Another Ramnit Victim :(

After reading a few of the other threads about Ramnit with no success I'm giving up and turning to the big guns.

Im running
Windows 7 Ultimate 64bit.
Eset Smart Security 4
Firefox 3.6 (Sandboxed)

The story goes:

Found a random popup in the background of firefox with a women talking to me about something, wasnt listening and then a livejasmin.com popup behind that.
Then suddently nod32 popped up saying that a varient of win32.ramnit.b was messing with some .html files coming from firefox.exe.

So i terminated firefox n everything then Ran a quick malwarebytes scan which came up with nothing interesting on a quick scan. So ran CCleaner and tidied everything up (while running nod32 full system scan and windows defender scan in background)

Booted up firefox again and started browsing. then suddently nod started alerting me about more threads from random .exe/dlls/html files scattered throughout my PC.

Have Run MGTools, MalwareBytes, SuperAntiSpyware and CCleaner.

Still getting the nasty little poppu saying infected files. This all started from about 2pm Today (GMT) so only 2-3 Hours into the infection.

Hope we can catch it in time! coz a format is sort of..impossible at the moment. As was a Dell machine with vista on it. Then I purchased a Digital copy of w7 Upgrade (wont do fresh installs ) and this was what 7 was released so my w7 cdkey is for upgrade only. so id have to install vista again first(which came pre-installed) so cant install that from retail discs. yada yada yada, u get the point im sure?.

Hope we sort this out

Thank you.

PENDING ATTACHMENTS (SOME SCANS ARE STILL SCANNING! AS ITS SEARCHING 3TB OF DATA ON 4 PHYSICAL DISKS)

 

Cant edit my post? so this isnt a BUMP!

UAC is disabled but when MGTools says Complete your file is at c:\mglogs.zip the file doesnt exist.

EDIT: Manually zipped unkeys and runkeys

 

okay eset is running its online scanner now, ill update thread with full eset logs soon as.

below is the malwarebytes log, super anti spyware log and the previous post is the MGTools log, named MGtools.zip

 

Woops, I saved a log before fixing the errors, and after but i uploaded the before fix log. Ive uploaded the latest one.

another woops, i simply downloaded someone elses mglogs.zip to see what files it included, apparently theirs wasnt full.

Ive sorted the permissions out which wouldnt let mgtools create file inside c:\ and have attached it below.

eset is still scanning, even though its been on 99% for about 40 mins now.

Thankyou for your patience.

 

here is the 1st eset scan (although called eset2) took 6 hours!! wooo

2nd scan log coming once its completed (most likely tomorrow morning for me) ie 8 hours time.

 

morning

Right eset online finished and chucked the attached log out.

then ran mg tools again and attached a new version of that

thanks

 

nod32 keeps popping up saying Win32/Ramnit.B is in random files. but all scans show pretty clean apart from stuff i know about.