Jump to content

Ramnit trouble


Recommended Posts

Hi,

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Here is a guide on how to disable them:
    Click me
    If you can't disable them then just continue on.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.

Link to post
Share on other sites

Hi Gammo. I ran combofix. It successfully tackled a winlogon infection, but on reboot i had to activate my copy of windows. I clicked yes to do this and i got to a screen which said my copy was unauthorised and i had to enter my product key. Seeing as i bought the computer with XP pre-installed and not had serious virus trouble before i've never had cause to write it down from My Computer > Properties; that's assuming it's legit. Is there anyway around this?

I notice on booting up i now have the OP option of Microsoft recovery console, though it says not to choose this option cause of debugger enabled?

Link to post
Share on other sites

Hi Gammo. I ran combofix. It successfully tackled a winlogon infection, but on reboot i had to activate my copy of windows. I clicked yes to do this and i got to a screen which said my copy was unauthorised and i had to enter my product key. Seeing as i bought the computer with XP pre-installed and not had serious virus trouble before i've never had cause to write it down from My Computer > Properties; that's assuming it's legit. Is there anyway around this?

I notice on booting up i now have the OP option of Microsoft recovery console, though it says not to choose this option cause of debugger enabled?

Link to post
Share on other sites

Hi,

ComboFix installed the Recovery Console. You don't have to do anything with it, unless I tell you to do so. :)

Please run the MGA Diagnostic Tool and post the report it produces:

  1. Download MGADiag to your desktop.
  2. Double-click on MGADiag.exe to launch the program.
  3. Click Continue.
  4. Ensure that the Windows tab is selected. (It should be by default.)
  5. Click the Copy button to copy the MGA Diagnostic Report to the Windows clipboard.
  6. Paste the MGA Diagnostic Report into your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Please download WVCheck by Artellos from one of the mirrors below;



  • After the download, run WVCheck.exe
  • As indicated by the prompt, This program can take a while depending on your hard drive space.
  • Once the program is done, copy the contents of the notepad file as a reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.