Cant remove infected file


  1. Posts : 9
    Windows 7 Professional 32bit
       #1

    Cant remove infected file


    I used this forum to find that I had an issue with a driver that I had to remove but I couldn't do it manually or re-name to .old as it said 'can't read from the source file or disk'

    I was then given advice to use Malwarebytes to detect and remove the Malware from PC.

    Malwarebytes detects the infected file and comes up with the following report:

    Files Infected:
    c:\windows\system32\drivers\ymiqvflos.sys (Trojan.Bubnix) -> Quarantined and deleted successfully.

    The problem is that it tells you to re-boot to remove properly but the driver is still there when I restart and if you scan again it detects the same thing again. I have tried in safe and normal mode with the same result.

    Any advice on how to remove this would be appreciated.

    Thanks
      My Computer


  2. Posts : 670
    Windows 7 x64
       #2

    Try with Eset Online Scanner:

    http://www.eset.com/online-scanner
      My Computer


  3. Posts : 2,686
    Windows 8.1 Pro w/Media Center 64bit, Windows 7 HP 64bit
       #3

    Open Malwarebyte and under the tab "More Tools" run "FileASSASSIN"

    It might help to boot into Safe mode and run from there.

    Jim
      My Computer


  4. Posts : 1,036
    Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
       #4

    Please download the OTM.exe by OldTimer.

    * Save it to your Desktop.
    * Please double-click OTM.exe to run it.
    * Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :files
    c:\windows\system32\drivers\ymiqvflos.sys
    :commands
    [EMPTYTEMP]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [REBOOT]
    * Return to OTM.exe, right click in the "Paste Instructions for Items to be Moved" window (under the light yellow bar) and choose Paste.
    * Click the red Moveit! button.
    * A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    * Close OTM.exe


    If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
    Last edited by EzioAuditore; 23 Dec 2010 at 05:54.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:56.
Find Us