We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Can I get rid of RAMNIT virus on my pc


rachel99

Likes # 0

Hi. I seem to have picked up a virus called Ramnit on my WindowsXP pc. I googled it & asked a friend....My pc antivirus is normally pretty good, but each time I log on the Threat window comes on...it says.... Threat - Win32/Ramnit.L virus "Event occured on a new file created by the application" & The application always has"ciepjdbhopiqmvyd.exe" in it, & the file always has the same sequence of letters before the .sys bit. I did a search on my Start menu bit, & found a few PF files in Windows/Prefetch, & a few Applications in the C drive section too. These files & Apps all have the letter sequencethings like above.

Should I keep trying my antivirus & see what it does, Can I delete the files or applications? Any advice would be nice of you. Thank you x

Like this post
badhair1963

Likes # 0

This

1: http://kartolocyber.blogspot.com/2011/03/ramnit-virus-manual-remove-fixed.html might help.

(I hope that hyperlink works. If not, I'll post again.)

Like this post
badhair1963

Likes # 0

Well, that didn't work as expected, but at least you got the link. :)

Like this post
rachel99

Likes # 0

hi thanks for that link. I used it & went into my TaskManager section, but could not see any W32Ramnit processes?, then tried the WindowsStart button bit to find the W32Ramnit inthe HKEY area, but no joy there too. So no joy but thanks alot anyway

Like this post
buteman

Likes # 0

According to most of the forums out there.The best way to remove it is to do a reformat.

Not sure if this one actually removes it or not although it says it does.

http://www.bitdefender.com/VIRUS-1000644-en--Win32-Ramnit-G.html

You can get a free trial of it so maybe worth trying.

Like this post
rachel99

Likes # 0

thanks pretty scared about doing that reformat thing. as worried about mucking it up and spoiling things on my pc, but i know i need to do something.

Like this post
buteman

Likes # 0

Best maybe going to this forum which will be able to hep.

http://www.malwareremoval.com/forum/

You have to sign in and follow instructions and it may take a few days for them to get back to you as they are kept very busy.

If anyone can fix it they can.

Saturday and Sunday is usually a bit slow on here for help so maybe best thinking about the other forum who specialise on problems like this.

Maybe there are other security programs that can repair it now, so have a look see what others think when they come on here this morning.

Like this post
Secret-Squirrel

Likes # 0

Rachel, if your problem's relatively recent then an XP "System Restore" done in "Safe Mode" may help neutralise the infection. The restore won't affect any of your personal files. Here's what you need to do:

1) Shutdown your PC, restart it, and immediately start tapping the F8 key quickly till the boot options menu appears - it'll be a black screen with white writing. Using the arrow keys on your keyboard, select "Safe Mode" then hit the Enter key to confirm your selection. When XP loads, don't be concerned that the screen looks different with extra-large icons etc.

2) Once in, click your Start button -> All Programs -> Accessories -> System Tools -> System Restore. Tell the program you want to restore to an earlier date and pick any date on the calendar that's in bold that pre-dates this problem. Don't go further back than you need to. If the restore doesn't help or gives unexpected results then you can always go back in and undo that restore.

When the PC reboots, let us know if you're now free of those virus alerts. If you are then I'll give you extra instructions on how to check for any (inactive) virus files that may remain.

Like this post
rachel99

Likes # 0

Hi thanks alot buteman & secret squirrel for your advice. Both really nice of you. I'm going to try that SystemRestore thing first (and maybe message another forum as advised as backup for help maybe). So to Mr Squirell I need to ask somethings before I do the Restore if thats ok? : 1. A family member has a 2nd UserAccount on my pc. They have also started having the Threat popups. So I take it I can just go ahead & do the Restore anyway? 2. you said Shutdown & Restart it before F8 button lots. Do you mean use Restart(close&reopen) buttonfromwhen my pc is on - like it is now, OR, totally Shutdown with the whole thing tured off, then, turn pc back on by pressing main computer button? Oh & when I do that, I start pressing F8 button IMMEDIATELY (as in that very second??) Will I have to press F8 maybe 10 times 20? 50?? just so I have an idea? lol 3. The Threats started about 5 or 6 days ago. I know you said don't go back further than you have to. So to be safe, maybe go back 10 days?
4. And is going back to an earlier date like going back in time a few days & the pc will be hopefully like it was then. I think that's what you mean, ie before Ramnit thing happened. 5. You said if Restore doesn'y help, I go back in and Undo. Is that easy for me to do.

Thanks alot for advice Rachel x

Like this post
rachel99

Likes # 0

oh & I forgot to say, when I try and use my antivirus ESET, i click on the Indepth analysiss bit, and it doesn't any more do the next bit, where there's another window, and it shows you its whizzing through all the files and things. Maybe thats this ramnit thing doing that? Thanks again Rachel

Like this post
rachel99

Likes # 0

oh and when I click on my men to load, the little green and blue men start to spin round, then the window disapears off the screen, and it hasnt turned on :(

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Motorola Moto G2 release date, price and specs: Best budget smartphone gets upgrades

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

How to make an 'Apple iWatch' using an iPod nano and a 3D printer