View original (French)

Is giWebUpdater.exe infected?

Solved
Paul357 -  
 Anonymous user -
Hello,

Yesterday, while browsing the Program files folder on my C drive, I found a file named "giWebUpdater.exe" located at C:\Program Files\Guillemot\tools\

After some research online, this file apparently seems to be infected.

Not having found a solution to properly remove it from the computer (Avast does not detect it and neither does Antimalwarebytes), I am therefore reaching out to your expertise to guide me on the way to proceed.

Thank you for taking the time to read my message and I also appreciate your future responses.

7 answers

Answer 1 / 7
Anonymous user
 
Hello,

Upload this file to https://www.virustotal.com/gui/

-> http://www.security-helpzone.com/showthread.php?tid=121
--
♪♪ Saachaa ♫
CCM Contributor
1
Paul357
 
Thank you for your response, I just ran the scan and according to the database the file is not infected.

The "report":
File name: giWebUpdater.exe
Detection ratio: 0 / 40
Analysis date: 2012-05-04 13:10:29 UTC (0 minutes ago)
0
Paul357
 
However, since the file seems unknown to me, can I delete the folder named "Guillemot"?
0
Answer 2 / 7
Anonymous user
 
Apparently nothing serious.

Can you rename this file giWebUpdater.exe to bk_giWebUpdater.exe?
--
♪♪ Saachaa ♫
Contributor CCM
1
Paul357
 
Yes, I can rename this file to bk_giWebUpdater.exe.
0
Answer 3 / 7
Anonymous user
 
Okay great!

Can you check the control panel to see if the program is installed?

If it’s not, you can delete that folder Guillemot.
--
♪♪ Saachaa ♫
Contributor CCM
1
Paul357
 
It's good, the program is not installed, so I will be able to delete it.

Thank you for your help!
0
Answer 4 / 7
Anonymous user
 
You're welcome!

A little something before you leave, it might be useful for you in the future:

http://www.security-helpzone.com/showthread.php?tid=354
--
♪♪ Saachaa ♫
CCM Contributor
1
Paul357
 
Thank you for your tutorial, which is very well explained.
For my part, I just need to update Java, as I had already applied the other techniques on my computer! :)
0
Answer 5 / 7
Anonymous user
 
Indeed, we will check that it is not being used by renaming it.
--
♪♪ Saachaa ♫
CCM Contributor
0
Answer 6 / 7
Anonymous user
 
Once renamed, restart the PC and let me know if everything is normal.
--
♪♪ Saachaa ♫
CCM Contributor
0
Paul357
 
I just restarted my computer, and everything seems to be working fine.
0
Answer 7 / 7
Anonymous user
 
Very well ;-), feel free to browse the site!
--
♪♪ Saachaa ♫
CCM Contributor
0
Paul357
 
I won’t fail to do it!
Thanks again for your help and your practical tips!
And best of luck ;)
0
Anonymous user
 
Good continuation to you too :-), and let's not see each other again, okay!
0
Paul357
 
I also hope we won't see each other again. :)
0
Anonymous user
 
;-).
0