VBS:Ramnit.B on Windows 7 laptop

If none of the scans are finding any traces of Ramnit, then you are probably safe. But we would need you to do the following to check you system to be sure:
READ & RUN ME FIRST. Malware Removal Guide

 

Attach the eSet log if it shows anything.

 

If eSet came back clean, then most of the Ramnit infection is gone. But yes, do the rest of the instructions and we will check to see if any traces are still on your system. Take your time, I am about to log off, but will be back on tomorrow.

Have a happy holiday!!

 

Please attach the logs that you got:
SAS
MBAM
ComboFix
C:\MGLogs.zip

 

Very good, you don't have any traces of Ramnit on your system. Most of what MBAM found were infected restore points which we will take care of when you toggle system restore:

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
     
     
   
   
3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
   
   
10. After doing the above, you should work thru the below link:
    
    • How to Protect yourself from malware!
    
    

Help Support MajorGeeks
Buy Discounted Software @ Majorgeeks Store. Giveaways Too!

Majorgeeks Geek Wear. Hats, T-Shirts, Hoodies

MajorGeeks on FaceBook

 

What do you mean?

 

The logs do not reveal any info that would put you at risk. They do provide info that helps others with their situations. But unfortunately they can also be use by malware writers to try to bypass our cleaning methods. Plus they also will give anyone wanting to check a file the ability to find info on those files as far as whether they are legit or not.

 

By legit or not, I mean a web search might lead to this thread that shows the files that we needed to have removed.
In your case, it was mostly the fact that you were able to remove the infection by running eSet.

And you are most welcome!!