New
#21
Hey Jacee. i know things like combofix and smitfraudfix can remove it. Its actually Win32.Sasser Worm. A simple sasser removal tool can remove it too. I just want to test which antivirus removes it.Okay, uncheck it ...also look in task manager, All Users, and stop it if it's running.
Next download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3
These instructions are specifically meant for Dinesh. Do not try to use Combofix without 'proper' guidance
Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
- Double click combofix.exe and follow the prompts.
- When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.
After rebooting ensure your Security applications have been re-enabled.
In your next reply post:
ComboFix.txt
New HJT log taken after the above scan has run
***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix
Quote
