Exterminate It! Antimalware

malpedia

Known threats:699,443 Last Update:August 10, 12:54

Testimonials

My computer worked insanely slow and I got all sorts of silly advertisement whenever I got onto the Internet. At a friend’s advice, I gave Exterminate-It a try and was glad that I did!

I scanned and kicked out all that adware that’d caused my PC to be so slow!

My PC is back to normal speed and I haven’t had trouble with unwanted ads ever since.

Keep up the good work!

Eric K.

File: FInstall.sys

Location of FInstall.sys and Associated Malware

Check whether FInstall.sys is present in the following locations:

FInstall.sys file locations that are Windows version independent:

  • C:\Windows\System32\FInstall.sys

If you find FInstall.sys file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The FInstall.sys file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of FInstall.sys File^

File SizeFile Md5Last Seen
625811B7F8C9B3646F569137235EE25CFDec 27, 2009
10531590C4D4D0CF2F1C68F32DA6663D5CJan 20, 2010
7B5FA1C08FB9B7D5A4136FB1DBD18AB93Jan 22, 2010
63BEB594A8FCAB08A296A84001C520224Jan 29, 2010
87063B925C80563A3EB94051278234CF1Mar 16, 2010
102EC763D233968A483FE70F79B288D408Mar 30, 2010
7AD921D60486366258809553A3DB49A4AApr 1, 2010
524C3154A14EA9186CD335DB8B505F36DApr 6, 2010
8C119F87660431A782F8C679DCF1FDF1DApr 7, 2010
451A8AD0CA9C275F31DB2D515F1C93E93Apr 21, 2010
99130365C26B36222D0B3C7EE5E509D2BApr 25, 2010
110365312262FAA2ECD60CBEA0321107A2Jun 28, 2010
825BDDA0471D09A52D993A8E2027AD500Jul 6, 2010
6B7D9ACCEEAFF8D2F2F261EBE2EAB65EAAug 5, 2010
5598CEAF6636CF133ECD762F6725D03ACAug 6, 2010
84F1442C115A489A72E46EB57A9B24816Sep 7, 2010
5AF53DFFFD713C995784CB3DBA760F71EOct 29, 2010
6A18A4DBD6E11F2931796580D592CA21ENov 17, 2010
69606F5D72B7ABFC20396E6532D8DC6D5Nov 22, 2010
99FFDF55E8080B06B9F767674A587A411Dec 5, 2010
101A4D1EB2966B86EA066BCECF7C6E2D9EJan 17, 2011
8DA7DF94B2B7AB85B414E10CECC81F758Apr 13, 2011
3EE09119D25B4F2E315C5F3AFC429AC85Apr 29, 2011
12A54083F92C049CE7FABBE3807D0E6E6BMay 31, 2011
3122F5826701B96DEF1F659CDA52797EEJul 2, 2011
64F8C94F7BE30363D6F12EAC251110C07Sep 21, 2011
98A6004164ADD6F6843ADCEF8E94A59D1Oct 28, 2011
1030CCE7BB2A13A9A3C1ED1157CAB54D1BDec 21, 2011
80307480EEC95B4BD45826A54064437D8Jan 9, 2012
685A474E05A26312ECA64E2342F7CD225Feb 16, 2012
86E4098F013BDBD11E303A81D39D654F0Jun 27, 2012
82EE6E8E480DA9AA14313E197EC62F470Jul 13, 2012
64CCC304421E57DA8A73FAA07E15AE601Aug 5, 2012
107CA0BEFB647FA09E698443BC4000B6FBMar 12, 2014
106B74DCC45118398BF4787D854118EB62Feb 19, 2015
5FB25AA9529E96C7DC83BAE00D1AFF73EMay 28, 2015

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove FInstall.sys^

  1. To enable deleting the FInstall.sys file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select FInstall.sys and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of FInstall.sys and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of FInstall.sys and Associated Malware.
  6. Notes:

    • The deletion of FInstall.sys will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of FInstall.sys will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a FInstall.sys malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type FInstall.sys. The name of the first found registry value referencing FInstall.sys is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to FInstall.sys, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of FInstall.sys and Associated Malware.