

2010-09-18 05:02:51 (UTC)

Current status:

queued (#2) queued analysing finished

Result:

0/ 43 (0.0%)

VT Community

goodware

Safety score: 100.0%

Compact

Print results

Antivirus Version Last Update Result

AhnLab-V3 2010.09.18.00 2010.09.17 -

AntiVir 8.2.4.52 2010.09.17 -

Antiy-AVL 2.0.3.7 2010.09.18 -

Authentium 5.2.0.5 2010.09.18 -

Avast 4.8.1351.0 2010.09.17 -

Avast5 5.0.594.0 2010.09.17 -

AVG 9.0.0.851 2010.09.17 -

BitDefender 7.2 2010.09.18 -

CAT-QuickHeal 11.00 2010.09.18 -

ClamAV 0.96.2.0-git 2010.09.17 -

Comodo 6114 2010.09.17 -

DrWeb 5.0.2.03300 2010.09.18 -

Emsisoft 5.0.0.37 2010.09.18 -

eSafe 7.0.17.0 2010.09.17 -

eTrust-Vet 36.1.7862 2010.09.17 -

F-Prot 4.6.1.107 2010.09.17 -

F-Secure 9.0.15370.0 2010.09.18 -

Fortinet 4.1.143.0 2010.09.17 -

GData 21 2010.09.18 -

Ikarus T3.1.1.88.0 2010.09.18 -

Jiangmin 13.0.900 2010.09.17 -

K7AntiVirus 9.63.2542 2010.09.17 -

Kaspersky 7.0.0.125 2010.09.18 -

McAfee 5.400.0.1158 2010.09.18 -

McAfee-GW-Edition 2010.1C 2010.09.18 -

Microsoft 1.6201 2010.09.17 -

NOD32 5458 2010.09.17 -

Norman 6.06.06 2010.09.17 -

nProtect 2010-09-17.01 2010.09.17 -

Panda 10.0.2.7 2010.09.17 -

PCTools 7.0.3.5 2010.09.18 -

Prevx 3.0 2010.09.18 -

Rising 22.65.04.01 2010.09.17 -

Sophos 4.57.0 2010.09.18 -

Sunbelt 6891 2010.09.18 -

SUPERAntiSpyware 4.40.0.1006 2010.09.18 -

Symantec 20101.1.1.7 2010.09.18 -

TheHacker 6.7.0.0.022 2010.09.17 -

TrendMicro 9.120.0.1004 2010.09.17 -

TrendMicro-HouseCall 9.120.0.1004 2010.09.18 -

VBA32 3.12.14.0 2010.09.17 -

ViRobot 2010.9.18.4048 2010.09.18 -

VirusBuster 12.65.12.0 2010.09.17 -

Additional information

Show all

MD5 : 6b08e54a451b3f95e4109dba7e594270

SHA1 : 4a4ffbeb8c559f25b2ff7fdaa63c021610f8fa52

SHA256: 0419e4100c3b4ad1831fbf9249173cf32c8209c71b7101674b239a0a47c30e42

And

File name:

wininit.exe

Submission date:

2010-09-18 05:04:51 (UTC)

Current status:

queued queued analysing finished

Result:

0/ 43 (0.0%)

VT Community

not reviewed

Safety score: -

Compact

Print results

Antivirus Version Last Update Result

AhnLab-V3 2010.09.18.00 2010.09.17 -

AntiVir 8.2.4.52 2010.09.17 -

Antiy-AVL 2.0.3.7 2010.09.18 -

Authentium 5.2.0.5 2010.09.18 -

Avast 4.8.1351.0 2010.09.17 -

Avast5 5.0.594.0 2010.09.17 -

AVG 9.0.0.851 2010.09.17 -

BitDefender 7.2 2010.09.18 -

CAT-QuickHeal 11.00 2010.09.18 -

ClamAV 0.96.2.0-git 2010.09.17 -

Comodo 6114 2010.09.17 -

DrWeb 5.0.2.03300 2010.09.18 -

Emsisoft 5.0.0.37 2010.09.18 -

eSafe 7.0.17.0 2010.09.17 -

eTrust-Vet 36.1.7862 2010.09.17 -

F-Prot 4.6.1.107 2010.09.17 -

F-Secure 9.0.15370.0 2010.09.18 -

Fortinet 4.1.143.0 2010.09.17 -

GData 21 2010.09.18 -

Ikarus T3.1.1.88.0 2010.09.18 -

Jiangmin 13.0.900 2010.09.17 -

K7AntiVirus 9.63.2542 2010.09.17 -

Kaspersky 7.0.0.125 2010.09.18 -

McAfee 5.400.0.1158 2010.09.18 -

McAfee-GW-Edition 2010.1C 2010.09.18 -

Microsoft 1.6201 2010.09.17 -

NOD32 5458 2010.09.17 -

Norman 6.06.06 2010.09.17 -

nProtect 2010-09-17.01 2010.09.17 -

Panda 10.0.2.7 2010.09.17 -

PCTools 7.0.3.5 2010.09.18 -

Prevx 3.0 2010.09.18 -

Rising 22.65.04.01 2010.09.17 -

Sophos 4.57.0 2010.09.18 -

Sunbelt 6891 2010.09.18 -

SUPERAntiSpyware 4.40.0.1006 2010.09.18 -

Symantec 20101.1.1.7 2010.09.18 -

TheHacker 6.7.0.0.022 2010.09.17 -

TrendMicro 9.120.0.1004 2010.09.17 -

TrendMicro-HouseCall 9.120.0.1004 2010.09.18 -

VBA32 3.12.14.0 2010.09.17 -

ViRobot 2010.9.18.4048 2010.09.18 -

VirusBuster 12.65.12.0 2010.09.17 -

Additional information

Show all

MD5 : 101ba3ea053480bb5d957ef37c06b5ed

SHA1 : 738ef691944f08cf0c405a52f3f55e99ef6e8e6e

SHA256: 9a02771da9c226552a1766c2dd0295eca8b5b80aae13076ffce6a806fa5c21b8

Cheers!

Link to post
Share on other sites

  • Staff

Great! Those appear to be clean.

Let's make sure the following associated file is gone:

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    hlp.dat


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Next, please use the Internet Explorer browser and click here to use the F-Secure Online Scanner.

  • Click Start Scanning.
  • You should get a notification bar (on top) to install the ActiveX control.
  • Click on it and select to install the ActiveX.
  • Once the ActiveX is installed, you should accept the License terms by clicking OK below to start the scan.
  • In case you are having problems with installing the ActiveX/starting the scan, please read here.
  • Click the Full System Scan button.
  • It will start to download scanner components and databases. This can take a while.
  • The main scan will start.
  • Once the scan has finished scanning, click the Automatic cleaning (recommended) button
  • It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
  • The cleaning can take a while, so please be patient.
  • Then click the Show report button and Copy/Paste what is present under results in your next reply.

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.