Sorry for the french thing… First one is “malware detected” second is “trojan detected”.
“Threat as been detected and blocked before creation or modification of the file”.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach the log back here.
[*]The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also attach that along with the FRST.txt into your reply.
Sup!
Not sure what to follow now, 2 of your bots sent me to 2 different solutions :S
In hte past i used some of those “cleaner” apps and i ended up wasting my system more than curing it…
If possible id like to be sure to try the good one, if not i’ll have to format i guess…
Follow Essex’s directions. He’s the malware removalist… He needs those specific logs not the other ones. The other directions are standard but Essex has asked for a log specifically.
[Edit] Also, ALL links here are safe. So don’t worry about more malware coming from those tools. If Avast! says something ignore it. I’ve used these tools in the past their won’t be any kind of issue with them
This is the latest ZA variant that uses google desktop as the carrier but it writes the programme name in reverse and so is difficult for some malware tools to catch
Had this alert when i downloaded the file from your link
I tried to “save as” and change the .exe extension to something else but it still won’t let me download, guess its because of the .exe extension
Do you have a clean link to a .rar or a .zip maybe?
Disable smart screen filter the file is absolutely safe and so is Bleeping.com. All smartscreen is really saying is that it is not a file normally downloaded
OK I can see why FRST was reported as a virus, your windows defender has been subverted
Note that the google update service name is reversed U2 *etadpug
Download the attached fixlist.txt to the same location as frst
Run FRST as before and press Fix
A log will be generated on completion please attach that
[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Attach both logs
I did everything you told me and the problem seems solved, thanx alot!
Can’t believe i had this antivirus AND the support for free, thats awesome
Only little thing…
After running the windows tweaking i got that “windows is not genuine” thing…
My desktop is black…
I know this is not a windows troubleshooting service but if you know how to fix i’d be greatfull.
If you have access to the Start button: Click the Start button, and type slui 4 in the search field and then press the “Enter” key. This will bring up the Activate by Phone dialog window. Follow the steps provided by the window. The phone activation process should only take about 6 minutes.
b) If you do not have access to the Start button: Reboot and login to Vista, a dialog window will come up. In that window, click the option “Access computer with reduced functionality”. Once you do that, Internet Explorer or Firefox browser will open. In the address bar type c:\windows\system32\cmd.exe press enter, a new window will come up, type: slui 4 and hit enter and follow steps to Activate over the Phone.
NOTE: The important thing to this process is that you need to talk to a Live Activation Rep! When you first call, you will be interacting with an Automated Voice, either select the option to talk to a Live Rep or if there is no option, do not enter any numbers. This should force the automated voice to transfer you to a Live Rep.