[RESOLVED] Another Win32/Bamital-X case, wininit.exe infected

Hi,

My case is pretty much the same as many have had here before, only this time Avast reports wininit.exe being infected with Win32/Bamital-X but cannot fix/quarantine/remove it, even when ran as bootup scan. All available system recovery points are infected.
Attached are MBAM quick scan log and OTL logs.

Have tried all kinds of tricks, even manually switching the infected file with a clean one, but as soon as windows boots up the file shows up as infected. Didn’t dare run Combofix on my own.

Help is kindly appreciated.

here is one that may have been solved http://forum.avast.com/index.php?topic=63126.0

Yes, Hitman Pro did the trick. Will do full scans later, but wininit.exe is clean now, can install Firefox and Google search results are not hijacked anymore.

Thank you!

why have you removed the log`s you posted yesterday? Essexboy have not looked at them yet…

As I seem to have gotten rid of the problem, looking at them would be a waste of time, no? I’ll post fresh logs once I’ve done full scans to make sure my system is clean.

Essexboy can see if everything was removed and lots of other stuff, so yes i would recomend a new scan and posting the logs again
He usually enters the forum late in weekdays, 20.00 - 22.00 Norwegian time

For some reason, OTL will not produce an Extras.txt anymore? Tried removing, redownloading and running OTL from a different location, but still got only OTL.txt. So I attached the Extras.txt from yesterday, that was ran with the infected .exe still in the system.

The extras is only generated for the first run

But that looks clean the targeted files have a signature which is good ;D

That’s good news. Thank you both for your time and effort!

Run OTL and press the cleanup button to remove itself and other programmes used