Jump to content

Infected with Win.32 ramnit


Recommended Posts

Hi,

Please note: ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert". It is NOT for unsupervised use. Please read Combofix's Disclaimer.

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Two programs to download

First

ISOBurner this will allow you to burn drweb.iso to a cd and make it bootable. Just install the program, from there on in it is fairly automatic. Instructions

Second

  • Download Dr.Web LiveCD and burn it to a CD using ISO Burner. NOTE: This file is 90Mb in size so it may take some time to download.
  • When downloaded, double click the file and this will then open ISOBurner to burn the file to a CD.
  • Reboot your system using the Dr.Web Live CD.
  • Note : If you do not know how to set your computer to boot from CD follow the steps here .
  • As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.
  • Use arrow keys to select to select DrWeb-LiveCD (Default) and press "Enter".
  • The operating system will detect all available disk drives automatically. It will also try to connect to the local network, if available.
  • When the system is loaded, click on the green circle button at the top and let it update.
  • After it is done updating, check the disks or folders you want to scan (which is all of them) and click the "Start" button.
  • Then select what drives (should be all) so we can disinfect all partitions.
  • After the scan is complete, and if the scan found stuff:
    • Click "Select All" and the click "Cure" NOTE: Make double sure to click CURE and NOT Delete!
    • Let Dr.Web RENAME the files that can't be cured.
    • After that, please reboot your PC.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please click here to download AVP Tool by Kaspersky.

  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the
    F8
    key until a menu appears.

    Use your up arrow key to highlight SafeMode then hit
    enter
    .


  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the Licence agreement and click on next
  • It will by default install it to your desktop folder.Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.


  • Hidden Startup Objects

  • System Memory

  • Disk Boot Sectors.

  • My Computer.

  • Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then chooose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.

Link to post
Share on other sites

eusa_hand.gif

@sebastien

Is this Windows 7 system the same one as in the topic I am helping you with http://forums.malwarebytes.org/index.php?showtopic=61069 titled urgent problem!! WinHttpQuerryData icon_question.gif

If yes, we must close this topic since you had asked for me to re-open the other topic !

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.