[antiviral2005]

If I am able to rename the file from wininet.dll to wininet.old, should I then copy the desktop wininet.dll to the system folder before the reboot?

[Advertisements]

Why not? It would save a step. But do not DELETE anything.


Trevuren

[Trevuren]

Why not? It would save a step. But do not DELETE anything.


Trevuren

[antiviral2005]

Hey Trevuren...I'm having difficulty with renaming the wininet.dll file. I ran the Kaspersky anti virus again and no viruses were found. I rebooted in safe mode and went to the window\system folder and rightclicked on wininet.dll and unchecked the "Archive" selection under Attributes. But when I tried to rename the file to wininet.old, I got the same error message of cannot rename file as it is currently in use...how should I proceed.

[Trevuren]

1. Before making the switch, I want you to submit the copy on your desktop to Jotti's for analysis.

1. Click HERE to get to Jotti's site.

2. At the top of the Jotti window, use the Browse button to locate the "clean' file on your desktop.

3. Once you have located the file, click SUBMIT and the content of the file will be uploaded by the site and analysed.

4. Please provide me with the results of the analysis.

Regards,

Trevuren

[antiviral2005]

Trevuren...Jotti scanned my wininet.dll file on my desktop and I think gave the seal of approval...for now...here's the log...

File: Wininet.dll
Status: OK
MD5 8b5b3d75157496a6a091a72671bbb993
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing


What should be my next plan of attack? Looking forward to your advice...

[Trevuren]

1. Reboot into Safe Mode.

2. Rename your wininet.dll to wininet.old

3. Copy the clean wininet.dll from your desktop to the System folder.

4. Reboot your system.

5. If everything is working properly, DELETE wininet. old

6. Post a fresh HJT log and comment on how your system is running malwarewise

Regards and Good Luck


Trevuren

[antiviral2005]

Trevuren, for some reason, I can't rename the wininet.dll file in my system folder and always seem to get the "cannot rename file, in use by system" prompt. Should I overwrite the wininet.dll file in my system folder with the desktop copy?

[Trevuren]

You can try but make sure you have a copy of that good wininet.dll stored away somewhere.


Trevuren

[antiviral2005]

Trevuren...I cannot overwrite the c:\windows\system\wininet.dll file with my desktop file (I get the prompt "cannot overwrite file as file is in use"). So at this point, I cannot rename the wininet.dll file in my c:\windows\system folder and I cannot overwrite it with my desktop copy. What should I do next?

[Trevuren]

Have you checked the attributes on the file to make sure it is accessible?


Trevuren

[antiviral2005]

I unchecked all of the boxes under the attributes section (when you right click on the wininet.dll file in my windows\system folder). I still can't seem to overwrite or change the name of hte file.

[Trevuren]

I will consult with the Experts and get back to you. It probably won't be before tomorrow.


Trevuren

[Trevuren]

This comes from our Expert Bananafanafo. It has worked on other systems.



Make absolutely sure there is a wininet.dll in the system folder before you reboot!


Paste these instructions into notepad for use in safe mode

1. Reboot into Safe Mode.

2. Once in Safe Mode, go to Start > Run type: command Click OK

3. Please do the following in sequence:

• Please copy the following line and paste it into the black window:
  
  CD C:\Windows\system
  
  
• Hit enter.
  
• It will go to the next line, then copy this line and paste it in:
  
  rename wininet.dll wininet.old
  
  
• Hit enter.
  
• type exit hit enter.

4. Now try copying the one from the desktop into the system folder.

5. Once it's been copied into the system folder reboot into normal mode.



Make absolutely sure there is a wininet.dll in the system folder before you reboot!


Regards,

Trevuren

[antiviral2005]

Trevuren...so I tried the instructions you gave me to rename the file in a DOS system. When I tried to rename the file, it wouldn't rename it and gave me the response "Duplicate file or file in use". I did a search and there is no file named wininet.old and the only files named wininet.dll are in my system folder and on my desktop. What should I do next?

[Trevuren]

We have been doing a lot of talking about your case in our forum.

We would like you to resubmit your file to Jotti for analysis.

1. Click HERE to get to Jotti's site.

2. At the top of the Jotti window, use the Browse button to locate the following file on your system:

c:\Windows\System\wininet.dll

3. Once you have located the file, click SUBMIT and the content of the file will be uploaded by the site and analysed.

4. Please provide me with the results of the analysis.

Regards,

Trevuren