UNABLE TO DOWNLOAD UPDATES/RKILL/ANYTHING

Hi everyone, I have a nasty virus on my computer and whatever I do I can't get rid of it as my security bar has disappeared and I cannot download anything from Micsrosoft updates/Rkill/or any other anti virus type of program. At the very top of my IE screen there is a blue bar with the Microsoft E in the left hand side. I have no access to any other buttons that used to be there. Neither can I open Internet Properties from anywhere, including control panel. I have done a Norton scan , but all it found were W32.Ramnit!html types, but it couldn't delete or quarantine them. I have run MBAM and Spybot, but they found nothing.

Is there an anti virus program I could use if I got a friend to download it onto a CD?

Any help would be appreciated, thank you.

Hello and welcome. The reason for this and the touble in the other topics you have here is the Ramnit infection. I'm afraid I have very bad news.
You must wipe the drive and reinstall.

RAMNIT = VIRUT
Trojan SHeur3.AQRA (AVG)
TR/Spy.Gen (Avira)
Win32.Rmnet (Dr.Web)
Trojan-Spy (Ikarus)
Mal/SillyFDC-A (Sophos)
W32.Ramnit!html (Symantec)


Your system is infected with a Win32/Ramnit.A!dll, a file infector with IRCBot functionality which infects .exe, .dll and .HTML files and opens a back door that compromises your computer.

Ramnit.A!dll is a component injected into the default web browser by Worm:Win32/Ramnit.A which is dropped by a Win32/Ramnit.A infected executable file. Ramnit.A also infects .exe, and .HTML/HTM files, downloads more malicious files to your system, and opens a back door that compromises your computer. The infected .HTML or .HTM files may be detected as Virus:VBS/Ramnit.A

In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable. The longer Ramnit.A remains on a computer, the more files will become infected and corrupt so the degree of infection can vary.

Ramnit.A is commonly spread via a flash drive (usb, pen, thumb, jump) infection which is often contracted and spread by visiting remote, crack and keygen sites. These type of sites are infested with a smörgåsbord of malware and a major source of system infection.

In my opinion, Ramnit.A is not effectively disinfectable, so your best option is to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. In many cases the infected files cannot be deleted and anti-malware scanners cannot disinfect them properly. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

• When should I re-format? How should I reinstall?
• Where to draw the line? When to recommend a format and reinstall?

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Thanks - if this is the only way then I will have to do it. I have just bought a 1TB external hard drive - is it an easy procedure to transfer my files over and what do you recommend I transfer.

I have Itunes, other mp3 music, documents, email, banking etc so if this is transferrable onto the external disk then I will do it. Do you also have an "idiots guide" to help me in reformatting the disk??

Thanks very much for your help.

Caution: If you are considering backing up data and reformatting, keep in mind, with file infectors, there is always a chance of backed up data reinfecting your system. If the data is that important to you, then you can try to salvage some of it but there is no guarantee so be forewarned that you may have to start over again afterwards if reinfected by attempting to recover your data. Only back up your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), dynamic link library (*.dll), autorun (.ini) or script files (.php, .asp, and .html) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or adding to the existing extension as shown here so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.

If your CD/DVD drive is unusable, another word of caution if you are considering backing up to an external usb hard drive as your only alternative. External drives are more susceptible to infection and can become compromised in the process of backing up data. I'm not saying you should not try using such devices but I want to make you aware of all your options and associated risks so you can make an informed decision if its worth that risk.

• How and Where to backup your files in XP or Vista
• How to Backup and Restore in Windows 7
• How to use Ubuntu Live CD to Backup Files from your dead Windows Computer

Again, do not back up any files with the following file extensions: exe, .scr, .dll, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected.

If you're not sure how to reformat or need help with reformatting, please review:

• How to partition and format a hard disk in Windows XP
• Prepping for a Clean Install Windows XP

These links include specific step-by-step instructions with screenshots:

• XP Clean Install Interactive Setup
• Reformat and Install of Windows

Vista users can refer to these instructions:

• Windows Vista Clean Install
• How to Do a Clean Install and Setup with a Full Version of Vista
• How to Do a Clean Install with a Upgrade Version of Vista

Windows 7 users can refer to these instructions:

• How to Do a Clean Installation with Windows 7
• Windows 7 Clean Install Screens

Don't forget you will have to go to Microsoft Update and apply all Windows security patches after reformatting.

Note: If you're using an IBM, Sony, HP, Compaq, Toshiba, Gateway or Dell machine, you may not have an original XP CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore" that will reformat your hard drive, remove all data and restore the computer to the state it was in when you first purchased it. Also be sure to read Technology Advisory Recovery Media. If the recovery partition has become infected, you will need to contact the manufacturer, explain what happened and ask them to send full recovery disks to use instead. If you lost or misplaced your recover disks, again you can contact and advise the manufacturer. In many cases they will send replacements as part of their support..


If you need additional assistance with reformatting or partitioning, you can start a new topic in the Operating Systems Subforums forum.

Would a combofix sort this out before I wipe the drive and reinstall??

It sounds complicated !!!!!! I have backed my files onto an external hard drive and am ready to go for it, so any last words that could help are much appreciated. THANKS

Would a combofix sort this out before I wipe the drive and reinstall?

No. ComboFix is one of our best tools but it cannot perform miracles or repair file infectors.